Virus Alert

– Posted in: About this site, Miscellaneous

Today I was infected with a virus called W32.Netsky.P@mm!enc. It arrived via an email sent to the address I have for this website. I download mail from that address with Thunderbird. As soon as the email was downloaded, Norton’s notified me that I had this virus. I hadn’t opened an attachment or even clicked on the email to read it. More disturbingly, Norton’s told me it couldn’t get rid of the virus because it wasn’t allowed access to the file! Eventually, by reading here and here, I discovered that I needed to close Thunderbird and disable Windows System Restore before Norton’s could eliminate the virus. Since this is technically a worm, which hunts for email addresses on the infected computer and mails itself to them, I may have inadvertently infected some of you. The email won’t appear to have come from my computer, however. It will look like one of the examples in item 12 on this page. I was able to clean out the virus within an hour or so of being infected, but it took me a while to find out what I needed to do. Nothing like Norton’s telling you it can’t get rid of a virus that it knows you have! I had 8 instances of the virus to clean out by the time I figured out what to do. This MIME-encoded version of the worm has only been in Norton’s database since May 5, 2005, so if your virus software doesn’t automatically update itself, you may be harboring this worm yourself. Hmmm, maybe I got it from you! Sorry to be the bearer of bad news, but forewarned is forearmed.

About the Author

Kathy Purdy is a colchicum evangelist, converting unsuspecting gardeners into colchicophiles. She would be delighted to speak to your group about colchicums or other gardening topics. Kathy’s been writing since 4th grade, gardening since high school, and blogging since 2002.

When dealing with frost it is always best to be paranoid. In the spring never think it is too late for one more frost to come. And in the fall never think it too early.

~Rundy in Frost

Comments on this entry are closed.

Rob May 16, 2005, 9:53 am

I’m not sure that having an infected email in your inbox means that your computer is “infected” and actively propigating. maybe your inbox was infected but not your whole computer. If you never clicked on it or opened the attachment, i dont think you were really infected. Disabling System restore is just so that whatever fixes it makes dont get reinstated at somepoint in the future.

jenn May 11, 2005, 10:47 am

Thanks for the heads-up.

I have Norton on auto-update, so hopefully it wasn’t me. I’ll run a scan tonight and double-check.

Nasty way to start a day.
Sorry that you got zapped.