What's Going On?
07 May 2005, 10:04 AM
#1
Scooby Regular
Thread Starter
What's Going On?
Strange things happen when I log on to my PC and onto ScoobyNet.
I don't just mean my affect on SN either!
On PC log-on - I get a warning come up that says:-
'Publisher cannot be verified - do you want to run this software'?
Software:- System.EXE
Application:- C:\WINDOWS\System32
RUN or CANCEL
Of course, I consider it to be a virus or an attack on my PC so I do not run ...
Any thoughts? And how do I get it to stop asking? The PC runs fine without clicking RUN!
Another weirdo is that when I open ScoobyNet, ADOBE ACROBAT 4.0 READER appears to start up in the background ...... this started when the above happened so I consider them related.
Any Ideas??
I have run my Anti-Virus Software and it has put 3 virus/worms into the vault
Pete
I don't just mean my affect on SN either!
On PC log-on - I get a warning come up that says:-
'Publisher cannot be verified - do you want to run this software'?
Software:- System.EXE
Application:- C:\WINDOWS\System32
RUN or CANCEL
Of course, I consider it to be a virus or an attack on my PC so I do not run ...
Any thoughts? And how do I get it to stop asking? The PC runs fine without clicking RUN!
Another weirdo is that when I open ScoobyNet, ADOBE ACROBAT 4.0 READER appears to start up in the background ...... this started when the above happened so I consider them related.
Any Ideas??
I have run my Anti-Virus Software and it has put 3 virus/worms into the vault
Pete
07 May 2005, 10:09 AM
#4
Scooby Regular
Thread Starter
Originally Posted by Hanslow
Oh dear...I thought you Labour voters were intelligent? I would help, but I'm just a thick Tory voter 
BTW I actually said that the Tories were thick ... their voters are merely mis-led!
Pete
07 May 2005, 10:11 AM
#5
Scooby Regular
Join Date: Mar 2001
Location: Derbyshire
Posts: 4,496
Likes: 0
Received 0 Likes
on
0 Posts
Oooh back track back track....now where have we seen that before
Now, is this the slightest it annoying that it's been taken completely off topic and directed towards politics? Hmmm?
Now, is this the slightest it annoying that it's been taken completely off topic and directed towards politics? Hmmm?
07 May 2005, 10:13 AM
#6
Scooby Regular
Thread Starter
Originally Posted by Hanslow
Oooh back track back track....now where have we seen that before
Now, is this the slightest it annoying that it's been taken completely off topic and directed towards politics? Hmmm?
Now, is this the slightest it annoying that it's been taken completely off topic and directed towards politics? Hmmm?
Drift away
Pete
Trending Topics
07 May 2005, 10:38 AM
#10
Scooby Regular
Join Date: Mar 2001
Location: Derbyshire
Posts: 4,496
Likes: 0
Received 0 Likes
on
0 Posts
Cheer up Pete, we're only pulling your leg 
I've got to pop out now, but will have a look tonight to see if I can find anything out for you
Do you know what virus'/worms were put into the vault?
I've got to pop out now, but will have a look tonight to see if I can find anything out for you
Do you know what virus'/worms were put into the vault?
07 May 2005, 10:45 AM
#11
Scooby Regular
Thread Starter
Hanslow
WORM/KELVIR AI and AG
There are 4 of these worms now 3off AI and 1off AG ... the 4th has appeared since I tried to do a Restore!
Could I get this virus from a PDF File? Its funny how the ADOBE ACROBAT opens when I start ScoobyNet?
Pete
WORM/KELVIR AI and AG
There are 4 of these worms now 3off AI and 1off AG ... the 4th has appeared since I tried to do a Restore!
Could I get this virus from a PDF File? Its funny how the ADOBE ACROBAT opens when I start ScoobyNet?
Pete
07 May 2005, 11:56 AM
#12
Scooby Regular
Join Date: May 2003
Posts: 1,165
Likes: 0
Received 0 Likes
on
0 Posts
W32.Kelvir.AI
http://securityresponse.symantec.com...kelvir.ai.html
W32.Kelvir.AI is a worm that spreads a variant of W32.Spybot.Worm through MSN Messenger and exploits remote vulnerabilities.
AG will be similar
Upgrade Acrobat might help there's a version 7
http://securityresponse.symantec.com...kelvir.ai.html
W32.Kelvir.AI is a worm that spreads a variant of W32.Spybot.Worm through MSN Messenger and exploits remote vulnerabilities.
AG will be similar
Upgrade Acrobat might help there's a version 7
Last edited by Nicks VR4; 07 May 2005 at 11:58 AM.
07 May 2005, 12:14 PM
#13
Call me thick but the only way of spreading files through MSN messenger is accepting file transfers and/or clicking on links supplied by people?
Now I only accept files/click links if I'm actually having a chat with the person concerned & know what it is that I'm accepting/clicking. Very simple security system that should mean you never get a virus unless the person you are talking with deliberately infects you.
Or have I missed something?
Now I only accept files/click links if I'm actually having a chat with the person concerned & know what it is that I'm accepting/clicking. Very simple security system that should mean you never get a virus unless the person you are talking with deliberately infects you.
Or have I missed something?
07 May 2005, 12:29 PM
#14
Scooby Regular
Join Date: May 2003
Posts: 1,165
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by Puff The Magic Wagon!
Call me thick but the only way of spreading files through MSN messenger is accepting file transfers and/or clicking on links supplied by people?
Now I only accept files/click links if I'm actually having a chat with the person concerned & know what it is that I'm accepting/clicking. Very simple security system that should mean you never get a virus unless the person you are talking with deliberately infects you.
Or have I missed something?
Now I only accept files/click links if I'm actually having a chat with the person concerned & know what it is that I'm accepting/clicking. Very simple security system that should mean you never get a virus unless the person you are talking with deliberately infects you.
Or have I missed something?
(Sends the following message to all the MSN Messenger contacts on the compromised computer)
So you could be talking too your mate and get the file sent beliving he/she has sent you it
And some people will download / click on anything thats way a lot of Corporate companies have disable MSN etc
07 May 2005, 12:30 PM
#15
Scooby Regular
Thread Starter
My daughter uses the PC as well ..... and she is always on MSN Messenger!
She's cautious - but not like me!
Thanks NicksVR4 - I'll upgrade to version 7
Pete
She's cautious - but not like me!
Thanks NicksVR4 - I'll upgrade to version 7
Pete
07 May 2005, 05:54 PM
#17
Scooby Regular
Join Date: Mar 2001
Location: Derbyshire
Posts: 4,496
Likes: 0
Received 0 Likes
on
0 Posts
Back again
When you say on logon, when exactly during the logon does it come up with this?
Do you have visibility of the windows desktop at this point?
Can you press CTRL-SHIFT-ESC to bring up the windows task manager and list here what processes are running at the time under the process tab? In case it's something simple, have you got anything in your Startup folder (Start button -> Programs -> Startup).
Can you also do Start->Run and then type in msconfig and hit enter. In the popped up window, select the Startup tab and list here what's in there.
Cheers
Steve
When you say on logon, when exactly during the logon does it come up with this?
Do you have visibility of the windows desktop at this point?
Can you press CTRL-SHIFT-ESC to bring up the windows task manager and list here what processes are running at the time under the process tab? In case it's something simple, have you got anything in your Startup folder (Start button -> Programs -> Startup).
Can you also do Start->Run and then type in msconfig and hit enter. In the popped up window, select the Startup tab and list here what's in there.
Cheers
Steve
07 May 2005, 07:12 PM
#18
Scooby Regular
Thread Starter
Steve, thanks for getting back ......
The PC starts up as per usual, goes cleanly into the first screen of XP where the names of the accounts/users are ....
When a user clicks on their account - the desktop opens and can be seen ... its now that the offer to run a program appears .....
Any help??
Pete
The PC starts up as per usual, goes cleanly into the first screen of XP where the names of the accounts/users are ....
When a user clicks on their account - the desktop opens and can be seen ... its now that the offer to run a program appears .....
Any help??
Pete
07 May 2005, 07:16 PM
#19
Scooby Regular
Join Date: Oct 2001
Posts: 11,403
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by pslewis
Hanslow
WORM/KELVIR AI and AG
There are 4 of these worms now 3off AI and 1off AG ... the 4th has appeared since I tried to do a Restore!
Could I get this virus from a PDF File? Its funny how the ADOBE ACROBAT opens when I start ScoobyNet?
Pete
WORM/KELVIR AI and AG
There are 4 of these worms now 3off AI and 1off AG ... the 4th has appeared since I tried to do a Restore!
Could I get this virus from a PDF File? Its funny how the ADOBE ACROBAT opens when I start ScoobyNet?
Pete
I got help from THIS FORUM in Cyber Safety
Good luck.
07 May 2005, 07:44 PM
#20
Scooby Regular
Join Date: May 2003
Posts: 1,165
Likes: 0
Received 0 Likes
on
0 Posts
What Antivirus are you using ?
You could try going to Trend or Panda and doing a online scan
Or use your existing AV software and make sure it deletes them and not puts them in a vault , What ever a fault is as it sounds like they are still running on your PC
You could try going to Trend or Panda and doing a online scan
Or use your existing AV software and make sure it deletes them and not puts them in a vault , What ever a fault is as it sounds like they are still running on your PC
07 May 2005, 08:12 PM
#21
Scooby Regular
Join Date: Mar 2001
Location: Derbyshire
Posts: 4,496
Likes: 0
Received 0 Likes
on
0 Posts
I agree with Nick and Red in that it sounds like they may still be lurking
Good luck with sorting it (give the online scanners a crack as suggested by Nick). As Red pointed out, they can be a bugger to get rid of. Give your daughter a good slap as well and tell her not to accept things from strangers, or even from people she knows
Just to show I care and help a bit ()....
Here is the Trendmicro online virus checker, and Here is the Pandasoft one.
Good luck with sorting it (give the online scanners a crack as suggested by Nick). As Red pointed out, they can be a bugger to get rid of. Give your daughter a good slap as well and tell her not to accept things from strangers, or even from people she knows
Just to show I care and help a bit (
)....Here is the Trendmicro online virus checker, and Here is the Pandasoft one.
Last edited by Hanslow; 07 May 2005 at 08:15 PM.
07 May 2005, 08:40 PM
#23
Scooby Regular
Thread Starter
Thanks to all ....
I am using AVG AV Software ... it has found them and isolated them in the vault
First time I have been infected in over 7 years of Internet activity
Pete
I am using AVG AV Software ... it has found them and isolated them in the vault
First time I have been infected in over 7 years of Internet activity
Pete
07 May 2005, 11:50 PM
#25
Scooby Regular
Join Date: Oct 2001
Posts: 11,403
Likes: 0
Received 0 Likes
on
0 Posts
Originally Posted by pslewis
Thanks to all ....
I am using AVG AV Software ... it has found them and isolated them in the vault
First time I have been infected in over 7 years of Internet activity
Pete
I am using AVG AV Software ... it has found them and isolated them in the vault
First time I have been infected in over 7 years of Internet activity
Pete
