A neighbor's computer was infected by the bloodsucker virus (w32/magistr.B).
According to anti-virus sites, it overwrites the master boot sector with garbage, it uses per-process residency (???) to become memory resident. They obviously had the beast on board for at least a month, because it displayed the ugly message box that is part of the 30 day time period payload - also is supposed to erase cmos data, flash memory (Bios eeprom) (???), and erase HD.
I am able to boot it from a start up disk that I made on my win98 machine. (They have a compaq 7470 win98). I have tried all 3 choices on menu, have meticulously followed the Read-Me from the start up disk - printed it out so I could follow it exactly. I have also printed out and followed microsoft's Q255867 - How to use Fdisk Tool & Format Tool.
I got lots of "bad or missing command interpreter, enter name of command interpreter (C:\windows\command.com) errors, and followed instructions to type sys c: at prompt, but this never solved problems. Lots of bad commands.
I get repeated errors - too many to write out here, corresponding to my commands I type.
It could not create a temp drive for diagnostic tools - Then says diagnostic tools were successfully loaded to drive.
At a prompt, typing sys:c results in 'bad command or file name'
When I try to extract ebd.cab, I am told that it is corrupted. I have made a couple of start up disks from my compaq, all get corrupt messages.
When I finally get fdisk to run, it tells me disk is already partitioned. I WANT TO RE-DO IT to erase everything and start anew.
I ran format C: /s, get bad command or file name, even after being told i finally got ebd.cab extracted.
Several times, floppy gave me a write protected error, so I un-write proteched one of the boot floppies, and it appeared that it may have written to them, possibly corrupting files????
This may sound disorganized, but I can't re-type an hours worth of commnads.
When running compaq quick restore disks, the first time, it was all screwed up, registry trashed, and explorer was corrupt. I tried fdisk and format again. Next time trying to run quick restore disks, get an error, and compaq's web site has a solution that just doesn't work in this situation.
Back when my compaq was under warranty, I ran thru 2 quick restores with tech dude on phone, and no problem. I kept detailed notes on fdisk & formatting that they had me do, before running QR, but the exact sequence just didn't work here.
Is it possible that the virus screwed up the computer so bad that basic commands like fdisk & format do not work?
If he takes it to a professional computer repair tech (as opposed to me, the friendly neighbor next door that everyone comes to for their tech support), what would he do in this situation - and is it something that I can do and save this neighbor some $$$.
We have the QR disks, just cant get them to work.
I know this is somewhat non-specific, but details would be just too lengthly. Any, ANY, help is appreciated.😕
According to anti-virus sites, it overwrites the master boot sector with garbage, it uses per-process residency (???) to become memory resident. They obviously had the beast on board for at least a month, because it displayed the ugly message box that is part of the 30 day time period payload - also is supposed to erase cmos data, flash memory (Bios eeprom) (???), and erase HD.
I am able to boot it from a start up disk that I made on my win98 machine. (They have a compaq 7470 win98). I have tried all 3 choices on menu, have meticulously followed the Read-Me from the start up disk - printed it out so I could follow it exactly. I have also printed out and followed microsoft's Q255867 - How to use Fdisk Tool & Format Tool.
I got lots of "bad or missing command interpreter, enter name of command interpreter (C:\windows\command.com) errors, and followed instructions to type sys c: at prompt, but this never solved problems. Lots of bad commands.
I get repeated errors - too many to write out here, corresponding to my commands I type.
It could not create a temp drive for diagnostic tools - Then says diagnostic tools were successfully loaded to drive.
At a prompt, typing sys:c results in 'bad command or file name'
When I try to extract ebd.cab, I am told that it is corrupted. I have made a couple of start up disks from my compaq, all get corrupt messages.
When I finally get fdisk to run, it tells me disk is already partitioned. I WANT TO RE-DO IT to erase everything and start anew.
I ran format C: /s, get bad command or file name, even after being told i finally got ebd.cab extracted.
Several times, floppy gave me a write protected error, so I un-write proteched one of the boot floppies, and it appeared that it may have written to them, possibly corrupting files????
This may sound disorganized, but I can't re-type an hours worth of commnads.
When running compaq quick restore disks, the first time, it was all screwed up, registry trashed, and explorer was corrupt. I tried fdisk and format again. Next time trying to run quick restore disks, get an error, and compaq's web site has a solution that just doesn't work in this situation.
Back when my compaq was under warranty, I ran thru 2 quick restores with tech dude on phone, and no problem. I kept detailed notes on fdisk & formatting that they had me do, before running QR, but the exact sequence just didn't work here.
Is it possible that the virus screwed up the computer so bad that basic commands like fdisk & format do not work?
If he takes it to a professional computer repair tech (as opposed to me, the friendly neighbor next door that everyone comes to for their tech support), what would he do in this situation - and is it something that I can do and save this neighbor some $$$.
We have the QR disks, just cant get them to work.
I know this is somewhat non-specific, but details would be just too lengthly. Any, ANY, help is appreciated.😕
