What Happens When You Open an Email Containing Malware

It’s a shame that people like this can’t channel their skills into something worthwhile, instead of screwing up other people’s PC’s.

A friend called me on Saturday morning because his PC had caught a Virus. Could I help him sort it out, he wanted to know.

The steps we went through

We met up just after lunch and I switched on his PC to be met by a typical warning sign in big red letters, telling me that his PC was infected and we had to download a specialist anti-spyware application.

No surprise there.

Then one of those Windows nag balloons opened up at the bottom right of his screen. It told me that Windows had discovered the PC was infected with the Worm.Win32.Netsky virus and it was going to download and install the latest anti-spyware application to clean it.

It was very well done, that one. Made me read it a second time. But, of course, Windows doesn’t have its own anti-spyware application.

Then a warning popped up telling me that the Windows Firewall had been disabled. That was a genuine warning – it had been.

So I tried to switch it back on and got a message telling me the application had been infected and, therefore, disabled.

It got worse. I tried to access the Internet so I could install Malwarebytes – no luck. All network connections had been disabled.

So I ran a full scan of his PC with his antivirus application. It ran at roughly half the speed it normally does and found nothing.

Next I decided to grab the Malwarebytes set-up file off my PC and install it on Robert’s PC from a USB Memory stick.

No luck there, either. A message popped up telling me I had to format the disk (which was rubbish because I’d been using it for months) and, when I tried to format it, I got the application disabled message again.

My next thought was to get Malwarebytes onto his PC via Bluetooth – no luck there either.

So I went online with my PC and looked up the Worm.Win32.Netsky virus and pulled up an article on how to remove it manually.

Only to discover that there were no relevant files on Robert’s PC.

It wasn’t Worm.Win32.Netsky at all, the hacker had sent us on a wild goose chase.

So the only thing left was to get the data off the PC, reformat the disk and reinstall Windows. A pain in the butt but it worked.

As much as I hate these people (and I do), I have to respect the thoroughness of the job they did. But what a shame they couldn’t channel their skills into something worthwhile.

Lessons Learned

In case you’re interested, Robert’s PC was infected by one of those UPS delivery status emails that have been floating around for a while.

He’d recently ordered some stuff from the UK and was expecting delivery, so when he saw the UPS email he opened it.

And got zapped.

Moral of the story:

  1. Install one of the top Internet Security applications (not just anti-virus)
  2. Install Malwarebytes (that’s a brilliant application for cleaning out malware)
  3. If you’re going to open an email from someone you’ve not corresponded with before, check the email headers
  4. Make sure the ‘From’ and ‘Reply to’ email addresses look genuine when compared with the ‘From’ display name

Stay safe!

Martin Malden

Martin Malden
Owner – WealthyDragon

Website owner: Martin has been working online since 2006 and focuses on two areas: 1) affiliate marketing and 2) designing and building websites based on WordPress. He has his own WordPress agency, and serves clients in Hong Kong, Australia and the UK.

What do you think?

Comments on this entry are closed.

  • Karin H Jan 21, 2010 @ 19:28

    Hi Martin

    I had to think of this article yesterday when our (and others on the same server) main website was hacked!
    Whatever possesses someone to
    a) waste his/her own time doing this
    b) waste time of our web-wizard trying his utmost best to get the back-up restored asap
    c) waste opportunities for us (and others who were effected) to gain prospects etc?

    Can’t see the joy in that. What’t theri reward? A big sheer from his/her fellow-hackers: you’re so great, so knowledgeable to disrupt all these websites.
    (Can think of more profitable ways to use his/her knowledge, but then I’m just a simple business person, not a hacker)

    (Rant over)

    Karin H (Keep It Simple Sweetheart, specially in business)

    • Martin Jan 21, 2010 @ 21:14

      Hi Karin,

      Rant away! I’m with you 1 million percent.

      Destroying people’s business (and, therefore, livelihoods) is not something to be proud of. At all.

      Sorry to hear you got hacked but I hope you were able to get back up and running quickly.

      Come back even stronger and better than before!



  • Keith Davis Jan 22, 2010 @ 3:39

    Hi Martin
    Took a look at Malwarebytes and noticed that there are free and paid versions.
    Would it be worthwhile using the free version, or is it too limited?
    .-= Keith Davis´s last blog ..Ooh la la… =-.

    • Martin Jan 22, 2010 @ 6:44

      Keith hi,

      The free version is what I use.

      But bear in mind that it’s only part of my protection. I have AVG Internet Security as my primary protection and that’s constantly monitoring everything, has scheduled scans and updates etc.

      Then I also use Cleanup! and Malwarebytes.

      Under normal circumstances I run these two once a week as part of my weekly PC maintenance, but if anything unusual happens (meaning if AVG spots something) I sort it out and then do an additional Malwarebytes scan.



  • Keith Davis Jan 23, 2010 @ 1:28

    Thanks Martin
    I use Norton as my main internet security but I’ll add Malwarebytes as an extra.
    .-= Keith Davis´s last blog ..Ooh la la… =-.

    • Martin Jan 23, 2010 @ 9:26

      You’re welcome – good combination 🙂



  • Kwin Jan 26, 2010 @ 19:01

    Thank you Martin for this. It’s too bad that we have to be on the defense everywhere we go. I have AVG the free version but did not know you can have another program. A small checklist of things to do weekly for pc health and security would be appreciated.


    • Martin Jan 27, 2010 @ 7:07

      Hi Kwin,

      Here’s my daily/weekly routine:

      • After each session, before closing my browser, I run TuneUp utilities to keep my registry optimised
      • Every evening at 11:00 pm my AVG scheduled scan runs and then automaitcally closes down the PC when it’s finished
      • Every Saturday morning I run CleanUp! and Malware Bytes and do a full check with TuneUp Utilities

      That’s about it really. AVG Internet Security, TuneUp Utilities, MalwareBytes and Cleanup! are the 4 applications I use to keep everything humming along nicely 🙂