COLELA@SNYPLAVA.BITNET (L. ANNE COLE) (06/06/89)
Hello Everybody:
At the end of last semester I ran into a recurring "degradation"
in my students' software (dbase iii+) diskettes (maybe 5 of 40). Things
we so hectic (my first year here), that I just had them go get new copies
(boo). So I didn't get a copy of the problem disks. As I started to
recover after finals, I got to thinking... Here is what we saw. Whenever
they tried to get a print screen while in dbiii+, the printer went crazy,
started spewing out garbage, and had to be reset (powered down and back)
before the next job could be run. We were doing joins - might have some-
thing to do with that (but that wouldn't explain the other 35 or so).
Another wierdness (or maybe not). If you are (BY THE WAY, WE
ARE TALKING ABOUT IBM CLONES) booting up from a bootable diskette (not a
full DOS disk) with no config.sys file, does it get the files and buffers
limits from the dos disk that originally made the bootable disk? It
must, obviously. Where does it keep this stuff? (I'm digging into dos
and masm this summer, I hope this is not too stupid a question.) I think
this is unrelated to the above problem - maybe not.
Finally, I just heard a rumor, myth, . . . Supposedly,
someone read this somewhere. Is it possible that the software
packagers are spreading viruses to their competition (for obvious
reasons). "Hi, I'm a virus, are you a database? Are you my database?
CRUNCH." Sounds rather strange, but...
Thanks people,
L. Anne Cole
Asst.Prof. Computer Science Dept.
SUNY Plattsburgh
Plattsburgh, NYCHESS@YKTVMV.BITNET (David M. Chess) (06/08/89)
> If you are... booting up from a bootable diskette (not a full DOS > disk) with no config.sys file, does it get the files and buffers > limits from the dos disk that originally made the bootable disk? No, when you boot from any disk without a CONFIG.SYS on it, DOS just takes the defaults for files and buffers. The defaults have varied with DOS version, I think. In 3.3, I believe the defaults were FILES=8 and BUFFERS=2, 3, 5, 10 or 15 (depending on diskette drives installed and memory size). See the DOS manual for details. DC
joes@scarecrow.csee.Lehigh.EDU (Joe Sieczkowski) (06/09/89)
> Another wierdness (or maybe not). If you are (BY THE WAY, WE >ARE TALKING ABOUT IBM CLONES) booting up from a bootable diskette (not a >full DOS disk) with no config.sys file, does it get the files and buffers >limits from the dos disk that originally made the bootable disk? If there is no config.sys file on a bootable disk, DOS just uses the default buffer and file sizes which are quite small. It does not keep them from the original DOS disk that made it bootable. Dbase requires a minimium file and buffer size in order for it to run properly. Every bootable Dbase disk should have a config.sys file on it to meet these requirements. This might have been the cause of your problem. Joe
MANAGER@JHUIGF.BITNET (System Manager) (09/20/89)
I recieved this from Info-VAX today. I think it may be of interest.
Damian Hammontree
System Programmer, Johns Hopkins School of Medicine
MANAGER@JHUIGF.BITNET
Message follows:
Comments: From IVERS@CMR.MFENET on 19-SEP-1989 23:36:02.73 EDT
Comments: To: info-vax@kl.sri.com
On Monday morning, our users (including the system manager) were
surprised to find that they could no longer log in to our VAX 11/750
(VMS V4.5). Coincidentally, one user reported the appearance of
several files in his directory with names like WARNING., VIRUS., and
ATTACK.. He thought it was a joke and said nothing at the time the
files appeared.
The system was booted with UAFALTERNATE =1. It appeared that
SYSUAF.DAT was intact, but the passwords were no longer valid. A
SYSUAF.DAT file was restored from a backup set and new passwords were
issued. The problem is that now when more than 2 users attempt to use
the system, a message of the type LICENSED NUMBER OF SYSTEM USERS
EXCEEDED appears.
As for the "virus" files - all that remains are subdirectories of
names similar to the files reportedly seen by the user (one of them is
called [.DEADLY-VIRUS]).
Any ideas as to the cause or cure of the LICENCED NUMBER OF...
problem, or insight into the nature of the "virus" would be
appreciated.
Thanks in advance,
Tom Ivers (system manager)
Columbia U. Plasma Physics Lab
Internet: IVERS@CUPLVX.APNE.COLUMBIA.EDU
MFEnet: IVERS@CMRST401834@BROWNVM.BITNET (Tulshi Saha, Brown University) (08/11/90)
Recently when I turned on my portable (AT compatable) computer, it was
giving BIOS error. Since I know a little about computer, I reformatted
the hard drive and installed dos. Now, machine is booting from
harddrive. Since, I am suspicious about viruses, I used "Scan" (by
McAfee) program but it could not detect any viruses in the memory.
Another program VACINE also could not detect any thing in IBMBIO.COM
and IBMDOS.COM. Then I used FLU_SHOT+ program (using FCP command). It
giving me the following messesages:
Bad Checksum on C:\COMMAND.COM
Actual Checksum is 44717
(Press any key to continue)
Bad Checksum on C:\IBMBIO.COM
Actual Checksum is 02147
Bad Checksum on C:\IBMDOS.COM
Actual Checksum is 54378
(Press any key to continue)
Again I tried the SCANRES program from SCAN which give me now the
following messages:
? Warning! TSR request from an unregistered program!
Number of paragraphs of memory (in decimal) are : 01258
I would appreciate if any one can help me to find out how to disinfect
this. Thank you for your kind attention.
Tulshi Saha
Brown University
(401)-863-3459
<ST401834@BROWNVM>glenn@sirius.econ.uga.edu (Glenn F. Leavell) (08/14/90)
In Virus-L V3 #141, Tulshi Saha writes: >Recently when I turned on my portable (AT compatable) computer, it was >giving BIOS error. Since I know a little about computer, I reformatted >the hard drive and installed dos. Now, machine is booting from >harddrive. Since, I am suspicious about viruses, I used "Scan" (by >McAfee) program but it could not detect any viruses in the memory. >Another program VACINE also could not detect any thing in IBMBIO.COM >and IBMDOS.COM. This indicates that there is a very strong chance that no virus exists on your hard drive. >Then I used FLU_SHOT+ program (using FCP command). It >giving me the following messesages: > Bad Checksum on C:\COMMAND.COM > Actual Checksum is 44717 > (Press any key to continue) > Bad Checksum on C:\IBMBIO.COM > Actual Checksum is 02147 > Bad Checksum on C:\IBMDOS.COM > Actual Checksum is 54378 > (Press any key to continue) If you don't give FLU_SHOT+ the correct checksums when you install it, you will get these errors. As a matter of fact, this is how you first determine what the correct checksums are. >Again I tried the SCANRES program from SCAN which give me now the >following messages: > ? Warning! TSR request from an unregistered program! > Number of paragraphs of memory (in decimal) are : 01258 >I would appreciate if any one can help me to find out how to disinfect >this. Thank you for your kind attention. Now that FLUSHOT+ is running TSR in your system, it will report any TSR requests that are unregistered. It seems that you have not registered SCANRES, so when you tried to run it, you got this error. I hope this helps, Glenn Leavell +---------------------------------------------------------------------------+ | Glenn F. Leavell | Internet: glenn@rigel.econ.uga.edu | | Systems Administrator | Phone: 404-542-3488 | | Economics Department |------------------------------------| | University of Georgia | | | Athens, GA 30602 | | +---------------------------------------------------------------------------+
evans@aplcen.apl.jhu.edu (R. B. Evans) (06/12/91)
I have a Packard Bell 286 with the following problem: Every once in a while (50-300 characters typed) a character typed at the keyboard doesn't seem to *make-it* to the PC, and instead produces an audible beep. In addition, the keyboard occasionally shifts into a mode where the SHIFT key is being held down, (types !@# instead of 123), but the shift key has not been hit, so is not physically sticking. Packard Bell Technical Support has been unable to fix the problem. They have replaced three keyboards, two motherboards, and one power supply in their *troubleshooting* efforts. With all this hardware replaced, I suspect a possible virus, but Scan V77 shows no viruses found. If anyone has any ideas as to how to fix this annoying problem, please E-mail me your suggestions/ideas. Thanks in advance, Robert Evans evans@aplcen.apl.jhu.edu