PDA

View Full Version : I've been had!



Chiefdreams
10th Sep 2002, 14:16
Yesterday I downloaded an FM....."Trial By Night"
I opened it with Darkloader and discovered that it was a Thief 1 FM.
So I had to istall TDP. After the instalation I watched helplessly as all programs with shortcut icons on my desktop started disappearing. Then the icon for Internet Explorer winked out followed by Outlook express. Then Microsoft Word, Rambooster, WSTP Pro, ACDSEE, ICQ, Winzip, AddAware, and a few others. Not only the shortcuts but the intire programs. As an example, iexplorer.exe no longer existed. I thought, "Norton Systemworks, wake up, do something!" I then rebooted to stop the carnage and when I rebooted I got the error...."A system INI file is missing...System works .386 blah bla blah....Dang! Norton got it's but kicked. I had to reinstall windows 3 times before it was fixed and then reinstall all of the missing programs. I ran Norton antivirus but it detected nothing! Is there an evil creature still running freely in my computer?

Hawklette
10th Sep 2002, 15:10
This is scary!! I always felt safe downloading FM's and I also have Norton. Please let us know if you find it was the FM.:eek:

yubetcha
10th Sep 2002, 15:45
I heard Bill Gates say once that any program has the potential to damage a computer. :). But I'm sure that it's not the FM. I have this one also, and have played it, and I'm sure that many others have as well. It's been out for quite some time. I don't see how an FM could affect one computer this way....especially if at least one other computer wasn't affected the same way, after all of the people who have played it. I don't know what could have, though. The only thing I can think of is a virus. Have you tried installing Thief 1 again? If so, what was the result?

Speedy[143]
10th Sep 2002, 17:27
Just so you know I played Trial By Night a couple months ago, 7/6/02 to be exact, and didn't have any problems... I use Norton as well.. sounds weird to me:(

XXXOOO
Speedy

theBlackman
10th Sep 2002, 18:39
From where did you download it. Copies that the others used were probably DL'd a while ago.

It is remotely possible that the copy you got was changed by someone to include a virus.

It is also possible that some other program or file you received or DL'd was a time activated virus.

If you are running clean at the moment you may be OK, or if it is like the Michealangelo, you may suffer the same in another 9 to 12 months.

Norton does not catch everything, as good as it is. There are a couple of other V catchers that have been mentioned in the last few months (I think one by GumDrop) that have picked up some Viri that Norton missed.

You also might check for a V checker that will read ZIP files for Viri.

I sincerely hope not.

And don't let 9/11 cause you any concern. You have a better chance of being "eaten" by a semi-truck while enroute to the grocery.

Vanguard
10th Sep 2002, 18:49
Darkloader won't extract .exe or .dll files from .zip FM files. This was a safety precaution. A DLL file can execute just by loading it; a "DLLmain" function will execute, if defined, when the DLL gets loaded into memory - and DLLs can make system calls. Check the .zip file to ensure that it has no .exe or .dll files in it.

It's more likely that you had a trojan sitting in wait until some files got "jarred" which triggered it to run. Or something you leave running in the background corrupted the file system. Or your disk is going bad (i.e., its retentivity on the bits is going soft, the head banged the disk platter(s), or its spindle is starting to sieze with friction which varies its rotational speed which usually means the drive is getting really hot). I don't like RAM booster type of products since their memory image can get out of sync with the cache for the hard drive. It could also be that you already had some file system corruption and the install simply caused the OS not to ignore the defects anymore. You should periodically run Disk Doctor or CHKDSK /F on your drives. In fact, for Windows 9x-ME, I put in a line in the AUTOEXEC.BAT to always run the DOS-mode version of Disk Doctor (you can easily cancel it if you want to skip it on bootup). In Windows NT-2K-XP, I scheduled a SpeedDisk to defrag the drives but it will also do a disk integrity check before it starts defragmenting.

Norton Systemworks doesn't run anything unless you ask for it. Do NOT let it leave System Doctor running. This puppy can at times suck up a lot of CPU. It by default also includes threshold disk defragging whereas I prefer to schedule a defrag event in Task Scheduler and which also doesn't run unless my machine has been idle for 20 minutes (I don't want it defragging and slowing down the machine while I'm trying to use it). There is also a bug in System Doctor in that having it running while installing a program can result in LOTS of zero-byte .inf files.

When installing software, and after scanning it for viruses unless you trust the source, be sure to unload System Doctor and disable any antivirus software. Symantec has always recommended that you kill System Doctor and disable Norton Antivirus when installing new software. Then reenable the antivirus software after the install (and scrap System Doctor; all that monitoring is just eye candy that you don't need).

And it's about time you thoroughly analyze what you leave running in the background (i.e., what you load on startup) to see what you REALLY need, that it is all updated, and that it actually provides some real benefit versus its risk.

Zaccheus
12th Sep 2002, 12:29
Chiefdreams, sounds like something did a "deep delete", also known as "delete *.*" including folders/directories.

Some software will clean itself up by deleting everything in a certain folder (like a temp folder), but if the folder name is blank for any reason, it will delete your whole harddrive by mistake.

When you say, "after installation", what exactly do you mean?