Jump to content

Did I have a virus?

Guest MM

By Guest MM
in Windows 98

 Share

Recommended Posts

Guest MM

Guest MM

Posted
Posted

Windows 98SE PC was working fine. I had been downloading some files,

e.g. RealPlayer. No apparent problems. Powered down. Later on, started

it up again. There was some kind of error message at the DOS level

where it said Abort, Retry, Fail. I said Abort. Then: Invalid System

Disk etc etc. Drive C buggered. However, I booted up to DOS from a

floppy and most (95%) of the folders and files on C appeared intact.

 

But here's the important thing, certain key parts of the OS were gone!

The VMM32 folder in Windows\System no longer existed, neither

IOSUBSYS. Also, no MSDOS.SYS in drive C.

 

But I had a very recent TrueImage image, so I just restored it. Since

then I have been running virus checkers like there's no tomorrow on

both PCs, but all come up clean.

 

What could totally trash those folders, yet leave most of the hard

drive files intact? My suspicion is a virus.

 

MM

  • Replies 8
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Fan924

Guest Fan924

Posted
Posted

Re: Did I have a virus?

 

Can you boot from C: now?

Guest MM

Guest MM

Posted
Posted

Re: Did I have a virus?

 

On Tue, 6 May 2008 08:00:22 -0700 (PDT), Fan924 <a924fan@yahoo.com>

wrote:

>Can you boot from C: now?

 

Oh, it's fixed because I restored a TrueImage image from three days

ago. But I don't know what caused the problem, that's the worry I

have. This was not just one file that got trashed, but all or most of

the essential OS that Windows needs in order to load. Exactly the kind

of payload one might expect from a virus, I should think.

 

MM

Guest Gary S. Terhune

Guest Gary S. Terhune

Posted
Posted

Re: Did I have a virus?

 

A virus/spyware/malware forum is where you need to ask this kind of

question. There are many such forums out there. I think perhaps Aumha.net

might be a good place to start. http://aumha.net/viewforum.php?f=27

 

--

Gary S. Terhune

MS-MVP Shell/User

http://www.grystmill.com

 

"MM" <kylix_is@yahoo.co.uk> wrote in message

news:ji1124p8eu624h65rt5dd0l45fuu7l9bf0@4ax.com...

> On Tue, 6 May 2008 08:00:22 -0700 (PDT), Fan924 <a924fan@yahoo.com>

> wrote:

>

>>Can you boot from C: now?

>

> Oh, it's fixed because I restored a TrueImage image from three days

> ago. But I don't know what caused the problem, that's the worry I

> have. This was not just one file that got trashed, but all or most of

> the essential OS that Windows needs in order to load. Exactly the kind

> of payload one might expect from a virus, I should think.

>

> MM

Guest philo

Guest philo

Posted
Posted

Re: Did I have a virus?

 

 

"MM" <kylix_is@yahoo.co.uk> wrote in message

news:s4q024lrs7uc8l9dt80klkfvj8umi3tqfd@4ax.com...

> Windows 98SE PC was working fine. I had been downloading some files,

> e.g. RealPlayer. No apparent problems. Powered down. Later on, started

> it up again. There was some kind of error message at the DOS level

> where it said Abort, Retry, Fail. I said Abort. Then: Invalid System

> Disk etc etc. Drive C buggered. However, I booted up to DOS from a

> floppy and most (95%) of the folders and files on C appeared intact.

>

> But here's the important thing, certain key parts of the OS were gone!

> The VMM32 folder in Windows\System no longer existed, neither

> IOSUBSYS. Also, no MSDOS.SYS in drive C.

>

> But I had a very recent TrueImage image, so I just restored it. Since

> then I have been running virus checkers like there's no tomorrow on

> both PCs, but all come up clean.

>

> What could totally trash those folders, yet leave most of the hard

> drive files intact? My suspicion is a virus.

>

> MM

 

 

If you listed all the stuff you downloaded...someone may know if it

was potentially something dangerous.

 

Here is some info on Real Player

http://www.ibtimes.com/articles/20080131/realplayer-badware-spyware-networks.htm

 

 

What else were you downloading?

Guest MM

Guest MM

Posted
Posted

Re: Did I have a virus?

 

On Tue, 6 May 2008 15:32:00 -0500, "philo" <philo@privacy.net> wrote:

>

>"MM" <kylix_is@yahoo.co.uk> wrote in message

>news:s4q024lrs7uc8l9dt80klkfvj8umi3tqfd@4ax.com...

>> Windows 98SE PC was working fine. I had been downloading some files,

>> e.g. RealPlayer. No apparent problems. Powered down. Later on, started

>> it up again. There was some kind of error message at the DOS level

>> where it said Abort, Retry, Fail. I said Abort. Then: Invalid System

>> Disk etc etc. Drive C buggered. However, I booted up to DOS from a

>> floppy and most (95%) of the folders and files on C appeared intact.

>>

>> But here's the important thing, certain key parts of the OS were gone!

>> The VMM32 folder in Windows\System no longer existed, neither

>> IOSUBSYS. Also, no MSDOS.SYS in drive C.

>>

>> But I had a very recent TrueImage image, so I just restored it. Since

>> then I have been running virus checkers like there's no tomorrow on

>> both PCs, but all come up clean.

>>

>> What could totally trash those folders, yet leave most of the hard

>> drive files intact? My suspicion is a virus.

>>

>> MM

>

>

>If you listed all the stuff you downloaded...someone may know if it

>was potentially something dangerous.

>

>Here is some info on Real Player

>http://www.ibtimes.com/articles/20080131/realplayer-badware-spyware-networks.htm

 

Alleged "badware", maybe. But hardly a contender for erasing one's key

Windows OS files !

>What else were you downloading?

 

nclip.exe (network clipboard)

SAPI4SDKSUITE.exe (Microsoft Speech)

iview410_setup.exe (Irfan View)

irfanview_plugins_410_setup.exe

 

All checked with an anti-virus program.

 

MM

Guest philo

Guest philo

Posted
Posted

Re: Did I have a virus?

 

<snip>

> >

> >If you listed all the stuff you downloaded...someone may know if it

> >was potentially something dangerous.

> >

> >Here is some info on Real Player

>

>http://www.ibtimes.com/articles/20080131/realplayer-badware-spyware-network

s.htm

>

> Alleged "badware", maybe. But hardly a contender for erasing one's key

> Windows OS files !

>

> >What else were you downloading?

>

> nclip.exe (network clipboard)

> SAPI4SDKSUITE.exe (Microsoft Speech)

> iview410_setup.exe (Irfan View)

> irfanview_plugins_410_setup.exe

>

> All checked with an anti-virus program.

>

>

 

 

True, Real Player is not a virus nor does it look like you

were attempting to download any malware.

 

There are of course some very unsafe websites out there...

you know the kind I'm talking about...

but obviously you know better than to go there...

 

 

So was it a virus???

 

I don't know.

 

Did the machine ...possibly... "hang" at shut down

and did scan disk "repair" errors upon start up?

 

That could have been what caused your situation...

but I'm pretty sure you would have mentioned that...

had that been the case.

 

 

The bottom line is that you were wise to have a good back-up...

so it looks like you are not the type of person

to "let 'em get you down".

Guest MM

Guest MM

Posted
Posted

Re: Did I have a virus?

 

On Wed, 7 May 2008 07:08:34 -0500, "philo" <philo@privacy.net> wrote:

><snip>

>> >

>> >If you listed all the stuff you downloaded...someone may know if it

>> >was potentially something dangerous.

>> >

>> >Here is some info on Real Player

>>

>>http://www.ibtimes.com/articles/20080131/realplayer-badware-spyware-network

>s.htm

>>

>> Alleged "badware", maybe. But hardly a contender for erasing one's key

>> Windows OS files !

>>

>> >What else were you downloading?

>>

>> nclip.exe (network clipboard)

>> SAPI4SDKSUITE.exe (Microsoft Speech)

>> iview410_setup.exe (Irfan View)

>> irfanview_plugins_410_setup.exe

>>

>> All checked with an anti-virus program.

>>

>>

>

>

>True, Real Player is not a virus nor does it look like you

>were attempting to download any malware.

>

>There are of course some very unsafe websites out there...

>you know the kind I'm talking about...

>but obviously you know better than to go there...

>

>

>So was it a virus???

>

>I don't know.

>

>Did the machine ...possibly... "hang" at shut down

>and did scan disk "repair" errors upon start up?

 

No. While I do occasionally get a hang on Windows shutdown on either

PC, it is rare and scandisk always fixes it.

>That could have been what caused your situation...

>but I'm pretty sure you would have mentioned that...

>had that been the case.

>

>

>The bottom line is that you were wise to have a good back-up...

>so it looks like you are not the type of person

>to "let 'em get you down".

 

The main thing I *always* back up are my data files. If I am working

on developing software (my chosen language is classic VB, but also

Delphi) then I will zip the entire folder I'm working on and whack the

zip onto a memory stick. Every day or two I then transfer the memory

stick to a CD or DVD. But since I came across TrueImage (for free, on

a magazine cover DVD) I use it all the time (having previously found

Ghost to be a right PITA).

 

TI is amazing! With my exchangable drive racks it means I can have

umpteen experimental installations, including Ubuntu, SuSE etc, with

just four physical drives. Also, TI makes an image in a matter of

minutes (18gb hard drive), so I can run it while making a couple of

tea.

 

Nothwithstanding the above, it's a bit disconcerting to be hit with

such a catastrophic problem for the first time in literally years.

Almost like having one's home burgled.

 

MM

Guest philo

Guest philo

Posted
Posted

Re: Did I have a virus?

 

<snip>

>>

>>Did the machine ...possibly... "hang" at shut down

>>and did scan disk "repair" errors upon start up?

>

> No. While I do occasionally get a hang on Windows shutdown on either

> PC, it is rare and scandisk always fixes it.

>

 

 

Aha!!!

 

When scandisk "fixes" problems what it does is correct logical errors on the

drive.

Most of the time...there is no harm done...

however...if you have ever noticed that .chk files are being written...

that means file fragments are simply being assigned as a file.

In some cases the file fragments are actually parts of necessary files

that are now rendered useless...and in other situations they are merely

unneeded or redundant

information.

 

 

So, if scandisk had run, converted some needed system file fragments to .chk

files...

your system would only have had logical errors corrected .

 

 

 

 

>>That could have been what caused your situation...

>>but I'm pretty sure you would have mentioned that...

>>had that been the case.

>>

>>

>>The bottom line is that you were wise to have a good back-up...

>>so it looks like you are not the type of person

>>to "let 'em get you down".

>

> The main thing I *always* back up are my data files. If I am working

> on developing software (my chosen language is classic VB, but also

> Delphi) then I will zip the entire folder I'm working on and whack the

> zip onto a memory stick. Every day or two I then transfer the memory

> stick to a CD or DVD. But since I came across TrueImage (for free, on

> a magazine cover DVD) I use it all the time (having previously found

> Ghost to be a right PITA).

>

> TI is amazing! With my exchangable drive racks it means I can have

> umpteen experimental installations, including Ubuntu, SuSE etc, with

> just four physical drives. Also, TI makes an image in a matter of

> minutes (18gb hard drive), so I can run it while making a couple of

> tea.

>

> Nothwithstanding the above, it's a bit disconcerting to be hit with

> such a catastrophic problem for the first time in literally years.

> Almost like having one's home burgled.

>

> MM

 

 

Yes...

so you were very smart for backing up your system!

 Share
Go to topic listing
×
×
  • Create New...