Solved

getting win32.Swen.A@mm attached emails..

Posted on 2003-10-26
6
163 Views
Last Modified: 2013-12-04
I've been getting worm(w32.Swen.A@mm)attached spam mails for the past 4days.
Some of them look like updates from Microsoft and most of them are returned
email using Inet, qmail that I never sent.
My Norton has caught and deleted them everytime it scans incoming emails and I fully scanned my system last night, but no infection.
I am not sure if the worm is already in my system and cloning itself internally or they are from somebody else?

Another strange thing that has happened is my computer turned off itself and
restarted again when the cable modem lost all signals and got back on.
Actually my cable modem has been activated my computer for a long time.  I
cannot shut my machine down without disconnecting the modem.  

Could  you tell me what my computer is doing?
Thanks.
0
Comment
Question by:jryoch
  • 2
6 Comments
 
LVL 49

Expert Comment

by:sunray_2003
ID: 9623955
Jryoch,

Go to this link and do all the removal instructions

http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html

Sunray
0
 
LVL 49

Accepted Solution

by:
sunray_2003 earned 43 total points
ID: 9624410
Also check for MS blaster worm cos it affects the system whenever you connect to internet

It results in the automatic shutdown of the system

http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

Sunray
0
 
LVL 11

Assisted Solution

by:ghana
ghana earned 41 total points
ID: 9625141
> I am not sure if the worm is already in my system and cloning itself internally or they are from somebody else?
Your AV software reported that your computer is clean and most emails were returned as undeliverable: The worm has not infected your computer until now. Some other computer was infected were your mail address was stored. The worm has selected your mail address (it spoofes the sender) on this computer to send out itself - and now all the mails that were sent to invalid mail addresses do return to your mail account.

About the restarting of your computer: If your operating system is Windows XP / Server 2003 then it might be a symptom of Blaster attacks (or its variants) against your computer (as mentioned above). But only while your computer is connected to the internet. You should install the latest RPC patch (http://www.microsoft.com/technet/security/bulletin/MS03-039.asp) to prevent this vulnerability being exploited. But restarting the computer when cable modem connection is established is not a symptom for this kind of virus. This sounds like a driver problem. I would try to install the latest version for your cable modem.
0
 
LVL 8

Assisted Solution

by:nader alkahtani
nader alkahtani earned 41 total points
ID: 9629563
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now