getting win32.Swen.A@mm attached emails..

I've been getting worm(w32.Swen.A@mm)attached spam mails for the past 4days.
Some of them look like updates from Microsoft and most of them are returned
email using Inet, qmail that I never sent.
My Norton has caught and deleted them everytime it scans incoming emails and I fully scanned my system last night, but no infection.
I am not sure if the worm is already in my system and cloning itself internally or they are from somebody else?

Another strange thing that has happened is my computer turned off itself and
restarted again when the cable modem lost all signals and got back on.
Actually my cable modem has been activated my computer for a long time.  I
cannot shut my machine down without disconnecting the modem.  

Could  you tell me what my computer is doing?
Thanks.
jryochAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sunray_2003Commented:
Jryoch,

Go to this link and do all the removal instructions

http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html

Sunray
0
sunray_2003Commented:
Also check for MS blaster worm cos it affects the system whenever you connect to internet

It results in the automatic shutdown of the system

http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

Sunray
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ghanaCommented:
> I am not sure if the worm is already in my system and cloning itself internally or they are from somebody else?
Your AV software reported that your computer is clean and most emails were returned as undeliverable: The worm has not infected your computer until now. Some other computer was infected were your mail address was stored. The worm has selected your mail address (it spoofes the sender) on this computer to send out itself - and now all the mails that were sent to invalid mail addresses do return to your mail account.

About the restarting of your computer: If your operating system is Windows XP / Server 2003 then it might be a symptom of Blaster attacks (or its variants) against your computer (as mentioned above). But only while your computer is connected to the internet. You should install the latest RPC patch (http://www.microsoft.com/technet/security/bulletin/MS03-039.asp) to prevent this vulnerability being exploited. But restarting the computer when cable modem connection is established is not a symptom for this kind of virus. This sounds like a driver problem. I would try to install the latest version for your cable modem.
0
nader alkahtaniNetwork EngineerCommented:
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.