The worm terminates processes relevant to various security and anti-virus products. Additionally, the worm contains its own SMTP engine to create outgoing messages to harvested email addresses from the victim's machine.

Various outgoing messages are created, with multiple subject lines and attachment names. Some make use of an Internet Explorer vulnerability to ensure the worm attachment is run upon viewing the email. See Microsoft Security Bulletin (MS01-020) . Messages created to take advantage of this vulnerability will be detected as Exploit-MIME.gen.exe with the 4215 DATs or greater (and earlier as Exploit-MIME.gen).

When the worm is run on the victim's machine, a series of fraudulent message boxes are displayed. The worm installs itself (using a random filename) into %WinDir%, for example: C:\WINDOWS\ZNFUL.EXE.

W32/Swen@MM modifies various registry keys and disables the execution of REGEDIT.EXE on the victim's machine. Additionally, the worm terminates various processes on the victim's machine.

VICTIM -- Yes, the people who installed this fake update became victims of a malicious criminal, not unlike being mugged or swindled. And this is just one of thousandss moving across the Internet each year. For example, IRC/Flood.bat, IRC/Floor.mirc, W32Duster, W32Tenrobot.a, and Multidropper-III were FIVE NEW THREATS released on Thanksgiving Day, 2003. Over THREE HUNDRED alerts were issued in November, 2003.

A virus is a manmade program or piece of code that causes an unexpected, usually negative, event. Viruses are often disguised games or images with clever marketing titles such as "Me, nude."

Computer Worms are viruses that reside in the active memory of a computer and duplicate themselves. They may send copies of themselves to other computers, such as through email or Internet Relay Chat (IRC).

A Trojan horse program is a malicious program that pretends to be a benign application; a Trojan horse program purposefully does something the user does not expect. Trojans are not viruses since they do not replicate, but Trojan horse programs can be just as destructive.

SOLUTION -- There is a very inexpensive solution to these threats. It's one we use; it's one I installed on my mother-in-law's computer (and, yes, I get along great with my mother-in-law). The program we use is the Online Virus Scan created by the McAfee Corporation. Just look at the benefits it provides:

Email Scanning - VirusScan automatically scans inbound (POP3) and outbound (SMTP) email and email attachments for most popular email clients, including Microsoft Outlook, Outlook Express, Netscape Mail, Eudora, Pegasus and others.

Instant Message Scanning - VirusScan scans Instant Message attachments sent via AOL Instant Messenger, Yahoo Messenger and Windows Messenger.

ScriptStopper™ - Many of the fastest spreading viruses, like I Love You, use scripts to infect your PC. ScriptStopper detects then stops these threats.

WormStopper™ - WormStopper stops mass-mailing worms like Sobig by detecting activity that may indicate a new, undetected worm is active on your PC. Like email sent to more than 40 recipients or more than five emails sent in less than 30 seconds.

Detects Spyware - Protecting loss of data and privacy, VirusScan detects potentially malicious desktop applications like spyware, adware, Web dialers and more.

Windows Explorer integration - Access VirusScan directly by selecting files and clicking the VirusScan icon in the Windows Explorer window.

AutoClean - VirusScan automatically attempts to clean virus-infected files when a malicious threat is detected.

MS Outlook Scanning - VirusScan integrates directly on the MS Outlook toolbar for instant, on-demand scanning of older email or folders.

Silent Updating - VirusScan silently updates virus definitions (DATs), without interrupting your work, ensuring your computer is always up-to-date.

Submit Files to AVERT™ - VirusScan sends suspicious files directly to the McAfee Antivirus Emergency Response Team (AVERT) for assessment.

Virus Map & Information Library - See how the latest threats are infecting computers worldwide, then research them via direct links to the McAfee Virus Information Library.

You can protect your computer with this online service for about $35 PER YEAR!!! It's a very secure feeling when you receive a message that states "So and So Virus is a medium risk blah...blah...blah. You are protected from this virus."