w32.swen.@amm!?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have a workstation running Windows XP SP1 / Office 2k Professional (all patches are up to date on this system) the user receives email through MS Outlook. My network is protected by Norton Antivirus Corp Ed. The user is infected by the W32.SWEN.@AMM virus my software quarantines the virus but doesn’t remove it from their system. The user receives hundreds of MS Corporation (Bogus) emails about lastest service pack updates. I went to Symantec.com and downloaded the removal tool for the virus, only it came back saying that the virus wasn’t found. I also went to McAfee and downloaded their removal tool but got the same results back. What other way can I remove this virus from the workstation. I was told that the SWEN virus corrupts the windows registry, need I look and repair the clients registry? Any help is appreciated. Thanks
Sin.,
Nick
 
The user is RECEIVING the virus and your system is
stopping it. Your user is on someone distribution list (ie
A spammer who did not protect his pc). It may take a while
but the e-mails should eventually stop when the e-mail
sender patches their pc with the latest virus updates.

Gregory
-----Original Message-----
I have a workstation running Windows XP SP1 / Office 2k
Click to expand...
Professional (all patches are up to date on this system)
the user receives email through MS Outlook. My network is
protected by Norton Antivirus Corp Ed. The user is
infected by the W32.SWEN.@AMM virus my software
quarantines the virus but doesnâ?Tt remove it from their
system. The user receives hundreds of MS Corporation
(Bogus) emails about lastest service pack updates. I went
to Symantec.com and downloaded the removal tool for the
virus, only it came back saying that the virus wasnâ?Tt
found. I also went to McAfee and downloaded their removal
tool but got the same results back. What other way can I
remove this virus from the workstation. I was told that
the SWEN virus corrupts the windows registry, need I look
and repair the clients registry? Any help is
appreciated. Thanks
 
The user receives hundreds of MS Corporation (Bogus) emails about lastest
service pack updates. I went to Symantec.com >and downloaded the removal
tool for the virus, only it came back saying that the virus wasn't found. I
also went to McAfee and >downloaded their removal tool but got the same
results back.

Your user is not infected, the computers sending the email to your user are
the infected ones. They just happen to get your user's email address and the
virus is trying to spread by sending it self out to all the email addresses
it can find.

If you are using Exchange you can download and set up this "tool" to drop
messages infected by Win32.Swen.A@mm virus.
Download, unzip and view the readme file.

I've used this and went from 6 to 7 hundred a day to maybe 5 or 6 a day.

hth
DDS W 2k MVP MCSE

Nick Fanelli said:
I have a workstation running Windows XP SP1 / Office 2k Professional (all
Click to expand...
patches are up to date on this system) the user receives email through MS
Outlook. My network is protected by Norton Antivirus Corp Ed. The user is
infected by the W32.SWEN.@AMM virus my software quarantines the virus but
doesn't remove it from their system. The user receives hundreds of MS
Corporation (Bogus) emails about lastest service pack updates. I went to
Symantec.com and downloaded the removal tool for the virus, only it came
back saying that the virus wasn't found. I also went to McAfee and
downloaded their removal tool but got the same results back. What other way
can I remove this virus from the workstation. I was told that the SWEN
virus corrupts the windows registry, need I look and repair the clients
registry? Any help is appreciated. Thanks
 
Easiest way is to tell'em they are better off changing their email address...

don
----------------



I have a workstation running Windows XP SP1 / Office 2k Professional (all patches are up to
date on this system) the user receives email through MS Outlook. My network is protected by
Norton Antivirus Corp Ed. The user is infected by the W32.SWEN.@AMM virus my software
quarantines the virus but doesn't remove it from their system. The user receives hundreds of
MS Corporation (Bogus) emails about lastest service pack updates. I went to Symantec.com and
downloaded the removal tool for the virus, only it came back saying that the virus wasn't
found. I also went to McAfee and downloaded their removal tool but got the same results back.
What other way can I remove this virus from the workstation. I was told that the SWEN virus
corrupts the windows registry, need I look and repair the clients registry? Any help is
appreciated. Thanks
Sin.,
Nick
 
Greetings --

The user's machine isn't infected with the worm. He's receiving
these emails because his email address is in the address book of
someone infected with a worm, and/or because he posted his real email
address somewhere on-line, either in a forum accessible to the public
and spambots, such as Usenet, or on an untrustworthy web site that
subsequently sold his address as part of a mailing list. One thing
you can do is notify _everyone_ with whom he's ever corresponded via
email that one or more of them may be infected with a mass emailing
worm, and should take the appropriate
steps.

In the meantime, you should be able to configure your email server
to scan all incoming emails, and delete the infected ones.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH


Nick Fanelli said:
I have a workstation running Windows XP SP1 / Office 2k Professional
Click to expand...
(all patches are up to date on this system) the user receives email
through MS Outlook. My network is protected by Norton Antivirus Corp
Ed. The user is infected by the W32.SWEN.@AMM virus my software
quarantines the virus but doesn't remove it from their system. The
user receives hundreds of MS Corporation (Bogus) emails about lastest
service pack updates. I went to Symantec.com and downloaded the
removal tool for the virus, only it came back saying that the virus
wasn't found. I also went to McAfee and downloaded their removal tool
but got the same results back. What other way can I remove this virus
from the workstation. I was told that the SWEN virus corrupts the
windows registry, need I look and repair the clients registry? Any
help is appreciated. Thanks
 
I have a workstation running Windows XP SP1 / Office 2k
Professional (all patches are up to date on this system) the
user receives email through MS Outlook. My network is
protected by Norton Antivirus Corp Ed. The user is infected
by the W32.SWEN.@AMM virus my software quarantines
the virus but doesn’t remove it from their system. The user
receives hundreds of MS Corporation (Bogus) emails about
lastest service pack updates. I went to Symantec.com and
downloaded the removal tool for the virus, only it came back
saying that the virus wasn’t found. I also went to McAfee
and downloaded their removal tool but got the same results
back. What other way can I remove this virus from the
workstation. I was told that the SWEN virus corrupts the
windows registry, need I look and repair the clients registry?
Any help is appreciated. Thanks
Click to expand...
Your user is not infected. NAV is doing its job by quarantining the
*incoming* emails. The Swen checkers are not finding anything because
the virus is not active on the system.

Basically securitywise you are OK.

You don't say *how* you receive mail. If you run your own server, you
might consider getting a mailscanner program to run on your incoming
mail to remove this stuff. If you receive it via an ISP mailbox, you
could see if your ISP has any scanning product.

Cheers,

Cliff
 
Back
Top