Swen post's

P

Pam

Is there anyway for someone to remove these Swen post's before someone
executes the attachments? I have accidentally read some of them, but 'did
not' open the attachments, and now they are on my HD. I've been told that
they are harmless as long as I do nothing with them i.e. open, save, copy,
forward etc. Is this advice correct, even though I trust the source of this
info? The fact that they are on my HD annoys me, even if they are harmless.

Everyone should know that if you read these post's and don't execute the
attachments they will go to your HD into .dbx storage files. If you do a
scan at RAV they will show up as infected files, which is disconcerting to
say the least, even if they are harmless... Since I didn't know this was
how it worked, I thought I somehow contracted the worm "without" opening the
attachment.

Any help is greatly appreciated,

Pam
 
P

Paul Ballou

There are a number of post similar to the post you speak of just ignore
these posts. You need to find the files and remove them. They can't do
anything as long as they are not executable but don't take any chances get
the files removed.
 
P

Pam

Hi Paul: Could you tell me an easy way to remove these files? I tried
following someone else's suggestion to remove but the files are still in Win
Ex. This is what I tried: Highlight message/delete/clean up now, then
defrag. Below is the location of the files I'm referring to:

C:\Documents and Settings\Default\Application
Data\Identities\{03FA7420-3FCC-11D3-A1EB-AF89CC02843C}\Microsoft\Outlook
Express\microsoft.public.officeupdate.dbx->Message.303: ("Earl Hunter"
[Look at this update])->(part0004:q657375.exe) - Win32/Swen.A@mm -> Infected



C:\Documents and Settings\Default\Application
Data\Identities\{03FA7420-3FCC-11D3-A1EB-AF89CC02843C}\Microsoft\Outlook
Express\microsoft.public.security.baseline_analyzer.dbx->Message.289:
("Mantas Sinkevicius" [Check out this corrective pack from the Mic... -
Win32/Swen.A@mm -> Infected



C:\Documents and Settings\Default\Application
Data\Identities\{03FA7420-3FCC-11D3-A1EB-AF89CC02843C}\Microsoft\Outlook
Express\microsoft.public.windows.inetexplorer.ie6_outlookexpress
(1).dbx->Message.1061: ("Ham" [Viruses and Worms in e-mails sent to
me.... - HTML/IFrame_Exploit* -> Infected



Is this last file actually a virus or something else? I thought that an
IFrame Exploit was a vulnerability, and not a virus.





Thanks for any other ideas in removing these...



Pam
 
P

Paul Ballou

Hi Pam,
Your virus scanner should be able to scan the files then give you
options for removal. I think that what you may be seeing is the download
headers for the messages so try this in OE click Tools | Options |
Maintenance Tab | Clean Up Now | Delete. That last file may be a hidden
virus within the file.
 
P

Pam

Hi Paul: Thanks for the info. that finally worked in
getting rid of those files. My AV doesn't find any of
these files, and never did. Each time I scan it comes up
clean. I have also scanned at Panda (clean) TrendMicro
(clean) McAfee (clean) NAV on my computer (clean) and NAV
online (clean). I found these infected files when I did a
scan at RAV, just for the heck of it. Since I never
executed these files I thought I was okay, but since I was
able to find them in Win Exp. but unable to open it, I
wasn't sure what to do. Anyway the files are gone now,
Thanks... From now on I won't open any threads that are
larger than 10KB, and I'm deleting them before I download
them anyway, plus now the Swen post's subject lines with
attachments seem very obvious.

Pam
-----Original Message-----
Hi Pam,
Your virus scanner should be able to scan the files then give you
options for removal. I think that what you may be seeing is the download
headers for the messages so try this in OE click Tools | Options |
Maintenance Tab | Clean Up Now | Delete. That last file may be a hidden
virus within the file.
--
Paul Ballou
MVP Design Gallery Live
http://office.microsoft.com/clipart/default.aspx
http://www.paulsgiftshop.com/


Pam said:
Hi Paul: Could you tell me an easy way to remove these files? I tried
following someone else's suggestion to remove but the
files are still in
Win
Ex. This is what I tried: Highlight message/delete/clean up now, then
defrag. Below is the location of the files I'm referring to:

C:\Documents and Settings\Default\Application
Data\Identities\{03FA7420-3FCC-11D3-A1EB-AF89CC02843C} \Microsoft\Outlook
Express\microsoft.public.officeupdate.dbx->Message.303: ("Earl Hunter"
[Look at this update])->(part0004:q657375.exe) -
Win32/Swen.A@mm ->
Infected
C:\Documents and Settings\Default\Application
Data\Identities\{03FA7420-3FCC-11D3-A1EB-AF89CC02843C} \Microsoft\Outlook
Express\microsoft.public.security.baseline_analyzer.dbx- Message.289:
("Mantas Sinkevicius" [Check out this corrective pack from the Mic... -
Win32/Swen.A@mm -> Infected



C:\Documents and Settings\Default\Application
Data\Identities\{03FA7420-3FCC-11D3-A1EB-AF89CC02843C} \Microsoft\Outlook
Express\microsoft.public.windows.inetexplorer.ie6_outlookex
press
(1).dbx->Message.1061: ("Ham" [Viruses and Worms in e- mails sent to
me.... - HTML/IFrame_Exploit* -> Infected



Is this last file actually a virus or something else? I thought that an
IFrame Exploit was a vulnerability, and not a virus.





Thanks for any other ideas in removing these...



Pam


.
 
P

Paul Ballou

Hi Pam
Glad it worked for you and Thanks for the feedback.

--
Paul Ballou
MVP Design Gallery Live
http://office.microsoft.com/clipart/default.aspx
http://www.paulsgiftshop.com/


Pam said:
Hi Paul: Thanks for the info. that finally worked in
getting rid of those files. My AV doesn't find any of
these files, and never did. Each time I scan it comes up
clean. I have also scanned at Panda (clean) TrendMicro
(clean) McAfee (clean) NAV on my computer (clean) and NAV
online (clean). I found these infected files when I did a
scan at RAV, just for the heck of it. Since I never
executed these files I thought I was okay, but since I was
able to find them in Win Exp. but unable to open it, I
wasn't sure what to do. Anyway the files are gone now,
Thanks... From now on I won't open any threads that are
larger than 10KB, and I'm deleting them before I download
them anyway, plus now the Swen post's subject lines with
attachments seem very obvious.

Pam
-----Original Message-----
Hi Pam,
Your virus scanner should be able to scan the files then give you
options for removal. I think that what you may be seeing is the download
headers for the messages so try this in OE click Tools | Options |
Maintenance Tab | Clean Up Now | Delete. That last file may be a hidden
virus within the file.
--
Paul Ballou
MVP Design Gallery Live
http://office.microsoft.com/clipart/default.aspx
http://www.paulsgiftshop.com/


Pam said:
Hi Paul: Could you tell me an easy way to remove these files? I tried
following someone else's suggestion to remove but the
files are still in
Win
Ex. This is what I tried: Highlight message/delete/clean up now, then
defrag. Below is the location of the files I'm referring to:

C:\Documents and Settings\Default\Application
Data\Identities\{03FA7420-3FCC-11D3-A1EB-AF89CC02843C} \Microsoft\Outlook
Express\microsoft.public.officeupdate.dbx->Message.303: ("Earl Hunter"
[Look at this update])->(part0004:q657375.exe) -
Win32/Swen.A@mm ->
Infected
C:\Documents and Settings\Default\Application
Data\Identities\{03FA7420-3FCC-11D3-A1EB-AF89CC02843C} \Microsoft\Outlook
Express\microsoft.public.security.baseline_analyzer.dbx- Message.289:
("Mantas Sinkevicius" [Check out this corrective pack from the Mic... -
Win32/Swen.A@mm -> Infected



C:\Documents and Settings\Default\Application
Data\Identities\{03FA7420-3FCC-11D3-A1EB-AF89CC02843C} \Microsoft\Outlook
Express\microsoft.public.windows.inetexplorer.ie6_outlookex
press
(1).dbx->Message.1061: ("Ham" [Viruses and Worms in e- mails sent to
me.... - HTML/IFrame_Exploit* -> Infected



Is this last file actually a virus or something else? I thought that an
IFrame Exploit was a vulnerability, and not a virus.





Thanks for any other ideas in removing these...



Pam


.
 
T

Tom Trosborg

Certainly my NAV picks up Swen; I receive between two and ten of these 'ms
updates' every day (could have been a lot worse), and Norton has no problem
sorting it out. Just make sure your anti-virus software is bang up to date.

Henry.

Pam said:
Hi Paul: Thanks for the info. that finally worked in
getting rid of those files. My AV doesn't find any of
these files, and never did. Each time I scan it comes up
clean. I have also scanned at Panda (clean) TrendMicro
(clean) McAfee (clean) NAV on my computer (clean) and NAV
online (clean). I found these infected files when I did a
scan at RAV, just for the heck of it. Since I never
executed these files I thought I was okay, but since I was
able to find them in Win Exp. but unable to open it, I
wasn't sure what to do. Anyway the files are gone now,
Thanks... From now on I won't open any threads that are
larger than 10KB, and I'm deleting them before I download
them anyway, plus now the Swen post's subject lines with
attachments seem very obvious.

Pam
-----Original Message-----
Hi Pam,
Your virus scanner should be able to scan the files then give you
options for removal. I think that what you may be seeing is the download
headers for the messages so try this in OE click Tools | Options |
Maintenance Tab | Clean Up Now | Delete. That last file may be a hidden
virus within the file.
--
Paul Ballou
MVP Design Gallery Live
http://office.microsoft.com/clipart/default.aspx
http://www.paulsgiftshop.com/


Pam said:
Hi Paul: Could you tell me an easy way to remove these files? I tried
following someone else's suggestion to remove but the
files are still in
Win
Ex. This is what I tried: Highlight message/delete/clean up now, then
defrag. Below is the location of the files I'm referring to:

C:\Documents and Settings\Default\Application
Data\Identities\{03FA7420-3FCC-11D3-A1EB-AF89CC02843C} \Microsoft\Outlook
Express\microsoft.public.officeupdate.dbx->Message.303: ("Earl Hunter"
[Look at this update])->(part0004:q657375.exe) -
Win32/Swen.A@mm ->
Infected
C:\Documents and Settings\Default\Application
Data\Identities\{03FA7420-3FCC-11D3-A1EB-AF89CC02843C} \Microsoft\Outlook
Express\microsoft.public.security.baseline_analyzer.dbx- Message.289:
("Mantas Sinkevicius" [Check out this corrective pack from the Mic... -
Win32/Swen.A@mm -> Infected



C:\Documents and Settings\Default\Application
Data\Identities\{03FA7420-3FCC-11D3-A1EB-AF89CC02843C} \Microsoft\Outlook
Express\microsoft.public.windows.inetexplorer.ie6_outlookex
press
(1).dbx->Message.1061: ("Ham" [Viruses and Worms in e- mails sent to
me.... - HTML/IFrame_Exploit* -> Infected



Is this last file actually a virus or something else? I thought that an
IFrame Exploit was a vulnerability, and not a virus.





Thanks for any other ideas in removing these...



Pam


.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top