What a day.. in fact, what a couple of days I’m having. I took yesterday off (Tuesday) to get lots of reviews done – I’m in the middle of an o2 XDA Exec, Orange SPV M5000, o2 XDA SP and Orange SPV C600 reviews – so getting some time to do these is critical. Yesterday started off well, however I did something unbelievably stupid – and on a day which saw the explosion of one of the biggest viruses this year.
Whilst reading through my emails Emily said, “What are all those ones?” She pointed to a big blob of emails saying…
“Your IP was logged”
“We have logged your IP-address on more than 30 illegal websites”.
Ah – but I know that this is just rubbish, so I put on my “know-all” hat and said…
“Pah, they’re just viruses. There’s no way I can get infected because I’ve got Norton Anti Virus, which’ll kill it with the real-time protection thing”.
… Well, I thought it would. Unfortunately when I clicked on it to “prove the theory” and show just how important a virus-checker is it actually opened, ran, displayed it’s fake “error” message, and then start sending emails out all over the place. DOAH! Symantec never uttered a word – the email got through the check, I un-zipped it and ran the executable. Norton was up-to-date (with LiveUpdate) and it completely missed it. Norton later named the strain of virus I had as “Sober.Y”, however I believe it was a version of the virus that wasn’t detected. Either way, Norton was now happily scanning all the outgoing mail that the virus was sending from my PC…. well, it was until the virus disabled “Real Time Protection”. Doah!
Norton detected the damage and advised that I re-install, so up I went into the loft to dig out the Norton Antivirus 2004 box. Eventually I found it, un-installed the Norton product, re-enabled Windows Firewall (that the virus had turned off) and re-installed Norton. However, again it said, “Your product is damaged, you must re-install. Product failure”.
I decided a different route and downloaded a removal tool. However, this removal tool was detected by the virus, which then showed a fake, “No viruses found” message. DOAH! However, after downloaded Liveupdate manually from the Symantec site it proudly claimed that I had the “[email protected]” virus… oh, and guess what – it couldn’t kill it. In fact, if you look at the Security Response site at Symantec.com you’ll see that they’ve only today come up with a protection for it. DOAH!
After several more hours, a full system scan over night and yet more scanning it finally cleaned itself. However, as I’m near the end of my Symantec AntiVirus subscription I decided it’s time to give F-Secure a try, who have at least classed the virus I had as the largest email worm outbreak of the year – so far!
In the end I did absolutely nothing yesterday apart from fighting viruses.
Oh, and to add insult to injury the CoolSmartPhone server failed to come back after a reboot this morning, so we were down for around 20 minutes. BUGGER!
Picture right from Darryn – b3ta.com