Virus Spreading "w32.swem@mm"

DO NOT UPDATE, OPEN OR INSTALL ANYTHING FROM WINDOWS RIGHT NOW OR FOR THE NEXT 24 HOURS AT LEAST THAT YOU DID NOT REQUEST.

Truthout is being attacked as is possibly other locations.

DO NOT OPEN OR INSTALL ANYTHING FROM MICROSOFT RIGHT NOW.

THE VIRUS WILL RE-WRITE YOUR REGISTRY

Microsoft does not send patches as attachments.
All those emails everyone is getting claiming to be from Microsoft that contain attachments purporting to be patches are viruses themselves.

Check.

virus updates downloaded, and currently performing a scan, cause I'm paranoid :)

... that might relate to your alarm. Could you provide some cite?

Is this what you're referring to? It's also here and characterized as a "Medium" threat to home users. It's an email-propagated virus, and is thus easily avoided by the ordinary precaution of never opening email attachments you're not absolutely certain about. I'm not confident it warrants unusual attention.

.

that it's easily avoided with a little common sense, but I got seven of them in an hour or so from people who apparently don't have that much sense and opened their "Microsoft" patches.

I have no problem with keeping the word out about these "patches" until everyone gets it.

and deleted the attachments.

Then I updated my AVG definitions, and then almost immediately got another spam with the same attachment, but AVG now caught the swem bug and isolated it. AVG just updated yesterday, and yet this is still a new one.

Damn, this is one hell of a fast game between the virus and anti-virus people. I've got a lot of respect for the AV people who are on top of this shit 24 hours a day.

I got 95 today. 95. Filled up my mailbox, got legitimate mail bounced.

Luckily I use Agent, so I'm safe unless I get stupid and actually open something.

they can trace these virus-spawners back to their hellholes...and SHOOT THEM imo....!
(but lotsa shooting down in langley then, i guess)

It had links to Microsoft all over it, but the sender address wasn't. It seemed kind of funny to me.

It looks like an official Microsoft e-mail that has their look and feel. It instructs you to load the attached .exe file. I'm sure this will be successful because it looks like an official Microsoft e-mail.

Microsoft does not send patches by e-mail....

:hi:

I just got home and turned on my computer and dialed in to my server. Norton Antivirus is on this one already as it began immediately downloading updates and I had just done this earlier today!

Thanks for the info. I never open attachments unless I know exactly what they are. Too risky!

:kick:

or a virus that somehow became a 'parasite' to the AV program that was sent to kill it and 'rode' the antivirus scanning program as it went through your entire computer, infectiing every single file in your computer. That'd suck.

I've gotten about 10 copies of this virus.

I know that Microsoft never sends patches via e-mail so I deleted it.

However, to a complete novice it looks authentic and many will be snookered in. This will likely cause some havoc.

If you actually get something from the microsoft.com website (NOT EMAIL!!!), it is safe.

I've had dozens of them in my home email.

I don't know if this fits in this thread but i thought i'd use this opportunity to warn people about this.
Yesterday i got an email that pretended to be from paypal asking me to verify my informations (i actually have a paypal account). The mail looked quite good with logo and everything. It provided a link wich looked like that: "http://www.paypal.com@212.254.32.32/verify".
While the scam was obvious at that point, i know that many people dont know that in an internet address that countains a @, everything before the @ doesnt count. If you ever get an email that countains a link that looks that way, don't even bother to click it, it's just trying to fool users into thinking it is legit.
Be safe

(edited: spelling)

Count me among the many people that didn't know.

thanks, Kemet :hi:

very scary. Wern't these virus attacks supposed to stop once all these damn kids went back to school?

Your search - w32.swem@mm - did not match any documents.

W32.Swen.A@mm

They have updates for it already and have listed it as a category 3 due to so many repsonses about it already.

I get more spam purporting to be from from Norton than any other protection company. I notice too that the "caught" kids usually were playing around with an anonymous virus made by someone else.

Yet the trust system presupposed by the general populace who want to get along with the surface world is incredibly murky complex and seemingly regulated if at all in the digital shadows and ivory towers. We get used to endless wars and the strange inability to head off viruses in a timely fashion.

The price of downloading civilization into cyberspace.

I got something labeled Microsoft this AM, but it was at an address I don't think they would have any reason to have. Had a 154K attachment too, very suspicious, so it got trashed forthwith. Thanks for confirming this.

Dirk

n/t

if everyone took that advice every time we told them to, eventually the virus writers would target us! It's kinda like not telling people how cool Canada is - that way it stays cool because all the fools don't migrate.

Windoze is inherently insecure.

For the amount of time spent today fucking around with viruses and patches in my office, we could afford to completely retool with Macs.

I've gotten almost nothing accomplished in terms of real work.

:)

i mean, i might as well look the part, right?

:)

Check the Symantec site and don't be so smug about using a Mac.

I'll live with the viruses, thanks. :eyes:

about these viruses. They could be filtered out before they ever get to you. My ISP does it, so there's no reason others can't. I use bellsouth. I believe they tightened up their filters several months ago and I haven't had an e-mail virus since. I don't get spam either.

I downloaded it this morning.

Windows... blech.

I still got 88 copies of this infested email yesterday and when I checked my email this morning I had 147 more copies in my inbox overnight. Granted, the worm won't infect a Mac, but it still bogs down incoming email on a dial up line regardless of what system you use.

It infects Outlook or Outlook Express on whatever system you're using--even Macs. Microsoft products are like virus magnets.

I've gotten two in the last two minutes and they don't fit the description of the links below.

Mine are from

• Net Message Delivery service subject Bug Message
  
• Microsoft Security Assistance
  
• net delivery system Subject Bug Message
  
• Microsoft Technical Bulletin subject Newest Net Critical Update
  

Received: from a34-mta01.direcway.com (actually a34-mta01.direcpc.com)
Date-warning: Date header was inserted by a34-mta01.direcway.com
From: Microsoft Security Assistance <mogtbgql@newsletters.com>
To: <customer.txiuoejdgo@newsletters.com>