I still stick by the statement that it is highly unlikely your email infected her.
We know the attachment didn't infect her since she didn't open it. It is possible that the email itself contained an exploit that could have done something if your friend is reading email in html instead of plain text. But if I understand correctly, she would have to have clicked on an infected link, just opening the email wouldn't do it.
Check McAfee's entire description of Downloader-YH:
Downloaders are not viruses, and as such do not themselves contain any method to replicate. However they may themselves be downloaded by other viruses and/or Trojans to be installed on the user's system.
Many of these additionally are mass spammed by the author to entice people into double-clicking on them.
Alternatively they may be installed by visiting a malicious web page (either by clicking on a link, or by the website hosting a scripted exploit which installs the Downloader onto the user's system with no user interaction.
If you wrote the email yourself (i.e., it wasn't forwarded from another source), and it had no infected links, then what you sent isn't to blame for any of her infections--she already had enough of those from an unprotected and unpatched OS/IE.
What may have happened, and this is just a guess, is the email you sent used up the last bit of available disk space.
I'm wondering what you did to clean up your own system--whether or not it was a false positive and which file/s you may have deleted. That is a pretty nasty trojan, and, even tho trojans don't spread themselves in the same way a virus does, this one is root kit based and there may be some other files you need to get rid of. And I'm curious how you got Norton to "see" it.
If you want to get a check up to make sure you are clean, I would strongly suggest you let us look at a HijackThis Log.
Edited by Papakid, 14 May 2005 - 03:26 PM.