Solved

Vfat virus /boot sector type

Posted on 1998-11-09
7
163 Views
Last Modified: 2013-12-29
Had a malicious email from Holland- my clock kept cnanging times to 1996 etc Ultimately got the dreaded 'Non system Dsik error' Booted with the System Disk in a: drive and attempted to reinstall Win95, then got error messages about Vfat (thats why I call this one the Vfat Virus). I then tried to access C: drive from the A: drive. This was sucessfull. I guessed that the io.sys and or msdos.sys files had been corupted so I decided heck I am about to lose all my data anyway - so I simply typed sys C; at the A prompt. I then retried to reinstall windows95 AND IT WORKED :) So iv'e still got the darn virus only it is struggling to survive with unprdictable sytem files hehe
Though my MS Explorer is running really slowly Netscape is running fine. I am here on MS Explorer. I will try to get to Mc Afee Antivrus Site to get the FORM A treatment But I will check back to see if any one has an easier answer to this nasty bug.
mike
0
Comment
Question by:mcaddan
  • 3
  • 2
  • 2
7 Comments
 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 1727289
If you have a virus, get the antivirus software.  I prefer McAfee myself, but Norton or any other reputable 3rd party should work for you.
0
 
LVL 3

Accepted Solution

by:
uilleann earned 30 total points
ID: 1727290
try fdisk /mbr
that should get rid of it.
0
 
LVL 3

Expert Comment

by:uilleann
ID: 1727291
ooops, do that after booting from a CLEAN floppy disk
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 95

Expert Comment

by:Lee W, MVP
ID: 1727292
doing an Fdisk/mbr MAY get rid of it for you (I had a hard disk that didn't respond to this and the only way to remove it was to use antivirus software).  But consider this.  You got the virus from somewhere and you won't be able to find out unless you get an antivirus package that checks floppy and you're hard disk.  Last time I checked, fdisk/mbr doesn't work on floppies.
0
 

Author Comment

by:mcaddan
ID: 1727293
Hi again Uillean and lew I wish could reward both but Uilleans answer is the better - incidently Mc Afee AntiV does not see the darn thing at all! It is still in there some where and has invaded a completely empty drive! H: that is.
Before I fdisk/mbr  the C: drive I wonder would that eraze the data out side the master boot record? If not does fdisk/mbr just renew the boot area and not the rest of the disk?
Any case I know enough not to crash but not enough to isolate this one!  PS I do like MS
experts board and am now beginning to use Explorer more than Netscape hmmmm I wonder if this is a result of the xcellent news reader that comes with Win95 :)

0
 
LVL 3

Expert Comment

by:uilleann
ID: 1727294
leew is absolutely right, the fdisk /mbr ONLY changes your bootrecord.
The virus is still somewhere on your system.
First kill all files you got in the email that caused this.
Second, get a decent anti virus prog.
Look for Thunderbyte, it finds so much it sometimes drives me crazy, changed code (cracks)
viri off course and..., eeeh.., it can immunize your bootrecord. (also on flops)
I must warn, it's a whiner, but better very safe than very sorry, not?
So, a dutch trick led to this, let a dutch anti-virus prog solve it :)
0
 

Author Comment

by:mcaddan
ID: 1727295
Thanks Guys, incidently there appears to be two win.ini files. I dont know why. One is the regular one in the windows directory, a second was in the programs directory. I moved that one to a floppy. Performance was not affected! That file when edited is goobldy gook ... lots of charicters no recognizable text!
Here is the contents
MZ ; ³ @ Aÿÿ    !                    '   2   =   H   S   ^   l      ‹   –       ®   Ä   Ò   ã   î   ù       #  .  <  Q  [  f  p  {  †  ”  ¥  °  ¾  Ï  Ú  ä  î  ù   ! ¶ ! » !  ! Õ ! ÷ ! !   8²"@! ƒ! š! Ž! w! [! A! í! Ó! ¹! ! N!  Óp! |! |! ž! ²      ! a
! Ê ! ¤ ! I ! ò
! š      "ž      "¢      "¦      "ª      "®      "²      "…! m! _! ´! ! ²! ©! Ž! k! <! 3! *! !!  ! ²! ©! „! {! .! ó! —! L! Ù! Ê! ¾! ¦! š! p! g! L! @! $! ! ü! é! Á! ²! ¢! ‹! s! c! L! ! û! $! ß! Í! ¹! ­! ¢! †! \! J! ,! ! ý! ¿! ‹! V! ?! j!  Ò Ó1      8&
8*
8N
8R
8v
8€ 8¦8ª8 88Ø8Ü8=8A8¢88l8p8Ñ8Õ8
88o8s8Ô8Ø86 8: 8› 8Ÿ 8ƒ"8>:8B:8?;83>8U>8                                                                                                                                                                                                                                                                                      U‹ì¸ š¾! VWj šÆ;8ƒÄj šà;8ƒÄhB š2! ƒÄhW š2! ƒÄhZ š2! ƒÄh^ š2! ƒÄhw š2! ƒÄh“ š2! ƒÄh° h² šÞ! ƒÄ‰Fü=  té) jšÆ;8ƒÄj šà;8ƒÄh¿ š,! ƒÄjšã! ƒÄhÐ hÒ šÞ! ƒÄ‰Fü=  téj ÿvüšò! ƒÄhÞ hà šÞ! ƒÄ‰Fühì ÿvüšô! ƒÄÿvüšò! ƒÄÿvüšò! ƒÄhñ hó šÞ! ƒÄ‰Füh ÿvüšô! ƒÄÿvüšò! ƒÄh      š2! ƒÄhhšÞ! ƒÄ‰Fü=  té) jšÆ;8ƒÄj šà;8ƒÄhš,! ƒÄjšã! ƒÄÿvüšò! ƒÄh-š2! ƒÄhJhLšÞ! ƒÄ‰FühUÿvüšô! ƒÄÿvüšò! ƒÄhºh¼šÞ! ƒÄ‰FühÈÿvüšô! ƒÄÿvüšò! ƒÄjšÆ;8ƒÄj šà;8ƒÄhvš,! ƒÄ_^ÉË                              ´0Í!<s3ÀPË¿‹6 +÷þ r¾ úŽ×Ä>ûsèW3ÀPè÷¸ÿLÍ!6£Î†à6£Ì‹Æ±ÓàH6£Œ»Ž6Œƒäþ6‰g¸þÿP6‰g
÷ÐP6‰g6‰g6‰&ˆ÷‰6 ŒÃ+Þ÷Û´JÍ!6ŒÊü¿F ¹@+Ï3Àóª‹0 ãÿÑš”! š! 3íš! ÿ6îÿ6ìÿ6êš    PèÃ.¡ŽØ¸ ÇŠãP.‹ŽÛšð! è™è<>2 ÖÖuXPÿ6 ¸ÿ PÿŠ¸ 5Í!‰¶Œ¸¸ %ºÝ Í!‹B ã)ŽÊ&‹6, ¡D ‹F 3Ûÿ@ séd¡H ‹J » ÿ@ ŽÊ&‹, ã>ŽÁ3ÿ&€= t4¹ ¾¨ó¦t ¹ÿ3Àò®u!ëå‹÷¿Ö±¬,ArÒà’¬,Ar
ªëî» €§Ö¿¸ DÍ!r
ö€t€Ö@Kyç¾L ¿P è³ ¾P ¿P èª ¾X ¿X è¡ ËU‹ì3ÉëU‹ì¹ ëU‹ìVW¹ ëU‹ìVW¹ˆ.ýQ
Éu¾4¿4èm ¾P ¿T èd >2 ÖÖuÿ8 ¾T ¿T èO ¾T ¿X èF šâ! ÀtX
äPu ƒ~ uÇFÿ è X
äu‹F´LÍ!_^]Ë‹B ã» ÿ@ Ŷ¸ %Í!Ã;÷sƒï‹ EtòÿëîÃU‹ì¸ü P蜃>  tÿþ¸ÿ P艋å]˸ é.þYZ‹Ü+Ør ;r‹ãRQËRQ¡@u3Àéþÿ.V3ö¹B 2äü¬2àâû€ôUtèÿ¸ Pè<¸ ^ˏ
¡Îº <t)ŽÊ&Ž, Œò3À™¹ €3ÿò®®uûGG‰>ð¹ÿÿò®÷Ñ‹Ñ¿ ¾ ŽÊ¬< tû<      t÷<to
ÀtkGN¬< tè<      tä<t\
ÀtX<"t$<\tBëä3ÉA¬<\tú<"tÑëÓ‹ÁÑéѨuÊëN¬<t+
Àt'<"tº<\tBëì3ÉA¬<\tú<"tÑëÛ‹ÁÑéѨuÒë—‰>ê×GÑç×B€âþ+â‹Ä£ì‹Øû6‰?CCÅ6ð¬ª
Àuú6ŽÊ¾ ë3Àª¬< tû<      t÷<t|
Àtx6‰?CCN¬< tá<      tÝ<tb
Àt^<"t'<\tªëä3ÉA¬<\tú<"t°\óªëÑ°\Ñéóªs°"ªëÅN¬<t.
Àt*<"t·<\tªëì3ÉA¬<\tú<"t°\óªëÙ°\Ñéóªs–°"ªëÍ3ÀªÇ  ÿ.U‹ìŽÊ&‹, ŽÃ3À3ö3ÿ¹ÿÿ Ût&€>   tò®F®uú‹Ç@$þF‹þÑæ¹       è¦ P‹Æè  £î‹Ï‹Ø3ö_Iã&‹6;¨uQVW¿¨¹ ó§_^Yt&‰?CC¬ª
ÀuúâÚ&‰]Ë U‹ìVW‹V¾m ­;Ât@–t —3À¹ÿÿò®‹÷ëë–_^‹å]Ê U‹ìWÿvèÊÿ Àt ’‹ú3À¹ÿÿò®÷ÑI» >2 ÖÖuÿ4 ´@Í!_‹å]Ê  SQ¹ ‡Ö      QPš ! [Ö      YŒÚ Àt[ËÁéSû r3À‹å]ËsøPè X2ä‹å]Ësè ¸ÿÿ™‹å]Ë2äè Ë¢Ò
äu"€>Ír <"s < r°ë<v°» ט£ÄÊÄë÷ Ë U‹ìƒìWV¿ÿÿ‹F‹ð‹ØöG@tÆG é™ öDƒué‹ VèãƒÄ‹ø‹Þë&‹‡Ê‰FþVè/ƒÄŠD*äPš! ƒÄ À|Yƒ~þ tV¸ PFôPš¢! ƒÄFö‰Fò€~ô\t¸"PFôPšb! ƒÄëÿNò¸
 Pÿvòÿvþš*! ƒÄFôPš6!! ƒÄ Àt¿ÿÿÆD ‹Ç^_‹å]ËU‹ìVšÔ! ‹ð ðu3ÀëVÿv
ÿvÿvšÔ! ƒÄ^‹å]ːU‹ì3ÀPÿvÿvš²! ‹å]ːU‹ìƒìWV‹vVèýƒÄ‹øF
PÿvVšü ! ƒÄ‰FüVWèSƒÄ‹Fü^_‹å]ËU‹ìƒìWV¾.VèŃċøFPÿv¸.Pšü ! ƒÄ‰Fü¸.

0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
HDMI port on laptop not working 26 67
Windows Server 2003 Policy Preventing Updates 6 41
paging file usage  > 95% for 30 min about 12 32
How to remove unwanted words? 34 39
A Bare Metal Image backup allows for the restore of an entire system to a similar or dissimilar hardware. They are highly useful for migrations and disaster recovery. Bare Metal Image backups support Full and Incremental backups. Differential backup…
If you need to start windows update installation remotely or as a scheduled task you will find this very helpful.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question