Solved

getting win32.Swen.A@mm attached emails..

Posted on 2003-10-26
6
171 Views
Last Modified: 2013-12-04
I've been getting worm(w32.Swen.A@mm)attached spam mails for the past 4days.
Some of them look like updates from Microsoft and most of them are returned
email using Inet, qmail that I never sent.
My Norton has caught and deleted them everytime it scans incoming emails and I fully scanned my system last night, but no infection.
I am not sure if the worm is already in my system and cloning itself internally or they are from somebody else?

Another strange thing that has happened is my computer turned off itself and
restarted again when the cable modem lost all signals and got back on.
Actually my cable modem has been activated my computer for a long time.  I
cannot shut my machine down without disconnecting the modem.  

Could  you tell me what my computer is doing?
Thanks.
0
Comment
Question by:jryoch
  • 2
6 Comments
 
LVL 49

Expert Comment

by:sunray_2003
ID: 9623955
Jryoch,

Go to this link and do all the removal instructions

http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html

Sunray
0
 
LVL 49

Accepted Solution

by:
sunray_2003 earned 43 total points
ID: 9624410
Also check for MS blaster worm cos it affects the system whenever you connect to internet

It results in the automatic shutdown of the system

http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

Sunray
0
 
LVL 11

Assisted Solution

by:ghana
ghana earned 41 total points
ID: 9625141
> I am not sure if the worm is already in my system and cloning itself internally or they are from somebody else?
Your AV software reported that your computer is clean and most emails were returned as undeliverable: The worm has not infected your computer until now. Some other computer was infected were your mail address was stored. The worm has selected your mail address (it spoofes the sender) on this computer to send out itself - and now all the mails that were sent to invalid mail addresses do return to your mail account.

About the restarting of your computer: If your operating system is Windows XP / Server 2003 then it might be a symptom of Blaster attacks (or its variants) against your computer (as mentioned above). But only while your computer is connected to the internet. You should install the latest RPC patch (http://www.microsoft.com/technet/security/bulletin/MS03-039.asp) to prevent this vulnerability being exploited. But restarting the computer when cable modem connection is established is not a symptom for this kind of virus. This sounds like a driver problem. I would try to install the latest version for your cable modem.
0
 
LVL 8

Assisted Solution

by:nader alkahtani
nader alkahtani earned 41 total points
ID: 9629563
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Assess if java script has insecure coding issue 1 145
Windows Master Password 11 62
Design of sending events/logs to SIEM/Arcsight 2 407
Risks of using Camtasia Studio 9 137
As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question