I am on a computer that is running win98 se, An e-mail was sent to this computer with the following two files: RPAEDIT.exe & DEISL3.isu. System will no longer come up in regular mode or safe mode. I did however get to the dos prompt to see if there were any unusual files on the hd. These are the two I found. I also noticed that two add'l copies of system were created under 2 dif directories using all available memory. Has anybody ever seen this & what can be done to correct? p.s. I did try and delete these two files, but it will not permit me to do so. Please help....

Thanx!

Welcome 2tall sorry to hear that/
First off you need to invest in a antivirus program and update it regularly. But there is one other thing you might can do, is get to dos prompt and type "scanreg/restore" no apostrophes , then you ll have a list of choices of dates in the past. Choose one then it should boot up, remember you ll lose some information , cause it goes back in time to fix your cpu. If it works immediately load your antivirus program and update it. See ya

------------------
Sledgehammer will save the day!

The second file you listed is some kind of server log...but as to the possibility of a virus, it sounds likely...do what di suggested find an Av program...there are sveral free ones available if you need to get it back now...AVG (http://www.grisoft.com/html/us_index.html) and f-prot (http://www.frisk.is/f-prot/)

------------------
mjc
Links list:Computer Links (http://www.dreamwater.org/tech/mjc/index.htm)

Celts are the men that heaven made mad, For all their battles are merry and their songs are all sad.

Sorry to hear abput your problem.
In this day and age, DO NOT open e-mail attachments unless you know that someone is sending you one and you are sure they have a clean system. Neither of the files you mentioned appear in symatec's knowledge base, but they could be a symptom of a worm.

Try the scanreg option suggested above. Get an anti-virus software.

Go into the system startup setup (run msconfig) and disable anything that looks unusual. Look for the names of the two files that you received. If you remove them, you may be able to get to real mode to get the anitivirus software on line.

Thanks for your help! I will give this a try this evening.

Originally posted by diurnal:
But there is one other thing you might can do, is get to dos prompt and type "scanreg/restore" no apostrophes , then you ll have a list of choices of dates in the past. Choose one then it should boot up, remember you ll lose some information , cause it goes back in time to fix your cpu. If it works immediately load your antivirus program and update it. See ya




The above is a good thing to try, however- this must be done from TRUE DOS, not a prompt from within windows. Boot up with a boot disk, and also- the command is: scanreg_/restore- (with the _ representing a sp_ace, you don't type (_) it's just to let you see there's a space).

without the space, and if you don't do it form true DOS, nothing will happen.

http://www.PCGuide.com/ubb/wink.gif


------------------
sea1_69@hotmail.com

homepage (http://www.seanweb1.homestead.com/3.html)


[This message has been edited by sea69 (edited 10-29-2001).]

Hey sea i did it without the space the other night?Hmmm.... http://www.PCGuide.com/ubb/rolleyes.gif

------------------
Sledgehammer will save the day!

Tried the scanreg command last nite, and it was a success! Thanks for the info! This discussion board is one of the best I have used. Have a great day!

diurnal usually knows what he's talking about. I just was instructed to do any DOS commands w/ a space. If he says it works the other way I'm sure it did for him.

http://www.PCGuide.com/ubb/wink.gif

I made a mistake, as you run it from boot menu picking Command Prompt Only, (after pressing F8), you don't usually do it with the boot disk, but you can.

can be done from true DOS anyway you choose to get there.

------------------
sea1_69@hotmail.com

homepage (http://www.seanweb1.homestead.com/3.html)




[This message has been edited by sea69 (edited 11-13-2001).]