Previous post i wrote:

<<When starting the PC to the desktop screen a message
box titled "C:\WINDOWS\System32\system32.exe" appears
saying:

"Windows cannot find 'C:\WINDOWS\System32\system32.exe'.
Make sure you typed the name correctly, and then try
again. To search for a file, click the Strt button, and
then click Search."

I then have the option of clicking "OK". This occurs
everytime at start up now even though i don't remember
making a search for that file and i don't reme,ber
deleting it at anypoint.>>

Well a guy named Earl said this may be
a "W95.Smoker.Worm@mm" virus. I have some questions:

1)Reputable antivirus sites say this type of virus uses
the system32.exe file to start itself. I have been told
XP doesn't have a system32.exe file. Does this mean i
have the virus or not since the key file for the virus to
work isnt on XP. I think this virus was meant for
previous windows that had the system32.exe file.

2)There are many similar but DIFFERNT viruses like this
with different methods of removal involving the Registry
Keys. Since im not even sure if i have the virus should i
bother to follow the antivirus removal instructions.

3)If i should go through with removal- how do i choose
which type of virus i have. since the virus has not
executed properly (no system32.exe file-hence the reason
for the message at startup), i cannot tell what the
symptoms are . If i cant see the symptoms i cant identify
what virus type i have, therfore i dont know how to
remove it. HOWEVER like i say, there seems to be no
symptoms other than this startup message box which
implies the virus hasnt actually executed yet , in which
case....

4) is there a way to remove the message that i receive at
startup

PHEW ! thanks for reading this far! lets see whos the
first to understand this one.....

Taj

"Taj - Earl plz read" > wrote in message
...
> Previous post i wrote:
>
> <<When starting the PC to the desktop screen a message
> box titled "C:\WINDOWS\System32\system32.exe" appears
> saying:
>
> "Windows cannot find 'C:\WINDOWS\System32\system32.exe'.
> Make sure you typed the name correctly, and then try
> again. To search for a file, click the Strt button, and
> then click Search."
>
> I then have the option of clicking "OK". This occurs
> everytime at start up now even though i don't remember
> making a search for that file and i don't reme,ber
> deleting it at anypoint.>>
>
> Well a guy named Earl said this may be
> a "W95.Smoker.Worm@mm" virus. I have some questions:
>
> 1)Reputable antivirus sites say this type of virus uses
> the system32.exe file to start itself. I have been told
> XP doesn't have a system32.exe file. Does this mean i
> have the virus or not since the key file for the virus to
> work isnt on XP. I think this virus was meant for
> previous windows that had the system32.exe file.
>
> 2)There are many similar but DIFFERNT viruses like this
> with different methods of removal involving the Registry
> Keys. Since im not even sure if i have the virus should i
> bother to follow the antivirus removal instructions.
>
> 3)If i should go through with removal- how do i choose
> which type of virus i have. since the virus has not
> executed properly (no system32.exe file-hence the reason
> for the message at startup), i cannot tell what the
> symptoms are . If i cant see the symptoms i cant identify
> what virus type i have, therfore i dont know how to
> remove it. HOWEVER like i say, there seems to be no
> symptoms other than this startup message box which
> implies the virus hasnt actually executed yet , in which
> case....
>
> 4) is there a way to remove the message that i receive at
> startup
>
> PHEW ! thanks for reading this far! lets see whos the
> first to understand this one.....
>
> Taj

Answered in another newsgroup. If you must crosspost, put the
various newsgroups in the same box and separate them by commas.
That way all the replies are posted in all the newsgroups to which
the original message was sent. Newsgroup etiquette frowns upon
excessive crossposting. You should post your message in the one
newsgroup most related to your problem.. Wait a reasonable time for
replies before you post again. People from all over the world post
and read these messages. They are not all on the same schedule as
you.

As I stated in my other message, the system32.exe file was the
actual worm. It may have been deleted before you booted the next
time. You do not really know that. If the file were found at boot
time, you would have known nothing. There would have been no error
message because the file would have executed. The only way to be
safe is that each attachment is checked before opening and each file
is checked by a real-time antivirus scanner before it runs. A
weekly or monthly scan may be too late to stop the spread of a virus
or worm.
--
Earl F. Parrish

Hi,

I would suggest you to have a on-line security check for
virus.

First, disable the system restore feature of XP.
Then go to symantec.com to perform a on-line virus check
to ensure your PC is free from virus (if your OS has
infected by virus, the antivirus software may not run
properly)

Peter

>-----Original Message-----
>
>"Taj - Earl plz read" > wrote in
message
...
>> Previous post i wrote:
>>
>> <<When starting the PC to the desktop screen a message
>> box titled "C:\WINDOWS\System32\system32.exe" appears
>> saying:
>>
>> "Windows cannot find 'C:\WINDOWS\System32
\system32.exe'.
>> Make sure you typed the name correctly, and then try
>> again. To search for a file, click the Strt button, and
>> then click Search."
>>
>> I then have the option of clicking "OK". This occurs
>> everytime at start up now even though i don't remember
>> making a search for that file and i don't reme,ber
>> deleting it at anypoint.>>
>>
>> Well a guy named Earl said this may be
>> a "W95.Smoker.Worm@mm" virus. I have some questions:
>>
>> 1)Reputable antivirus sites say this type of virus uses
>> the system32.exe file to start itself. I have been told
>> XP doesn't have a system32.exe file. Does this mean i
>> have the virus or not since the key file for the virus
to
>> work isnt on XP. I think this virus was meant for
>> previous windows that had the system32.exe file.
>>
>> 2)There are many similar but DIFFERNT viruses like this
>> with different methods of removal involving the
Registry
>> Keys. Since im not even sure if i have the virus
should i
>> bother to follow the antivirus removal instructions.
>>
>> 3)If i should go through with removal- how do i choose
>> which type of virus i have. since the virus has not
>> executed properly (no system32.exe file-hence the
reason
>> for the message at startup), i cannot tell what the
>> symptoms are . If i cant see the symptoms i cant
identify
>> what virus type i have, therfore i dont know how to
>> remove it. HOWEVER like i say, there seems to be no
>> symptoms other than this startup message box which
>> implies the virus hasnt actually executed yet , in
which
>> case....
>>
>> 4) is there a way to remove the message that i receive
at
>> startup
>>
>> PHEW ! thanks for reading this far! lets see whos the
>> first to understand this one.....
>>
>> Taj
>
>Answered in another newsgroup. If you must crosspost,
put the
>various newsgroups in the same box and separate them by
commas.
>That way all the replies are posted in all the
newsgroups to which
>the original message was sent. Newsgroup etiquette
frowns upon
>excessive crossposting. You should post your message in
the one
>newsgroup most related to your problem.. Wait a
reasonable time for
>replies before you post again. People from all over the
world post
>and read these messages. They are not all on the same
schedule as
>you.
>
>As I stated in my other message, the system32.exe file
was the
>actual worm. It may have been deleted before you booted
the next
>time. You do not really know that. If the file were
found at boot
>time, you would have known nothing. There would have
been no error
>message because the file would have executed. The only
way to be
>safe is that each attachment is checked before opening
and each file
>is checked by a real-time antivirus scanner before it
runs. A
>weekly or monthly scan may be too late to stop the
spread of a virus
>or worm.
>--
>Earl F. Parrish
>
>.
>

thanks peter!!

>-----Original Message-----
>Hi,
>
>I would suggest you to have a on-line security check for
>virus.
>
>First, disable the system restore feature of XP.
>Then go to symantec.com to perform a on-line virus check
>to ensure your PC is free from virus (if your OS has
>infected by virus, the antivirus software may not run
>properly)
>
>Peter
>
>>-----Original Message-----
>>
>>"Taj - Earl plz read" > wrote in
>message
...
>>> Previous post i wrote:
>>>
>>> <<When starting the PC to the desktop screen a message
>>> box titled "C:\WINDOWS\System32\system32.exe" appears
>>> saying:
>>>
>>> "Windows cannot find 'C:\WINDOWS\System32
>\system32.exe'.
>>> Make sure you typed the name correctly, and then try
>>> again. To search for a file, click the Strt button,
and
>>> then click Search."
>>>
>>> I then have the option of clicking "OK". This occurs
>>> everytime at start up now even though i don't remember
>>> making a search for that file and i don't reme,ber
>>> deleting it at anypoint.>>
>>>
>>> Well a guy named Earl said this may be
>>> a "W95.Smoker.Worm@mm" virus. I have some questions:
>>>
>>> 1)Reputable antivirus sites say this type of virus
uses
>>> the system32.exe file to start itself. I have been
told
>>> XP doesn't have a system32.exe file. Does this mean i
>>> have the virus or not since the key file for the
virus
>to
>>> work isnt on XP. I think this virus was meant for
>>> previous windows that had the system32.exe file.
>>>
>>> 2)There are many similar but DIFFERNT viruses like
this
>>> with different methods of removal involving the
>Registry
>>> Keys. Since im not even sure if i have the virus
>should i
>>> bother to follow the antivirus removal instructions.
>>>
>>> 3)If i should go through with removal- how do i choose
>>> which type of virus i have. since the virus has not
>>> executed properly (no system32.exe file-hence the
>reason
>>> for the message at startup), i cannot tell what the
>>> symptoms are . If i cant see the symptoms i cant
>identify
>>> what virus type i have, therfore i dont know how to
>>> remove it. HOWEVER like i say, there seems to be no
>>> symptoms other than this startup message box which
>>> implies the virus hasnt actually executed yet , in
>which
>>> case....
>>>
>>> 4) is there a way to remove the message that i
receive
>at
>>> startup
>>>
>>> PHEW ! thanks for reading this far! lets see whos the
>>> first to understand this one.....
>>>
>>> Taj
>>
>>Answered in another newsgroup. If you must crosspost,
>put the
>>various newsgroups in the same box and separate them by
>commas.
>>That way all the replies are posted in all the
>newsgroups to which
>>the original message was sent. Newsgroup etiquette
>frowns upon
>>excessive crossposting. You should post your message
in
>the one
>>newsgroup most related to your problem.. Wait a
>reasonable time for
>>replies before you post again. People from all over
the
>world post
>>and read these messages. They are not all on the same
>schedule as
>>you.
>>
>>As I stated in my other message, the system32.exe file
>was the
>>actual worm. It may have been deleted before you
booted
>the next
>>time. You do not really know that. If the file were
>found at boot
>>time, you would have known nothing. There would have
>been no error
>>message because the file would have executed. The
only
>way to be
>>safe is that each attachment is checked before opening
>and each file
>>is checked by a real-time antivirus scanner before it
>runs. A
>>weekly or monthly scan may be too late to stop the
>spread of a virus
>>or worm.
>>--
>>Earl F. Parrish
>>
>>.
>>
>.
>