[OT] Swen virus, masquerades as Microsoft Upgrade (no politics, no cross-posting)

The e-mail address which I am using to post in this group has been steadily bombarded with viruses for the past 2 months and this trend does not appear to go down. Since I use almost exclusively this address to post here, I figure that the virus is harvesting addresses from this newsgroup.

This particular virus (or "mail worm") masquerades itself either:

- as a official looking Microsoft upgrade or

- as bounced mail or

- as a message describing a problem about storage systems.

It contains an attachement which does the following:

- search for e-mail addresses in outlook (hence will harvest addresses from newsgroups you read like this one)

- infects various critical files on your machine

- sends itself as mail to the addresses it found.

To me this virus is only a mild annoyance, since it will not execute on my computer, but I realise that if I receive 1 to 2 megabytes of virus messages a day, lots of people must be infected. Recent virus scanners will detect it and, in addition, outlook should be configured to not blindly execute mail attachments to avoid re-infections. Thank you in advance.

It seems to have started in Europe about mid September. At the height of it I was getting 4mb an hour and I was not getting the worst of it. It obviously harvested this NG, the amount of junk you got seemed to be related to the number of times you had posted in the last few weeks.

If you look at what it does, it runs through just about all of the various simple ways to really make a miserable mess of things. I suspect that some jerk with an always on broadband connection is spewing this out without any knowledge that his machine has been compromised.

I had to change my e-mail address to make it useable. And of course, the reply to on this one is phoney. I don't even trust using the "remove 'whatever'" trick to disguise the address.

Bummer.

jerry_tig2003 wrote: