Solved

Vfat virus /boot sector type

Posted on 1998-11-09
7
171 Views
Last Modified: 2013-12-29
Had a malicious email from Holland- my clock kept cnanging times to 1996 etc Ultimately got the dreaded 'Non system Dsik error' Booted with the System Disk in a: drive and attempted to reinstall Win95, then got error messages about Vfat (thats why I call this one the Vfat Virus). I then tried to access C: drive from the A: drive. This was sucessfull. I guessed that the io.sys and or msdos.sys files had been corupted so I decided heck I am about to lose all my data anyway - so I simply typed sys C; at the A prompt. I then retried to reinstall windows95 AND IT WORKED :) So iv'e still got the darn virus only it is struggling to survive with unprdictable sytem files hehe
Though my MS Explorer is running really slowly Netscape is running fine. I am here on MS Explorer. I will try to get to Mc Afee Antivrus Site to get the FORM A treatment But I will check back to see if any one has an easier answer to this nasty bug.
mike
0
Comment
Question by:mcaddan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 1727289
If you have a virus, get the antivirus software.  I prefer McAfee myself, but Norton or any other reputable 3rd party should work for you.
0
 
LVL 3

Accepted Solution

by:
uilleann earned 30 total points
ID: 1727290
try fdisk /mbr
that should get rid of it.
0
 
LVL 3

Expert Comment

by:uilleann
ID: 1727291
ooops, do that after booting from a CLEAN floppy disk
0
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 1727292
doing an Fdisk/mbr MAY get rid of it for you (I had a hard disk that didn't respond to this and the only way to remove it was to use antivirus software).  But consider this.  You got the virus from somewhere and you won't be able to find out unless you get an antivirus package that checks floppy and you're hard disk.  Last time I checked, fdisk/mbr doesn't work on floppies.
0
 

Author Comment

by:mcaddan
ID: 1727293
Hi again Uillean and lew I wish could reward both but Uilleans answer is the better - incidently Mc Afee AntiV does not see the darn thing at all! It is still in there some where and has invaded a completely empty drive! H: that is.
Before I fdisk/mbr  the C: drive I wonder would that eraze the data out side the master boot record? If not does fdisk/mbr just renew the boot area and not the rest of the disk?
Any case I know enough not to crash but not enough to isolate this one!  PS I do like MS
experts board and am now beginning to use Explorer more than Netscape hmmmm I wonder if this is a result of the xcellent news reader that comes with Win95 :)

0
 
LVL 3

Expert Comment

by:uilleann
ID: 1727294
leew is absolutely right, the fdisk /mbr ONLY changes your bootrecord.
The virus is still somewhere on your system.
First kill all files you got in the email that caused this.
Second, get a decent anti virus prog.
Look for Thunderbyte, it finds so much it sometimes drives me crazy, changed code (cracks)
viri off course and..., eeeh.., it can immunize your bootrecord. (also on flops)
I must warn, it's a whiner, but better very safe than very sorry, not?
So, a dutch trick led to this, let a dutch anti-virus prog solve it :)
0
 

Author Comment

by:mcaddan
ID: 1727295
Thanks Guys, incidently there appears to be two win.ini files. I dont know why. One is the regular one in the windows directory, a second was in the programs directory. I moved that one to a floppy. Performance was not affected! That file when edited is goobldy gook ... lots of charicters no recognizable text!
Here is the contents
MZ ; ³ @ Aÿÿ    !                    '   2   =   H   S   ^   l      ‹   –       ®   Ä   Ò   ã   î   ù       #  .  <  Q  [  f  p  {  †  ”  ¥  °  ¾  Ï  Ú  ä  î  ù   ! ¶ ! » !  ! Õ ! ÷ ! !   8²"@! ƒ! š! Ž! w! [! A! í! Ó! ¹! ! N!  Óp! |! |! ž! ²      ! a
! Ê ! ¤ ! I ! ò
! š      "ž      "¢      "¦      "ª      "®      "²      "…! m! _! ´! ! ²! ©! Ž! k! <! 3! *! !!  ! ²! ©! „! {! .! ó! —! L! Ù! Ê! ¾! ¦! š! p! g! L! @! $! ! ü! é! Á! ²! ¢! ‹! s! c! L! ! û! $! ß! Í! ¹! ­! ¢! †! \! J! ,! ! ý! ¿! ‹! V! ?! j!  Ò Ó1      8&
8*
8N
8R
8v
8€ 8¦8ª8 88Ø8Ü8=8A8¢88l8p8Ñ8Õ8
88o8s8Ô8Ø86 8: 8› 8Ÿ 8ƒ"8>:8B:8?;83>8U>8                                                                                                                                                                                                                                                                                      U‹ì¸ š¾! VWj šÆ;8ƒÄj šà;8ƒÄhB š2! ƒÄhW š2! ƒÄhZ š2! ƒÄh^ š2! ƒÄhw š2! ƒÄh“ š2! ƒÄh° h² šÞ! ƒÄ‰Fü=  té) jšÆ;8ƒÄj šà;8ƒÄh¿ š,! ƒÄjšã! ƒÄhÐ hÒ šÞ! ƒÄ‰Fü=  téj ÿvüšò! ƒÄhÞ hà šÞ! ƒÄ‰Fühì ÿvüšô! ƒÄÿvüšò! ƒÄÿvüšò! ƒÄhñ hó šÞ! ƒÄ‰Füh ÿvüšô! ƒÄÿvüšò! ƒÄh      š2! ƒÄhhšÞ! ƒÄ‰Fü=  té) jšÆ;8ƒÄj šà;8ƒÄhš,! ƒÄjšã! ƒÄÿvüšò! ƒÄh-š2! ƒÄhJhLšÞ! ƒÄ‰FühUÿvüšô! ƒÄÿvüšò! ƒÄhºh¼šÞ! ƒÄ‰FühÈÿvüšô! ƒÄÿvüšò! ƒÄjšÆ;8ƒÄj šà;8ƒÄhvš,! ƒÄ_^ÉË                              ´0Í!<s3ÀPË¿‹6 +÷þ r¾ úŽ×Ä>ûsèW3ÀPè÷¸ÿLÍ!6£Î†à6£Ì‹Æ±ÓàH6£Œ»Ž6Œƒäþ6‰g¸þÿP6‰g
÷ÐP6‰g6‰g6‰&ˆ÷‰6 ŒÃ+Þ÷Û´JÍ!6ŒÊü¿F ¹@+Ï3Àóª‹0 ãÿÑš”! š! 3íš! ÿ6îÿ6ìÿ6êš    PèÃ.¡ŽØ¸ ÇŠãP.‹ŽÛšð! è™è<>2 ÖÖuXPÿ6 ¸ÿ PÿŠ¸ 5Í!‰¶Œ¸¸ %ºÝ Í!‹B ã)ŽÊ&‹6, ¡D ‹F 3Ûÿ@ séd¡H ‹J » ÿ@ ŽÊ&‹, ã>ŽÁ3ÿ&€= t4¹ ¾¨ó¦t ¹ÿ3Àò®u!ëå‹÷¿Ö±¬,ArÒà’¬,Ar
ªëî» €§Ö¿¸ DÍ!r
ö€t€Ö@Kyç¾L ¿P è³ ¾P ¿P èª ¾X ¿X è¡ ËU‹ì3ÉëU‹ì¹ ëU‹ìVW¹ ëU‹ìVW¹ˆ.ýQ
Éu¾4¿4èm ¾P ¿T èd >2 ÖÖuÿ8 ¾T ¿T èO ¾T ¿X èF šâ! ÀtX
äPu ƒ~ uÇFÿ è X
äu‹F´LÍ!_^]Ë‹B ã» ÿ@ Ŷ¸ %Í!Ã;÷sƒï‹ EtòÿëîÃU‹ì¸ü P蜃>  tÿþ¸ÿ P艋å]˸ é.þYZ‹Ü+Ør ;r‹ãRQËRQ¡@u3Àéþÿ.V3ö¹B 2äü¬2àâû€ôUtèÿ¸ Pè<¸ ^ˏ
¡Îº <t)ŽÊ&Ž, Œò3À™¹ €3ÿò®®uûGG‰>ð¹ÿÿò®÷Ñ‹Ñ¿ ¾ ŽÊ¬< tû<      t÷<to
ÀtkGN¬< tè<      tä<t\
ÀtX<"t$<\tBëä3ÉA¬<\tú<"tÑëÓ‹ÁÑéѨuÊëN¬<t+
Àt'<"tº<\tBëì3ÉA¬<\tú<"tÑëÛ‹ÁÑéѨuÒë—‰>ê×GÑç×B€âþ+â‹Ä£ì‹Øû6‰?CCÅ6ð¬ª
Àuú6ŽÊ¾ ë3Àª¬< tû<      t÷<t|
Àtx6‰?CCN¬< tá<      tÝ<tb
Àt^<"t'<\tªëä3ÉA¬<\tú<"t°\óªëÑ°\Ñéóªs°"ªëÅN¬<t.
Àt*<"t·<\tªëì3ÉA¬<\tú<"t°\óªëÙ°\Ñéóªs–°"ªëÍ3ÀªÇ  ÿ.U‹ìŽÊ&‹, ŽÃ3À3ö3ÿ¹ÿÿ Ût&€>   tò®F®uú‹Ç@$þF‹þÑæ¹       è¦ P‹Æè  £î‹Ï‹Ø3ö_Iã&‹6;¨uQVW¿¨¹ ó§_^Yt&‰?CC¬ª
ÀuúâÚ&‰]Ë U‹ìVW‹V¾m ­;Ât@–t —3À¹ÿÿò®‹÷ëë–_^‹å]Ê U‹ìWÿvèÊÿ Àt ’‹ú3À¹ÿÿò®÷ÑI» >2 ÖÖuÿ4 ´@Í!_‹å]Ê  SQ¹ ‡Ö      QPš ! [Ö      YŒÚ Àt[ËÁéSû r3À‹å]ËsøPè X2ä‹å]Ësè ¸ÿÿ™‹å]Ë2äè Ë¢Ò
äu"€>Ír <"s < r°ë<v°» ט£ÄÊÄë÷ Ë U‹ìƒìWV¿ÿÿ‹F‹ð‹ØöG@tÆG é™ öDƒué‹ VèãƒÄ‹ø‹Þë&‹‡Ê‰FþVè/ƒÄŠD*äPš! ƒÄ À|Yƒ~þ tV¸ PFôPš¢! ƒÄFö‰Fò€~ô\t¸"PFôPšb! ƒÄëÿNò¸
 Pÿvòÿvþš*! ƒÄFôPš6!! ƒÄ Àt¿ÿÿÆD ‹Ç^_‹å]ËU‹ìVšÔ! ‹ð ðu3ÀëVÿv
ÿvÿvšÔ! ƒÄ^‹å]ːU‹ì3ÀPÿvÿvš²! ‹å]ːU‹ìƒìWV‹vVèýƒÄ‹øF
PÿvVšü ! ƒÄ‰FüVWèSƒÄ‹Fü^_‹å]ËU‹ìƒìWV¾.VèŃċøFPÿv¸.Pšü ! ƒÄ‰Fü¸.

0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows 10 Creator Update has just been released and I have it working very well on my laptop. Read below for issues, fixes and ideas.
In this post we will be converting StringData saved within a text file into a hash table. This can be further used in a PowerShell script for replacing settings that are dynamic in nature from environment to environment.
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question