Somehow for the last few days I saw this funny icon in my taskbar that looked like a small computer and when I took my mouse over it, it read "Update please wait". The computer was acting funny and there were few other problems too.
1. Norton Antivirus would not start with Windows even though it was configured like that.
2. My "commmon tasks" were not being displayed in explorer/folders.
Then suddenly I got curious about this "Update please wait" thingy and googled it. Off the few top entries, one of them pointed here. I followed the steps mentioned there to realize that I was infected with W32/Nyxem-D. Some more clicks on the web made me sure that it was indeed a worm.
I was infected by a malware after about two years and I was very angry. Somehow I was also very happy to see a real problem on my computer. I had to spend about an hour doing it all by myself and I was able to get rid of it.
And when I tried to find the reasons for the infection, I found that I was infected because of my open share. I had created that open share to help me copy files quick over the network. Further analysis revealed that it "offers the promise of pornography". I am sure I have never copied anything remotely resembling porn on my laptop.
Removal Instructions and Automated Tool
Apart from making money, the antivirus companies do sometimes act as good samaritans also and Symantec has created an automated tool to remove the worm. They identify this worm as W32.Blackmal.E@mm and the removal tool is located here. I certainly enjoyed working though the registry and restarting the computer 5 times to remove it. Tool was not that much fun.
I think I have been attacked by a virus after about a couple of years and it was huge fun to work on it :D
No comments:
Post a Comment