One of my friends received a Virus that actavited itself on April fools Day. It will not do a normal boot just locksup. We can get this into safe mode. He has Mcaffey Virus detection. If we cannot get rid of this virus
what other options does he have.

He has a store bought machine Compaq Presario 5724.
And they do have the restore disk that came with the machine. We are checking to be sure it will restore to factory default setup right out of the box.

So should he Fdisk and format the HD then use the restore disk? http://www.PCGuide.com/ubb/frown.gif

We are currently running the virus scan. But it did not detect the virus in the first place and he did an update last week. http://www.PCGuide.com/ubb/mad.gif

Also we are looking to get rid of the MC Affey Virus scan and replace with
Norton. So how do we uninstall the MC Affey?

Cheers http://www.PCGuide.com/ubb/biggrin.gif

Blazer

I'm glad to be without ME

Format the drive by using the restore disk, if it comes with a bootable floppy and a cd the restore disk will format the drive for you and then delete that poor excuse for a virus checker in the normal way and install some good virus software. You could always look on the trend site www.trend.com. (http://www.trend.com.) You need to know what the virus name is and hopefully they have a cleaner download that might help you to rid the pc of the virus without the restore..

Hook in and hang loose

Before you do any kind of reformat etc.....try this......using F8 at initial boot up.....choose "Command Prompt only".......type "edit_ autoexec.bat and hit enter........see if any unusual command (like one to start the virus prog.) lines are in there...If they are, delete or Rem them. Do the same with config.sys ...also with autoexec.dos & config.dos.........you might be able to at least get into "Regular mode" and go on the net to: http://housecall.antivirus.com/default.asp
Scan and remove the virus.

------------------
"As hard as a rock & dumb as a brick"...Windows CEMeNT

[This message has been edited by Randy_tx (edited 04-02-2001).]

with a COMPAQ- you do NOTHING but use the "Quick Restore" disk(s)!!

you do NOT fdisk, format:c /s , there is no need for bootdisks, or flying Windows Cd's, or commandexe.'s- ANY of that.

But FIRST do as Randy had suggested, and do the online virus scan.

then if that does not help, post back here and we can walk you through a Restore, (if thats what you need)

there are a few things that compaq neglects- to inform people to do, when doing a "Quick Restore", and it can be a little 'intimidating' http://www.PCGuide.com/ubb/smile.gif

in any event, please post back and let us know your progress (or lack of).. heh

**note: "Quick Restore", is A LAST ALTERNATIVE!! You should EXHAUST all other possible veunues 1st to try to fix this.

------------------
**puff**.. "Put that thing out boy.. the Sheriff's a comin'!!"



[This message has been edited by sea69 (edited 04-02-2001).]

Thanks everyone for the quick posts back. He is going to try and restore the drive tonight. He'll start with Randy's post to try to get it functioning in normal windows 98 mode. If this fails he'll use the restore disks.

We'll let you know what happens and post back more information if we need help.

Cheers http://www.PCGuide.com/ubb/tongue.gif

Blazer

sea: You can fdisk and format a Compaq, I've done it. Works well, but you have to use the Full Restore option when running the restore CD, not the Quick Restore. It recreates everything, including the second partition containing the BIOS information.

Would be good to know the name of the virus, a restore might not be necessary, it would depend on what the virus is and how it stores and replicates itself.

------------------
So many idiots, and only six bullets...
Note: Please post your questions on the forums, not in my email.

Computer Information Links (http://www.geocities.com/paleopete/)

sorry I beg to differ.. a 'full restore' is done by using the "Quick Restore" disk(s) -(depending on the system- it could have one or two "Quick Restore" disks)

additionally: THe QR disk does all that - so why would you want to do it manually ?? (good chance of messing it up for the average user even with the QR disks) The disks have your original everything- Operating system, all software, all drivers, partitions, all of it.

"Quick Restore" is just what compaq NAMES the system restore disks, you can call it Full Restore or anything else but thats what compaq calls it, and if you want everything to work as it did when the machine was new...with all of your drivers and original special drivers that make a compaq work...(that are unique to that specific model)- compaq it is best to stick with the QR disks.

Now I'm not saying you haven't, can't or that anyone else can't do this a different way... but I don't know why they would.

Please.. I know what I'm talking about on this and here's what compaq says:

Quickrestore Procedure for 7000 Series

Make sure to disconnect all third party devices from your system before doing a Quickrestore. Only leave mouse, keyboard and monitor connected.

NOTE: Quick Restoring your system will delete all files. (i.e. Email, Word and Works Documents, Downloaded files from the Internet, etc) Please back up all files you wish to keep. If you are unable to get into the operating system to back up your files you may wish to consult local data recovery center's depending on the importance of the files contained on the Hard Drive. Keep in mind all data backup is the responsibility of the owner of the Compaq Presario.

Please follow below steps completely, if the steps aren't followed certain software will not be installed after the Quickrestore is completed (i.e. Modem Drivers, Sound Card Drivers, Microsoft Works)

NOTE: Omit Quotations when typing in following commands
Insert Quick Restore CD Disc #1 into the top CD-ROM Drive
Restart the computer (This is done by holding the power button in until the system is powered off then press the power button once to turn it back on)
When you see the red Compaq Logo tap the F8 key repeatedly until you see the Windows 98 Startup Menu
From the list of options choose option #6 "Safe Mode Command Prompt Only" (Press the down arrow key until Safe Mode Command Prompt Only is highlighted and press Enter)
You will now be at an A:\ prompt type in the following "c:" press enter
On the screen will be C:\WINDOWS prompt type in the following "cd\windows\command" press enter
You will now be at C:\WINDOWS\COMMAND prompt type in "fdisk" press enter


How to Delete partitions with FDISK
You then get a long message Your computer has a disk larger than...
And it asks Do you wish to enable large disk support
Press Y for yes then press enter
You then get 4 options
Press 3 (Delete partition or logical DOS drive) then press enter
You then get 4 more options
Press 3 (Delete Logical DOS Drives(s) in Extended DOS Partition ) again then press enter
If you get a message There are no logical drives to delete, then proceed to step 23.
It will ask What logical partition do you want to delete
It will list the drive and should be letter B.
Press D then press enter
It will then ask Enter volume label
This too will be listed and is usually SYSTEM_SAV or SYSTEM_SAVE.
Have customer type it as it is shown then press enter
Then you get Are you sure?
Press Y for yes, then press enter
Then press ESC twice to get back to fdisk options
Press 3 (Delete partition or logical DOS drive) then press enter
Press 2 (Delete Extended DOS Partition) and press enter
You then get ...are you sure you want to continue
Press Y for yes then press enter
Then press ESC twice to get back to fdisk options
Press 3 (Delete partition or logical DOS drive) then press enter
Press 1 (Delete Primary DOS Partition) and press enter
You then get What primary partition do you want to delete
It should be listed as drive number 1
It will already be selected, just press enter
It will then ask Enter volume label
There shouldn't be any, so just press enter
You then get ...are you sure you want to continue
Press Y for yes and press enter
Now press ESC three times to completely exit out of fdisk
Restart the computer (Press the ctrl-alt-del keys simultaneously)
When the Compaq Logo appears, turn on Cap Locks (Do this by pressing the Caps Lock key above the left shift key)
You will be prompted with "Choose this line for English", press Enter
Welcome to Compaq Quick Restore, press ENTER
You will see a message that says "Compaq Quick Restore", press Enter
You will then get a message "Rebooting...please wait"
The Compaq Logo will reappear do not turn on Cap Locks this time
The message on the screen will say "Important Message", press enter
You will now be prompted with "Insert Recovery Disk", press Enter 3 times
On the screen you will be asked "Please select a Software Configuration, Select Model" (eg. 7478)
On the screen you will see "WARNING Quickrestore will destroy all data...", press Enter The following items will flash on and off on there own
Current process...checking current integrity
Current process...copying data
Current process...aligning data
Current process...changing structures
"Rebooting" (The system will completely restart)
You will then be prompted with "English 50% Insert the Second CD", remove Quickrestore Disk # 1 and Insert Quickrestore Disk #2, press ENTER
On the screen it will say "Working"
Once it finishes working it will prompt you to "Please re-insert THE FIRST CD of the English Quick Restore set", Insert Quickrestore Disk #1 and press ENTER
Quick Restore is installing the CD. Reading CD Information
Please remove your CD. Press any key to continue.
Loading Windows...Please Wait.
The system will automatically restart
On the screen you will see COMPAQ QUICKRESTORE
Rebooting...Please Wait.
The system will say "COMPAQ QUICKRESTORE" (This may take a while, keep waiting, its not frozen)
The system will boot into Windows
To complete the Quick Restore process, You will see a Compaq Quickrestore box in top right hand corner unzipping and installing drivers and software.
The system will again restart
Message "Preparing drive"
System Save, current process...copying data
The system will again restart
The system will start into Windows and begin install some hardware components
You will be prompted with "Getting Started, Enter first name and last name", click the next button
Put the bullet in "I accept this agreement", and click the next button
Fill out the registration screen and click the next button
Select the Country, US or Canada, enter your area code, and click the next button
You will be prompted with a registration reminder, click the next button
Change the date and time and click on apply button then on the ok button


This completes the Quickrestore Process


------------------
**puff**.. "Put that thing out boy.. the Sheriff's a comin'!!"



[This message has been edited by sea69 (edited 04-03-2001).]

pleas note that above reference was for a machine that can't even boot to safe mode, and has to be totally redone becuase there is no way to repair it.

Since this individual can still boot into safe mode, he MAY be able to just use Compaq Diagnostics, (which are part of compaq system support, in the start menue).. there he may choose to restore part or all of the system.

------------------
**puff**.. "Put that thing out boy.. the Sheriff's a comin'!!"

And your post gives precise instructions for running fdisk manually which is exactly what I said could be done. Also if you boot to the "Quick Restore" CD you will find options for a Quick Restore, which bypasses the repartitioning step and simply overwrites the windows installation, or a Full Restore, which completely partitions, formats and reinstalls everything.

I've been through the entire process both ways, on my own and with Compaq tech support on the phone, trying to get my sister's machine to work right. 8 times.

I'm not trying to make you look stupid, but your post contradicted itself. Plus I happen to know that it can be done. In certain instances you don't want to boot any further than a Windows Start Up disk. Such as a virus. Any drivers, etc that may be loaded can potentially be corrupted by the virus, so you want to boot only to a clean floppy and fdisk to remove all traces of the virus from the MBR. Then run the restore disk, which will completely restore the system.

The Restore disk can do all this automatically, by using the full restore option, but that would mean the chance of loading corrupt drivers, even though it's supposed to be done by BIOS allowing CD ROM to be including in the boot sequence. CD ROM drives need drivers though...

We still need to know the status of this machine, and the name of the virus involved...

------------------
So many idiots, and only six bullets...
Note: Please post your questions on the forums, not in my email.

Computer Information Links (http://www.geocities.com/paleopete/)

Pete this is what he got.

First he got a Driver memory error that was displayed on the task bar.

Then a window opened up that gave a message "Kro$lof says not today!"

He clicked OK.

Then it proceded to shutdown the machine. He had enough files backedup
so he tried to restore. After going through the restore process twice,
the machine would not boot up other than in safe mode.

Tried the Quick restore using both CD's still no go. However, did not
follow the Compaq instructions from Sea he simply inserted the restore
CD and followed on screen prompts.

So tonight he will try the Fdisk and than the restore CD to start with a clean slate. Should he also do an Fdisk /MBR incase the virus is in the MBR?

Randy he looked for unusual commands but we really did not know what to look for.

Hopfully he will be able to get this up and running tonight.

Cheers http://www.PCGuide.com/ubb/biggrin.gif

Blazer

blazer.. going by the onscreen prompts- at one point it asks you to insert recovery diskette (and you don't HAVE one).. the onscreen prompt doesn't bother to tell you that at that point you MUST press "Enter" three(3) times rapidly to allow the QR disk to continue with a FULL RESTORE.

additionally, the QR disk onscreen display does not tell you that you must have the CAPS LOCKED immediately after seeing the COMPAQ red insignia, in order to be able to have the options enabled. The FIRST time only.

Also, you have to put in the 1st disk, and then the second, and then -the first disk again- and wait for it to complete

that compaq "quote" was from "7000 series".. but compaq said that it applied also for 5000- 7000 series.

Pete.. still have a headache or what ??

hehe

I'm not trying to make you look stupid, but your post contradicted itself. Plus I happen to know that it can be done.

???????????????????

my learned friend, had you read what I posted (in my fragmented- manner of speaking)>> you would see that I did not disagree so much with what you said...

and: I've been through the entire process both ways, on my own and with Compaq tech support on the phone, trying to get my sister's machine to work right. 8 times.

if you had gone ahead and done it the way it was sugested instead of your way you would have only had to call once.. hehe

but as is pretty obvious, giving out two sets of instructions is counter productive, and can be confusing to people.

yes, you DO fdisk and reformat, but you do it WITH the QR disk in, and with the instructions available.. not everyone knows how to do things the other ways like you do http://www.PCGuide.com/ubb/smile.gif

besides correcting each other (cause were both right) can we get back to trying to help this person ??
not tryin' to get into a pis*ing match here....as I have the utmost respect for you!! http://www.PCGuide.com/ubb/smile.gif


------------------
**puff**.. "Put that thing out boy.. the Sheriff's a comin'!!"



[This message has been edited by sea69 (edited 04-03-2001).]

as described by a compaq tech- "Quick Restore is just following the bouncing ball"..... just go by the instructions....that's why you let the disks do everything.

*whooo hoooo I'm a "500 Geek".. http://www.PCGuide.com/ubb/smile.gif
ps {{GH}} I know- you're watching this thread ..lol


edit: I just took another look at this: The Restore disk can do all this automatically, by using the full restore option, but that would mean the chance of loading corrupt drivers, even though it's supposed to be done by BIOS allowing CD ROM to be including in the boot sequence. CD ROM drives need drivers though...

how could corrupt drivers be loaded ?? they are loaded 'fresh' new from the original configuration (which is on the QR cd), onto a newly formatted and partitioned HD.

reading all the 'ifs, ands, or buts' here even I'm getting confused and I know what to do.. hehe

just follow the bouncing ball...............

see these Quick Restore disks were made for people that know nothing.. when a person with allot of knowledge tries what normally works on most machines, in conjunction with what I will refer to as "QR 4 Dummies" (me when it came to Compaq's)....it doesn't work.. you need to do either or.

and this is not contradictory, in that- if you do fdisk and reformat using the QR 4 Dummies disk, you will be fine.
If you try to have it both ways, you will have an additional headache

oh- and make SURE your BIOS setting are set to "default"!

and after this is fixed, get ZoneAlarm, and a decent anti-virus,
in order to uninstall macafee you need to disable it in the Start Up..(by running "msconfig") and reboot- it can't be uninstalled while it is running.

Then after its gone you can put in Innoculate or whatever you choose...

------------------
**puff**.. "Put that thing out boy.. the Sheriff's a comin'!!"



[This message has been edited by sea69 (edited 04-03-2001).]

Sea,

My friend did it before asking me or this post. So last night he tried to see if there were any unusal lines in his start up as Randy had suggested.

He is only trying to get his machine up and running.

He does have a Win 98 start disk and 2 Restore CD you mentioned. Tonight he is going to try the instructions you have posted from Compaq.

Cheers http://www.PCGuide.com/ubb/biggrin.gif

Blazer

[This message has been edited by blazer2boy (edited 04-03-2001).]

ok.. but tell him to FORGET, he even HAS the win98 cd..or any start disks he doesnt need it.. DO NOT use that if you are using the QR disks.

------------------
**puff**.. "Put that thing out boy.. the Sheriff's a comin'!!"

[This message has been edited by sea69 (edited 04-03-2001).]

if you had gone ahead and done it the way it was sugested instead of your way you would have only had to call once.. hehe

Start Up disk, manual fdisk & format then restore disk was the suggestion from tech support. We tried it both ways, as well as Quick Restore booting to CD I think 3 times.

In the case of a virus, I must repeat, you do NOT want anything but the A drive to boot, period. Something like the CIH virus infects exe files. Anything you run off the C drive, as in C:\WINDOWS\COMMAND (see your instructions) will be infected by the virus, and transfer it to the drive you're trying to clean. The above instructions may be from Compaq, but are not appropriate for trying to deal with a virus. Anything run from C:\WINDOWS\COMMAND would not be acceptible. You want to run fdisk or any other program from a clean start up disk ONLY.

When I went through all this with Compaq tech support, we considered the possibility if a virus, but decided it was very unlikely. Just to be on the safe side, fdisk was run from a clean Start Up disk, then we rebooted and ran the restore disk. Same results, flaky machine. At any rate, I restored the system 8 times, I believe it was, 5 of those with tech support on the line, both booting to the CD and Start Up disk. The other 3 times were done both ways after getting sick of dealing with "tech support".

I'm not trying to prolong a confrontation either, but I have to get you to realize that the normal restore procedure WILL NOT WORK when dealing with a virus, period. The machine MUST be booted to a clean Start Up disk and nothing on C drive run at all. No OS, no drivers, no tsr's, nothing period. Zip, zilch nada...A: drive and that's it...

You're dealing with a virus...the rules just changed...



------------------
So many idiots, and only six bullets...
Note: Please post your questions on the forums, not in my email.

Computer Information Links (http://www.geocities.com/paleopete/)

and good morning to you!! http://www.PCGuide.com/ubb/smile.gif


Conversation with Compaq 9:00am(est) (This is REAL)

me: Hi I have a Quick Restore question.

him: can we please verify what system you have "sea" we have you listed as owning one model 7AP140, 5478, and now you say a model 5724.

me: that's correct I want to speak to you about the 5724

him: do you OWN this 5724?

me: no, it is a friends, that I want help with.

him: we also see that you own a model 7400 compaq presario?

me: no, not me..

him: Mr. Sea, we cannnot help you with a machine you do not own or have registered, would you like to add this 5724 to your list of registered compaq's?

me: ok, why not ?? Now, heres the problem. This has been infected with an unknown virus, (described "Kro$lof not Today"- he couldn't find a match in database) they can boot to Safe Mode (gave full desciption of above listed events) - Now, my friend who keeps saying that in the case of a virus all that can be "thrown out the window".

him: huh?? who is your friend??

me: a very knowledgeable guy I know a Master Technitian.. (hehehe)

him: well, we do this several THOUSAND times a day here and it works almost everytime!!


me: but what about running anything from: C:\WINDOWS\COMMAND ?? won't potential corrupt drivers be loaded from c; ??

him: No, if you READ THE INSTRUCTIONS: When you see the red Compaq Logo tap the F8 key repeatedly until you see the Windows 98 Startup Menu
From the list of options choose option #6 "Safe Mode Command Prompt Only" (Press the down arrow key until Safe Mode Command Prompt Only is highlighted and press Enter)
You will now be at an A:\ prompt type in the following "c:" press enter
On the screen will be C:\WINDOWS prompt type in the following "cd\windows\command" press enter
You will now be at C:\WINDOWS\COMMAND prompt type in "fdisk" press enter

"this is a 'cheat' tapping F8 and booting to "SAFE MODE COMMAND PROMPT ONLY", (here's where you missed it Pete)>> by choosing Option #6 'safe mode command prompt only', you are OUTSIDE the OS shell and NO drivers are loaded from C:\ (example: C:\>cd\windows\command) the machine will now be able to be fdisked and reformated WITH the QR cd in it, without any worries about any virus' in the previous C:\ .

me: is there anything else that you could send to me to prove this, (our conversation here) ?? of any written documentation to back this up?

him: just what you already told me that you have. That's all there is to it.

end. http://www.PCGuide.com/ubb/smile.gif

so it seems to be a "Catch 22".......lol

hehe, wonder when all of the others might put in 2¢.. (I know you guys are looking)




------------------
**puff**.. "Put that thing out boy.. the Sheriff's a comin'!!"




[This message has been edited by sea69 (edited 04-04-2001).]

BOYS.........easy!......Shoot, I would have LL formatted the HD......done a complete reinstall and put the BIOS on a floppy if it were mine (unless Compaq has come out of the middle ages with their BIOS by now) http://www.PCGuide.com/ubb/biggrin.gif http://www.PCGuide.com/ubb/biggrin.gif http://www.PCGuide.com/ubb/biggrin.gif
......and, I would have been finished two days ago.
------------------
I have answers for ALL questions...Correct Answers are another matter.....

[This message has been edited by Randy_tx (edited 04-04-2001).]

lol Randy, if Pete, you or I had this pc I would venture to say any one of us would have it up and running within an HOUR.

by whatever method.. heh http://www.PCGuide.com/ubb/smile.gif

------------------
**puff**.. "Put that thing out boy.. the Sheriff's a comin'!!"

Good Morning all!!!

The machine is up and running! http://www.PCGuide.com/ubb/biggrin.gif

Thanks you one and all for the help. Sea your instructions are correct
for about 80% of the restore the other 20% their are changes to some of the windows he got. But all said and done. He is very greatful for the help.

Now that he has his PC running the 2nd question how does he remove the MCaffy Virus detection software. He has tried going to the Add/Remove programs but could not find it listed to uninstall. So does he have to look in the Autoexec.bat, Config.sys etc. and do an REM on all the lines that refer to this software than delete the files in windows? Or can he install Norton Antivirus and just disable the Mcaffy?

Cheers http://www.PCGuide.com/ubb/biggrin.gif

Blazer

If the "old" virus program comes up at initial boot he will have to Rem lines from Autoexec.bat & Config.sys + he needs to disable it in msconfig under "Start Up" (just go to Start/Run/ and type msconfig.....then enter and go to the start up tab and "uncheck" the old virus prog. if it's there.

------------------
I have answers for ALL questions...Correct Answers are another matter.....

lol 80% huh ??

Macafee should be showing in "add/remove like this (http://www.zing.com/picture/p48460e2fab85d7c6919fd49929d91ade/feaea03c.gif.orig.gif)... if not I'm not sure where it may be ....?

------------------
**puff**.. "Put that thing out boy.. the Sheriff's a comin'!!"

Me thinks he "deleted" it rather than "uninstall" it http://www.PCGuide.com/ubb/biggrin.gif

------------------
I have answers for ALL questions...Correct Answers are another matter.....

oh lord.... I hope not.. but it sure sounds like it!! http://www.PCGuide.com/ubb/eek.gif


now you have to reinstall it in order to remove it (I think) ......



[This message has been edited by sea69 (edited 04-04-2001).]

Nah...I think he can just stop it from loading both in dos & win and be OK.

------------------
Always wondered where Silicon Valley was...saw a pic of Pamela Anderson...now I know

[This message has been edited by Randy_tx (edited 04-04-2001).]

He checked for it after the restore and it was not listed in the location for ADD/Remove Programs. He says he definately did NOT delete anything.
So any ideas as to why its not there. He will be online here tonight, looking for help on how to find where the McAffy is located and to remove it.

Wish I could offer you more info but I have not laid eyes on the
machine. Just talked with my friend over the phone.

Cheers http://www.PCGuide.com/ubb/biggrin.gif

Blazer

[This message has been edited by blazer2boy (edited 04-04-2001)

[This message has been edited by blazer2boy (edited 04-04-2001).]

yes, have him do a "msconfig" and see if it is there in "Start Up" TAB, if so uncheck it and re-boot, and it won't load. Actually thats what I did with mine, and installed Innoculate.

note: I still- use Macafee for boot (dos) scan, and keep it updated, but use Innoculate for 'Real Time'.

------------------
**puff**.. "Put that thing out boy.. the Sheriff's a comin'!!"

[This message has been edited by sea69 (edited 04-04-2001).]

Hello,
This is my machine that everyone is working on. Thanks. My machine seems to be working okay and I think that I wasn't patient enough on the reboot after the QR. Anyway, I am currently scanning my machine at housecall.com.

Talk to me like I'm a four year old...can I keep McAfee if it's updated? Is it any good?? (I did update it already) If not, I need a little more info on the "msconfig". - Thanks

hi there

mcafee is better than nothing, and as I said above^, I still keep it updated for boot (dos).*last update was 03/28/01*

only reason to get rid of it is if you decide that you like something else better.

Innoculate is good, and FREE, there are others as well....

is this a new pc? or new to you ?

I have reasons for asking since it's a compaq .. hehe

btw- glad you got back up http://www.PCGuide.com/ubb/smile.gif http://www.PCGuide.com/ubb/eek.gif

edit:.. "doh" what am I talking about "is it a new pc" ?? yes it is!! (we just got done making it new)... too tired will get to the rest in the am.

------------------
**puff**.. "Put that thing out boy.. the Sheriff's a comin'!!"



[This message has been edited by sea69 (edited 04-05-2001).]

I bought it about 18mos ago.

I did the scan at housecall.com and nothing was detected but it's acting a little "goofy" still. (not sure if it's me)

When I was on-line and tried to refresh this page I got a Fatal Exception error...the blue screen that says to press CTRL/ALT/Delete to restart or "press any key to return to windows.

After I did the Q/R the only thing I did was update McAfee and download Juno (in that order).

I noticed as the Juno files were downloading (not sure when it started though)towards the end you could see the file downloading into the folder and then a little red flash appeared after each file entered the folder.

Did I confuse you yet or does this make sense??

What I'm wondering is, should I do a Q/R again before I reload my files, software, etc.??

didnt confuse me but Why in the world would you get juno???

even netzero is better than juno, I suggest getting rid of juno .... (if you can) its not that easy.... how much ram do you have ??

I really need to go to sleep...

and NO QR is not supposed to be an everyday 'fix-it'.. its the kind of thing that you really don't EVER want to do unless you HAVE to... but I';m really too tired to be coherent..

on second thought, maybe yes- do another QR to get rid of juno.. wait and see what Pete or Randy or one of the others say on this.. I'd like to hear thier opins.



[This message has been edited by sea69 (edited 04-05-2001).]

Yeah, Juno really sucks...it might be the source of your BSOD, and might not though. If you have Netscape on the machine in addition to IE, that's more likely. Been there, done that. My sister finally uninstalled Netscape and IE now works fine, none of the illegal operation errors, lockups, and BSOD's..

Juno could also be causing it, though I think it's less likely. It's hard to tell without removing one thing at a time until the problem goes away. Illegal operation errors, fatal exceptions and general protection faults are actually more often related to bad memory or an application trying to access a memory location already allocated to another application. In most cases they're difficult to pin down.

I've used McAffee for the past 6 years, and have never had any complaints. It seems to work well, and I've had no problems with it. Some people like Norton well too, but the only times I had any dealings with it were on my mother's computer and it gave me trouble. This might have been just bad hair days though, and not actually a problem related to Norton itself. I havent used it enough to form an educated opinion.

As far as any program missing a virus here and there, none of them can find every virus out there every time, there are simply too many, and new ones are written almost daily. Even if you keep the latest DAT files you can get bit the day after updating by a bug that didn't exist when the DAT files were created, so noe nf the antivirus products out there are "bulletproof".

Glad you got the thing running again, this topic turned into a mess, but that's not your fault. I still don't understand Compaq saying to run nayting at all from C drive, if you run fdisk or the restore program directly from the CD ROM, that might be ok, but if I know I have a virus to deal with, I won't even access anything but the floppy, period.

The reason being, soon as you access the drive the virus stores itself on, it's very likely to be able to load itself into memory, and many change the interrupt 12 return so that they stay loaded in memory even after a warm boot. So if you've accessed any drive other than A, the most reliable way to avoid still having problems with a virus is to boot directly to a floppy and not access anything but the floppy, an turn the machine completely off for at least 30 seconds to make sure and clear out the memory. I wouldn't even trust the CD ROM drive, since most require a driver of some kind to work. Unless that driver is loaded from a clean boot disk, I wouldn't touch it with a 10' pole. That's why I would not even think about running fdisk from C:\WINDOWS\COMMAND, even if outside the OS shell...you have to access C drive to do that.

Maybe Compaq's method works, but the bottom line for me is I don't want anything but the floppy to be accessed at all. Any slight chance for anything to run from any other drive I do not trust, period. If it's booted from a known clean floppy I KNOW the virus cannot load, assuming I also know I have shut down and cleared memory beforehand. I do not and will not trust any other method.

For future reference, I found Q82923 (http://support.microsoft.com/support/kb/articles/Q82/9/23.ASP) while researching virus info, it has some very good info for determining whether a boot sector virus is in the system.

------------------
So many idiots, and only six bullets...
Note: Please post your questions on the forums, not in my email.

Computer Information Links (http://www.geocities.com/paleopete/)

Thanks everyone! I may be technically challenged but what you're
saying Pete makes sense.

I will play it by ear and see if I'm still having minor problems,
then if I am I will do a Q/R booting only to A: and get a new
internet provider.

Again, thanks for the help!

Originally posted by Paleo Pete:
This might have been just bad hair days though

Where is BigBlue? He would not have let this slip by without a comment http://www.PCGuide.com/ubb/smile.gif


------------------
reido@my-deja.com

Friends don't let friends install Windows ME

I have known to be mistakin before, however I think- that Pete means only when there is a virus at hand..

Reid- GH & BB were conspicuosly absent throuhout all of this.. heh

------------------
*another 'toaster' bites the dust*

[This message has been edited by sea69 (edited 04-06-2001).]

Sea, I followed the thread, but I'm learning that Compaq's are a "different animal", to phrase it politely. I have no "hands-on" time with them and will probably try to keep my level of experience at zero, especially with Compaq PrettySorryOh's.

------------------
reido@my-deja.com

Friends don't let friends install Windows ME

sea: Yes, I meant only when a virus is involved. Under normal circumstances, booting to a floppy is not necessary, since then you wouldn't have any reason not to want programs on C to be run. But when a virus is involved, nothing on C at all should be run, in fact C should not even be accessed. CIH, for instance, acts on exe files, and stores itself in the boot sector, so that just running a dir command on C drive lets it store itself in memory. I think even changing from A to C would do it, since the first thing the system does is read the boot sector to find out where all the files are. Under normal conditions, this would not be a consideration, accessing C would be safe.

In this case using fdisk, it's an exe file, and would activate CIH if it were on the system. Thus, only booting to and running fdisk from a floppy would clean it out.

------------------
So many idiots, and only six bullets...
Note: Please post your questions on the forums, not in my email.

Computer Information Links (http://www.geocities.com/paleopete/)