7340P@NAVPGS.BITNET (robert c. morales) (06/14/91)
I have a Packard Bell with an 80386X-16 Mhz CPU. It runs on MS-DOS 4.01 and a Dosshell 4.0. Everytime I do work on the computer (word processing, networking, games, etc.) DOS seems to create (on its own) a file, named numerically or alpha-numerically but in a random fashion, of about 15K in size (with a range of from 7K to 17K). When you try to view the file (which incidentally sits among the DOS files), you can make out that it is bits and pieces of what is on the hard drive. Initially, it has not affected any other program on the hard drive. However, two days ago, the DOS files appeared to have replicated themselves with such names as EDLIN._OM and AUTOEXEC._AT, all of which were 77 bytes in size with the same dates and times. This necessitated reformatting the hard drive. Also, the Dosshell was removed from the AUTOEXEC.BAT. Right now, the problem seems to have been corrected, whatever it was. Is anybody familiar with this problem? Most other resource people I I have consulted about this have indicated that they have only heard about this on Packard Bell computers. Any tips? Robert Morales 7340p@navpgs 7340p@cc.nps.navy.mil
p1@arkham.wimsey.bc.ca (Rob Slade) (06/18/91)
7340P@NAVPGS.BITNET (robert c. morales) writes: > replicated themselves with such names as EDLIN._OM and AUTOEXEC._AT, > all of which were 77 bytes in size with the same dates and times. This > necessitated reformatting the hard drive. Also, the Dosshell was Ouch. I don't want to take any guesses as to your approximately 15K file, but I would venture that someone has been wandering around your office with a copy of Norton Antivirus, right? The 77 byte files are the "file signatures" that it uses to detect changes in infected programs. ============= Vancouver p1@arkham.wimsey.bc.ca | "If you do buy a Institute for Robert_Slade@mtsg.sfu.ca | computer, don't Research into (SUZY) INtegrity | turn it on." User Canada V7K 2G6 | Richards' 2nd Law Security | of Data Security