| Wow, someone or some people keep emailing me the Win32:Swen virus. They
| must really have it bad. I'm getting it really frequently (at least once
| an hour). The thing is, Avast keeps popping up a message asking me if I
| want to delete the infected message from my inbox. Is there a way I can
| get Avast to just silently delete it without keep bothering me?
|
| Anyone else keep receiving the virus?
If you post to UseNet with your TRUE, not a munged, email address then you have invited the
swen Internet worm [aka; W32/Gibe-F] to visit you.
The Swen is news spelled backwards. The reason it is called this is because the Swen worm
harvests email addresses from UseNet News Groups. It has an engine that allows it to post
itself to UseNet News Groups and well as it has its own email engine. From the list of
email addresses that it has harvested, it will then email itself to those addresses.
W32/Swen@MM -
http://vil.nai.com/vil/content/v_100662.htm
W32.Swen.A@mm -
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]
There are several Internet worms that masquerade as patches from Microsoft. The most common
are; Swen, Dumaru, Gibe and Torvil. All AV companies and Microsoft are fully aware of this
problem.
All you can do is...
1. Keep your AV package up-to-date
2. Create email "rules" to auto-delete the offending messages
3. Petition your ISP to install AV software on their respective email servers.
4. Install *all* MS Critical Updates via the Windows Update web site.
5. Always munge your email address when posting to UseNet
6. If all else fails, Change your email address.
Any further questions, post in; alt.comp.virus or alt.comp.anti-virus