Arrogance Punished -OR- The Scourge of thanatoid -OR- I'm "fooqué" (as they say in Montreal)... IOW... HELP!!!

"dadiOH" wrote in
news:ucd4o.77939$AS4.45430@hurricane:

SNIP

If so, a hardware
issue (or BIOS support thereof) may be the underlying
problem.

Both going nuts at the same moment? Pressing both buttons
and random keys by themselves? Impossible. And both work
fine with the other machine (I use a KVM switch).

Also, I restored an Acronis image of C: AND cleared the
CMOS AND the MBR. If any mouse/kbd drivers HAD been
corrupted, that would have fixed it.

It would have also completely eradicated *everything* that
was previously on C:. That means that even if you had
other drives and the "virus" was living on one of them it
could not be started.

Well, I /did/ see a bat file running, I could /not/ kill it with
TaskInfo, it was gone after the reboot, and it MAY have
installed something on any one of the other ten partitions...

OR it's in the MBR or BIOS...

I can NOT accept the suggestion the kbd AND mouse both failed at
the EXACT same time an unknown bat file was running. But I WILL
switch them at the KVM switch as Angus suggested.

I'm thinking you have a hardware problem. Try swapping the
KB & mouse with others.

Since they both work fine in DOS and Hiren's, the only way to
test them would be to boot the "infected-or-not" drive. And I am
afraid to do that since WHO KNOWS what the damn virus is going
to do next. I have 70+ GB's of data on there, including some
irreplaceable stuff I was JUST about to burn to CD's!

"J. P. Gilliver (John)" wrote in
:

Well, my thought too was hardware - especially as it seems
to be happening over such a wide range of OSs.

I am pretty sure the DamnSmallLinux symptoms were a stress-
related hallucination. And dual-boot XP reads several files on
C: so it is not entirely independent.

Then you
mentioned the KVM switch - then I had the same thought as
another poster, that maybe it's in the cabling between the
KVM and the computer in question.

Could be, although then they should NOT work in DOS /nor/ in
Hiren's booting CD.

Have you tried the kbd/mouse directly into that computer
(with the KVM out of the picture altogether)?

Now THERE'S a good suggestion. But the only way to make sure is
to boot into the infected Windows, and if it is NOT a sudden KVM
failure, then I run the risk of letting the virus do whatever it
intends to do next... like wipe all my data... So it's not an
option - although a GREAT idea.

Have you
tried a different k/m (regardless of the fact that the
present one appear to work with another PC), again
connected directly not via KVM? Have you tried - which I'd
never normally suggest - a USB K and/or M?

As above - plus I don't have - nor am I about to buy - a USB
mouse/kbd - and no one I know owns such devices - everyone has
laptops or old machines with rubber mouse balls.

I WILL plug the kbd/mouse directly into THIS computer as well as
switching the inputs on the KVM hub. If THIS computer goes nuts
after either, then it IS the keyboard/mouse failure. I will be
surprised and amazed - but I have been surprised and amazed
before...

Thanks for your help.

On 7/29/2010 19:57, thanatoid wrote:
wrote in
news:ucd4o.77939$AS4.45430@hurricane:

SNIP

If so, a hardware
issue (or BIOS support thereof) may be the underlying
problem.

Both going nuts at the same moment? Pressing both buttons
and random keys by themselves? Impossible. And both work
fine with the other machine (I use a KVM switch).

Also, I restored an Acronis image of C: AND cleared the
CMOS AND the MBR. If any mouse/kbd drivers HAD been
corrupted, that would have fixed it.

Depends on how you restored the MBR. If you did so after running an OS
(or program) booted from the suspect HDD, you can't be sure. The only
way to be sure is to boot from a floppy to clean an infected MBR. Any
malicious MBR loader worth its salt will be able to redirect writes to
the MBR and protect itself.


It would have also completely eradicated *everything* that
was previously on C:. That means that even if you had
other drives and the "virus" was living on one of them it
could not be started.

Well, I /did/ see a bat file running, I could /not/ kill it with
TaskInfo, it was gone after the reboot, and it MAY have
installed something on any one of the other ten partitions...

OR it's in the MBR or BIOS...

I can NOT accept the suggestion the kbd AND mouse both failed at
the EXACT same time an unknown bat file was running. But I WILL
switch them at the KVM switch as Angus suggested.

Doesn't sound likely though the PS/2 controller could have failed.

I'm thinking you have a hardware problem. Try swapping the
KB& mouse with others.

Since they both work fine in DOS and Hiren's, the only way to
test them would be to boot the "infected-or-not" drive

Were those floppy boots?

Assuming you have a standard microsoft MBR and no drive overlays or any
other non-ms boot loader installed, you could try booting from your DOS
boot floppy and running an

fdisk /mbr

That would definitely clean the MBR.

Bill Blanton wrote in
m:

On 7/29/2010 19:57, thanatoid wrote:
wrote in
news:ucd4o.77939$AS4.45430@hurricane:

SNIP

If so, a hardware
issue (or BIOS support thereof) may be the underlying
problem.

Both going nuts at the same moment? Pressing both
buttons and random keys by themselves? Impossible. And
both work fine with the other machine (I use a KVM
switch).

Also, I restored an Acronis image of C: AND cleared the
CMOS AND the MBR. If any mouse/kbd drivers HAD been
corrupted, that would have fixed it.

Depends on how you restored the MBR. If you did so after
running an OS (or program) booted from the suspect HDD, you
can't be sure. The only way to be sure is to boot from a
floppy to clean an infected MBR.

I did boot from floppies, but after I restored the Acronis
image, it booted from C as usual. But I just read the Acronis
PDF and it does NOT store/restore bootsectors. I did not know
that, but I have never been infected before.

Any malicious MBR loader
worth its salt will be able to redirect writes to the MBR
and protect itself.

And possibly intercept the MBR which I /thought/ I just cleaned
or rewrote.

It would have also completely eradicated *everything*
that was previously on C:. That means that even if you
had other drives and the "virus" was living on one of
them it could not be started.

That has not happened. Thankfully, so far the virus is just
annoying - but of course I have NO idea what it might do next.
Maybe nothing, or maybe it will erase the whole HD. So I am not
booting into either 98 or XP.

'fdisk /mbr' has NOT deleted anything on C or lost any other
partitions. It has not done so on the several past occasions
when I used it, either.

Well, I /did/ see a bat file running, I could /not/ kill
it with TaskInfo, it was gone after the reboot, and it MAY
have installed something on any one of the other ten
partitions...

OR it's in the MBR or BIOS...

I can NOT accept the suggestion the kbd AND mouse both
failed at the EXACT same time an unknown bat file was
running. But I WILL switch them at the KVM switch as Angus
suggested.

Doesn't sound likely though the PS/2 controller could have
failed.

I switched the mouse and kbd connectors between the infected
machine and the 166MHz 95B machine I am on now, and the kbd and
mouse are fine. They also work fine in DOS and booting from
Hiren's, and the Acronis restore would have fixed any corrupted
controllers etc.

I'm thinking you have a hardware problem. Try swapping
the KB& mouse with others.

Since they both work fine in DOS and Hiren's, the only way
to test them would be to boot the "infected-or-not" drive

Were those floppy boots?

Both floppy and F5 to go to command line only, then to
XTreeGold, and booting from Hiren's. By now, I have done them
all so many times my brain is turning into a soufflé.

Assuming you have a standard microsoft MBR and no drive
overlays or any other non-ms boot loader installed, you
could try booting from your DOS boot floppy and running an

fdisk /mbr

I have done so, more than once.

That would definitely clean the MBR.

One would think so. But then the BIOS tells me the MBR has
changed and to restore the MBR, I restore it from a boot disk I
made years ago, and the infection persists.

If you are interested/have the time, there is a long "parallel"
thread about this in 24helpdesk.

(I had to multi-post, eternal september will /not/ allow me to
cross-post, I don't know why, it's not in the terms and
conditions. Everyone in alt.comp.virus just plonked me for
multi-posting to FOUR groups! MOST helpful. Sigh.)

Thanks for all your advice. I think I /am/ progressing with
this.

(I did /not/ expect it to get fixed in one evening...)

thanatoid wrote:
"dadiOH" wrote in
news:ucd4o.77939$AS4.45430@hurricane:

SNIP

If so, a hardware
issue (or BIOS support thereof) may be the underlying
problem.

Both going nuts at the same moment? Pressing both buttons
and random keys by themselves? Impossible. And both work
fine with the other machine (I use a KVM switch).

Also, I restored an Acronis image of C: AND cleared the
CMOS AND the MBR. If any mouse/kbd drivers HAD been
corrupted, that would have fixed it.

It would have also completely eradicated *everything* that
was previously on C:. That means that even if you had
other drives and the "virus" was living on one of them it
could not be started.

Well, I /did/ see a bat file running, I could /not/ kill it with
TaskInfo, it was gone after the reboot, and it MAY have
installed something on any one of the other ten partitions...

OR it's in the MBR or BIOS...

You said you redid the MBR. I don't know if a virus can write to the BIOS
so it replaces the bootstrap loader with itself or not but I think you are
pretty safe.

--

dadiOH
____________________________

dadiOH's dandies v3.06...
....a help file of info about MP3s, recording from
LP/cassette and tips & tricks on this and that.
Get it at http://mysite.verizon.net/xico

"dadiOH" wrote in
news:bAG4o.7$gR.3@hurricane:

SNIP

OR it's in the MBR or BIOS...

You said you redid the MBR. I don't know if a virus can
write to the BIOS so it replaces the bootstrap loader with
itself or not but I think you are pretty safe.

Thanks... I wish I did not have to multi-post the OP, and I hate
to suggest you read the *entire* parallel thread in 24hr, but at
this point even if the virus /did/ manage it, I /think/ we are
coming close to a way of getting around it with Mike and Steve's
help.

In message , thanatoid
writes:
[]
OK - hardware is fine. Or DOS/DSL in memory would not run.
(I believe...) Plus, I am using same kbd/mouse with a KVM switch
now - both are fine...
[]
I think it's not _entirely_ true - DOS uses by default the BIOS
parameters for, for example, autorepeat rate and the pause before
autorepeat starts (I think they can be changed by settings in config.sys
and/or autoexec.bat), whereas Windows loads these settings from one of
its config files. And Windows may use a driver, whereas DOS sort of
doesn't (or, if you insist, uses the driver in the firmware).
--
J. P. Gilliver. UMRA: 1960/1985 MB++G.5AL-IS-P--Ch++(p)Ar@T0H+Sh0!:`)DNAf

Veni Vidi Visa [I came, I saw, I did a little shopping] - Mik from S+AS Limited
), 1998

In message , thanatoid
writes:
[]
I did boot from floppies, but after I restored the Acronis
image, it booted from C as usual. But I just read the Acronis
PDF and it does NOT store/restore bootsectors. I did not know
that, but I have never been infected before.

What, that marvellous Acronis doesn't actually back up everything (-:?
[]
I can NOT accept the suggestion the kbd AND mouse both
failed at the EXACT same time an unknown bat file was
running. But I WILL switch them at the KVM switch as Angus
suggested.

Doesn't sound likely though the PS/2 controller could have
failed.

I switched the mouse and kbd connectors between the infected
machine and the 166MHz 95B machine I am on now, and the kbd and
mouse are fine. They also work fine in DOS and booting from
Hiren's, and the Acronis restore would have fixed any corrupted
controllers etc.

Could be the keyboard and mouse connector (usually the same actual
physical structure); coincidentally, see the "Mouse becomes erratic
until i restart =?UTF-8?B?Y29tcHV0ZXLigI8=?=" thread running almost in
parallel with this one!
[]
You'll have to bite the bullet eventually and use the suspect machine,
either with a different keyboard/mouse or the same one directly rather
than via the KVM switch and its cabling. If you're worried about the
virus, if there is one, running amok, you can always restore the whole
disc from that backup you made with that marvellous program ... oh dear.

Actually, as I was writing that, I had the thought that you might try
with a keyboard only, no mouse - an old hand like you can use Windows
using just the keyboard - to possibly eliminate one from the question.
(I'm trying to think whether you can run it without the keyboard: I
_think_ there's an on-screen keyboard in '9x, though to turn it on you'd
have to find the relevant executable and run it, which should still be
possible - _if_ Windows [and DOS before it] will actually start without
a keyboard present, something I've not tried.)
--
J. P. Gilliver. UMRA: 1960/1985 MB++G.5AL-IS-P--Ch++(p)Ar@T0H+Sh0!:`)DNAf

Veni Vidi Visa [I came, I saw, I did a little shopping] - Mik from S+AS Limited
), 1998

thanatoid wrote in
:

Angus Rodgers wrote in
:

SNI
APgain, pardon if silly question, but might the problem not
lie with the connection of the KVM switch to the affected
machine? That would at least explain why both keyboard and
mouse seem to be going haywire simultaneously. Have you
tried interchanging the connections from the KVM switch to
the two machines?

Since you are being nice enough to try to help me, I /will/
try it, but I am pretty sure it will make no difference...

I'll post back after rebooting/switching the connections.

I switched them around in every way possible. Everything is
fine.

"thanatoid" wrote in message
...
Well, it took almost 20 years but it finally happened. It's
amazing what a small batch file (maybe not so small - it has
vaporized... read on) can do.


I'm not fully convinced it has yet happened.

Those bored with my gargantuan posts can just skim over most of
it (please read the SUMMARY paragraphs), but I would really
appreciate specific answers to the four numbered questions, as
well as general advice. (My KF is disabled, so go for it,
denizens of aforementioned ;-)

Using Compaq EVO-D510 SFF. One 80GB HD, one CD burner, a riser
card with two horizontal PCI slots, and ( a post from a
couple of months ago) the Compaq BIOS does not allow for more
than one device per IDE channel, I checked - relevance below.

I was running 98SELite, as always, using Opera, on two or three
sites requiring javascript etc. - otherwise I would have been
using OffByOne and this /probably/ would NOT have happened.

The firewall was on, of course, but the ESET internet
monitor/file monitor were /not/, as I do not believe that is
REALLY necessary - I /may/ have to reconsider that position ;-[

Script sentry was on, but it does nothing with batch files, just
scripts of all kinds. And it works great.

SUMMARY (2 paragraphs)

So, everything was fine, when all of a sudden my mouse and
keyboard became possessed.


Lots of us have suffered a possessed mouse (which could also affect the
keyboard), & it's always been solved with a new mouse. Your case may be
tougher. It could be a problem with the PS/2 socket at the computer.

Basically, it was like the left and right mouse buttons and Ctl
and Alt keys were being randomly activated, FAST.

Does this mean the mouse pointer jumps around, text gets highlighted &
context menus show up on there own? (All I clearly recall in my case
was, erratic mouse cursor back in '06.)

I turned off
the ADSL modem, and ran TaskInfo. There was a batch file in my
temp (either c:\temp or C:\win\temp) directory which was NOT
supposed to be there. It was running. I shut down the machine. I
can't remember the file's exact name, but it was short, 5 or so
letters, no weird numbers or figures.


Some legit apps will occasionally start a DOS app. It could have had to
do with shutting down the ADSL modem. Too bad you can't recall its name,
(but likely I wouldn't recall either in the midst of a crisis).

Boring (yet important if you don't want to ask about stuff I
*already DID*) details:

When I restarted, the same thing was happening. (And it remains
the current situation, although one might say the virus is /less
active/ than it was (as if it had a built-in downward slope).

For me, a restart was a temporary cure that could last days, hours, or
minutes. But in the end - I think - it didn't work at all. I've got that
Compaq Wheelmouse sitting on a window sill behind me. I should try it
again. But I'm very happy with my MS Wheel Mouse Optical -- which was
the real cure for me. This actually has a PS/2 converter attached to its
USB connector. I've never removed that & plugged into a USB port,
though.

But the machine is unusable, plus, while the virus appears
fairly non-malignant, just annoying (ALL user control is NOT
affected, you just have to click and move the mouse a lot - and
fast, to get in between the virus activity bursts) - who knows
what it will do next?

Yep. There would be periods of jumping cursor & periods of calm. But, if
I didn't reboot for the temp cure soon enough, eventually the whole
machine froze.

So far my data appears intact [AOT the
system] but FUD are definitely having a big party at the lair of
thanatoid at the moment.

So after the reboot, I ran TaskInfo again - no batch file
running.


I know I have something -- maybe NetZero -- that will run a batch file
when I do something -- maybe close it down. I'm not sure whether it runs
from TEMP, either. But I definitely have something that does it.

I searched for batch files on the C: drive and only found the
few I wrote myself and have always had. /Nothing new./


It could be a temporary construct, especially as it gets put in TEMP.

I ran Restoration (still the only undelete program that is not
5-20 MB and actually works BETTER than any of /those/),
searching for a bat file, nothing. I thought the file might have
deleted itself after doing whatever it was supposed to do. It
must have, since it is NOWHERE to be found, deleted or present.


I have Restoration too. It's great, but not 100% effective.

I rebooted, deleted the swap file in DOS, and rebooted again.
Virus still active.


A reboot was not always a cure for me, especially at the end.

I thought, OK, I'll reboot to XP - XP should be OK, right? Same
thing. Then I realized XP reads several files on C.

That's my understanding. However, you replaced them along with the Win98
files when you restored the Acronis image (you say below). And it wasn't
a cure. Therefore, nothing in the Win98 partition of can be at fault.

Then I tried
to boot Damn Small Linux into memory, it would not (I /have/
successfully run it in the past).


Elsewhere you say you did get that to boot & it seemed to exhibit the
symptoms to a lesser degree. But you were never really sure (because
you've hardly ever run it) & later decided you never did see the
symptoms. I think there's still a chance you did see them. It could be
Damn Small Linux isn't as vigorous checking for/reading the PS/2
signals. And DOS would be even less so.

I went back to 98, and, since I just happened to update the ESET
NOD32 signatures a couple of hours earlier, I ran it. The virus
seemed to be paused by ESET running, but while ESET scans boot
sectors and all memory, as well as everything else, it found
nothing.

I went back to XP and ran MalwareBytes Anti-Malware (or whatever
it's called - I only see 8.3 names now...) - nothing on either
C: or the XP partition. While running MBAM, virus activity
appeared to pause as well.


That's good nothing has discovered a virus. I guess it's possible these
virus checkers exert a control over the mouse & keyboard (or the PS/2
sockets into which they plug) that prevents signals to self-generate or
to be noticed.

To make a long story a /little/ shorter, I removed the battery,
cleared the CMOS (several times, different hard- and soft-
methods), first restored an old saved MBR, then (when that did
not help) created a new MBR, and finally restored an Acronis
image after moving current C: data to another partition.


I know you had trouble getting BIOS to accept a new MBR. It protects
your MBR. Therefore, I doubt you ever had a boot sector virus. But was
this protection in effect from the start? You've stated elsewhere (here
or at 24hoursupportdesk) it can be turned on/off. Had you turned it off
at some point maybe to do partition work & forgot to turn it back on?
(But I don't know whether it protects just the code in the MBR or the
partition table too).

Anyhow, since you have restored a backup MBR (which I think is all BIOS
would let you do) & you have restored all the files in the Win98
partition -- I can't see how the machine can still have a virus (if it
ever did). Even if it's written in some unused portion of the hard
drive, there's nothing left to load it & transfer control to it.

I should mention that the virus /appears/ inactive in DOS. Well,
who knows - but nothing weird /seems/ to be happening AFAICT.


DOS is surely less vigorous checking the keyboard & especially the
mouse. Have you installed a mouse driver for DOS & run an app that would
use it? You should see a line mentioning it in Autoexec.bat, if so, such
as... C:\Mouse\Mouse.exe.

Well, when the restored Acronis image (which I believe contains
the MBR in the first sector - I am extremely ignorant about some
basics) exhibited exactly the same behavior, I started thinking
WHAT the damn thing could have infected ELSEWHERE than the HD...
Unless it is hidden /somewhere/ and ****s up the MBR every time
I boot - I don't know much about viruses and what they are
capable of.


Either the code portion of the MBR or a file in the partition that boots
(Active partition) would have to initiate the virus. Wait a minute.
There is also a boot sector of the Active partition. But I'm not sure it
has code or just the name of the OS that must load. I think I may have
been told it has code. If so, I'm not sure whether it can be refreshed
separately, whether Acronis replaces it, or whether the partition
actually must be deleted. Sorry. Did Acronis require that the partition
be deleted before it could be replaced? Then, I guess the boot sector
code had to have been replaced.

I tried Damn Small Linux again - this time it DID boot and ran
in memory...

Get ready for this...

Sigh...

DSL /appeared to exhibit/ - although to a CONSIDERABLY smaller
degree - a little of the SAME behavior - a DOS-like window
(whatever they're called in Linux) would highlight some lines of
the window depending on mouse movement, and I /think/ a menu or
two popped up without any clicking on my part. And the mouse
appeared to be malfunctioning. (OTOH, having only ran DSL a
couple of times before, and for a VERY short period of time, and
already being in a somewhat altered state of mind, my perception
/may/ have been mistaken - I don't know.)


Aha. That's where you said it. Especially if menus poped up unbid, the
problem was there. Try it again.

So...

Having never had to deal with this kind of thing before (I got a
virus in a POP email once, but it could not do anything, maybe
because I had all scripting disabled at the time - it was hell
to remove though), I thought the following:

QUESTION 1. It could not have messed up the processor -
first, I do not believe that is /possible/, second, DOS seems to
run fine.


I believe it's impossible. The processor is a circuit board with nothing
that is volatile, I think.

QUESTION 2. AFAIK, the level1 and level2 caches clear upon a
reboot, just like RAM does. I considered whether a batch file
could alter properties of RAM and stay in it ANYWAY, but I do
NOT believe that is possible. Also, there are NO RAM cleaning
utilities on the Hiren's disk which would lead me to believe RAM
is irrelevant as long as one reboots.


That's how I understand it. Normal RAM holds its contents until
over-written with new data or until the machine is turned off, unless
protected by the computer battery. But you said somewhere you removed
that. There is a type of RAM that will hold its contents without
power...
http://en.wikipedia.org/wiki/Non-vol..._access_memory
....but I have no reason to think it comes into play here.

QUESTION 3. Since I wiped the CMOS/BIOS (I still do NOT
understand the difference between them, although some people
have tried to explain to me), and have restored (a few times)
and then /written/ a new MBR, PLUS restored a perfect Acronis C:
image, I have NO idea where this damn thing is living.


I wanted to say nowhere, but I have a suspicion the boot sector of the
Active partition could possibly hold it. Or so I vaguely recall I was
once told, where I always thought that only a name of the OS to load was
there. But how could it be in both the boot sector of your Win98 & your
XP partitions?

I have the option of removing the CD burner, deleting all the
root files on the /current/ booting 80GB drive ("drive Z") using
XTreeGold, putting drive Z on the CD drive's IDE channel, and
putting in my old 40GB ("drive X") on the other - booting - IDE
channel. (I believe I don't have to physically move the Z drive,
just deleting all c:\root files will make the machine boot from
the X drive, but just in case...)

BUT - since what is happening is quite inexplicable, I am afraid
of contaminating my X drive. If the virus /is/ somewhere on the
Z drive, and neither ESET nor AntiMalware can find it, I would
imagine it is quite capable of infecting the X drive even if the
computer boots from the X drive and the virus is somewhere on Z
which one would /think/ would then just contain data - and a
disabled OS (well, two disabled OS's 98SELite and XPSP3).


The only questionable area in my mind is the boot sector, which is an
area in front of each partition. Unless you boot a partition, its boot
sector won't naturally run. You've eliminated the possibility that a
program in the Win98 partition could start it unnaturally, as well as
the possibility that code in the MBR could do it. And booting a new HDD
altogether surly won't do it.

But why not just remove the 80 GB HDD & attach only the 40 GB HDD? What
happens with the mouse & keyboard then? My guess is they will be
erratic. And I think the PS/2 socket at the computer is to blame. But --
if they aren't erratic -- then put the 80 GB HDD back in. Maybe use that
app you've mentioned elsewhere to hide the data partitions for
protection. Boot it. I'll bet it too will be fine. Some things just come
& go on their own.

Further infection /might not happen/ if I just use a LFN utility
in DOS and copy stuff to the other HD, or copy to Flash drives
using a DOS USB driver from Hiren's, but then again it MIGHT.
IOW - ATM I am afraid to put the X drive on the other IDE
channel or use Flash sticks.


I don't think it comes to this. I sure hope it doesn't!

No one likes this kind of stuff, even I am no exception... I am
VERY seriously considering running BeOS/Haiti or some Linux [for
all internet access, but ultimately for everything, possibly]
from a flash stick (fortunately, my BIOS allows booting from a
USB device) but ATM I am not putting /anything/ in the possessed
computer.


I was considering all sorts of alternatives, myself, in my own recent
crisis. Let's hope it doesn't come to that.

[Although - apart from the indignity and misery of being screwed
and humbled in my arrogance - I have really enjoyed being
internet-free for a few days... Do y'all think internet use
might be addictive? ;-#)


Uh-huh. One of the alternatives I considered was giving up the computer
altogether.

(I spent an enjoyable 6 hours destroying a fourth old phone in
two years while trying to fix it. Soldering isn't as easy at 55
as it was at 25... But getting soldering iron /burns/ sure is...
Fortunately I know about the "run for the freezer and press the
burn against something at -18° Celsius" instant cure.)]


Someone I think is going to have to apply a soldering iron to your PS/2
port. Keep that freezer handy. Or, get the MS Wheelmouse Optical & try
it without its PS/2 adapter. You'll never have to clean a ball & rollers
ever again.

But I digress...

I have /heard/ of viruses which resulted in "the entire computer
going in the trash" but I am not ready to accept that - although
I might /have/ to accept it /eventually/.

QUESTION 4:
IF the infected computer /is/ history, and I build a new one and
using a Linux version which can read FAT32 Windows partitions,
copy various standard format data from the infected HD into
Linux - I am risk free, aren't I?


Yea. Someone at the other NG showed the list of 45 filetypes to be wary
of, though, if it comes to this.

I am sorry this was so long but I thought I might as well
provide ALL the information I could think of.

I am writing this on my trusty 1997-built PI 166MHz running 95B
and sending it via a 33.6 modem.


Wow. Impressive.

I will do some Googling and look around some security sites but
I thought I might as well humbly ask for suggestions.


If it is a virus, someone else must have gotten it. It should show up at
one of those sites, then.

IOW...

P L E A S E H E L P!

--
You know, that viruses never really sleep
And that hackers never blink their eyes
And that, you know, cats are the only ones who blush
And that the ****in' web... is just to die
- thanatoid (with /profound/ apologies to Lou Reed)

--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
Should things get worse after this,
PCR