Saturday, 2 July 2005

Help! I’ve been infected!

Today, the cheeks of all those nasty spotty adolescents who take pleasure in creating viruses in order to drive us nuts will be smarting.

Last night, I switched on my PC, logged on to the Net and prepared to read the millions of emails that invariably drop into my Inbox. One of those emails attracted my attention. It read, “Dear user, your account has been used to send a large amount of unsolicited e-mail messages during the recent week. We suspect that your computer was compromised and now runs a trojan proxy server. We recommend you to follow instruction in order to keep your computer safe. Best regards, your ISP technical support team.”

There had been an attachment, but it had been removed, presumably by my antivirus software. I panicked a little because I’ve had viruses and Trojan horses before and they’re pests to eradicate, then logged on to the Symantec site to see if they mentioned some new Trojan. Yep, there was one that sent emails all over the place. Drat! Still, it had to be dealt with. I updated my antivirus definitions and started a full scan. And waited. And waited. And, lo and behold!, there was a file infected by a Trojan, but Norton didn’t tell me whether it was that particular one. Assuming that it was, I deleted the file, then got ready to edit the registry (I am totally fearless when it comes to computers, LOL!). But I couldn’t find any of the files Norton said the Trojan would have put in it.

So, what happened was this: the email was a vicious spoof. A double bluff. If I’d opened the attachment that came with this solicitous email warning me I had a Trojan , I would then have got it. The attachment was the trigger.

The infected file, by the way, was whatever got through when I received the email itself, and not very dangerous on its own. There was a note on my ISP’s site mentioning these spoof emails and saying they never send emails with attachments (which is how it should be, since everyone is warned against opening them). On the one hand, I wish I’d seen the note before wasting all that time and effort; on the other hand, had I chucked out the email and done nothing I wouldn’t have found the one file that needed to be removed.

Make sure your antivirus and firewall are up-to-date.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.