W32.Swen

  • Thread starter Thread starter Fred Hoffman
  • Start date Start date
F

Fred Hoffman

After posting a query about the effects of what I now
know to be a Swen worm, I scanned my computer on the
Symantec website finding no viruses, upograded my
antivirus program from NAV 2002 to 2003 yesterday,
updated the virus definitions and scanned the computer
using the Norton program, again finding all clear. The
Windows Update site indicates no critical patches are
available for my machine.
My computer behaves normally except that my inbox
continues to be deluged by messages purporting to be MS
security patches or notices that e-mail messages I never
sent have been found to be undeliverable by various
ISPs. Is it safe to assume that my machine is clean and
that the messages are generated externally or could my
machine be infected by a worm that is generating these
undeliverable messages? Is there any way I can tell
which is which?
 
Fred;
Yes, you have done more than enough to be reasonably sure.
Upgrading 2002 to 2003 was not really necessary.
There is little you can do to stop the infected computers from sending
you and others these Emails as well as the undeliverables.

Microsoft NEVER sends Email with attachments.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp
NEVER open a unexpected attachment.
Verify with sender before opening an attachment.

To protect the safety and security of your computer:
Install or enable a firewall IMMEDIATELY, before connecting to the
internet:
http://support.microsoft.com/?kbid=283673

Install ALL Critical Updates IMMEDIATELY.
Start/All Programs/Windows Update

Install an antivirus application
Update it weekly
Run it at least weekly

Also see:
http://www.microsoft.com/security/protect/default.asp
http://www.microsoft.com/security/home/
http://www.microsoft.com/technet/tr...l=/technet/columns/security/5min/5min-105.asp
http://www.microsoft.com/security/articles/spam.asp
 
Jupiter,
Thanks for the reassurance. The upgrade was the cheapest
way to renew my subscription to Symantec's LiveUpdate.
 
Greetings --

You're receiving these emails because your email address is in
the address book of someone infected with a worm, and/or because you
posted your real email address somewhere on-line, either in a forum
accessible to the public and spambots, such as Usenet, or on an
untrustworthy web site that subsequently sold your address as part of
a mailing list. One thing you can do is notify _everyone_ with whom
you've ever corresponded via email that one or more of them may be
infected with a mass emailing worm, and should take the appropriate
steps.

There's probably no way of blocking all of the bogus messages, but
you can greatly reduce the number you get by creating a rule, based
upon the most commonly used subject lines, to delete the emails from
the server without ever downloading them.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
Back
Top