Hey Gang,

I'm getting an error message when I try to run McAfee Firstaid 2000. It says "fap32.exe is not a valid win32 application."

I am using Roxio GoBack 3. I am able to recover the file to its original size, 20kb. However before I revert the file it is 640kb. When I revert it to the 20kb size it works.

Question: Do I have a virus? I've never come across this problem before and I've been using FirstAid for years. I've also scrubbed and bootscanned my computer. I am using AVG 7.0 paid version. ;)

Win98SE OS

Thanks,
Orangeman

Hey Gang,

I'm getting an error message when I try to run McAfee Firstaid 2000. It says "fap32.exe is not a valid win32 application."

I am using Roxio GoBack 3. I am able to recover the file to its original size, 20kb. However before I revert the file it is 640kb. When I revert it to the 20kb size it works.

Question: Do I have a virus? I've never come across this problem before and I've been using FirstAid for years. I've also scrubbed and bootscanned my computer. I am using AVG 7.0 paid version. ;)

Win98SE OS

Thanks,
Orangeman

Sounds like you may have the Klez virus. I would go Trenmicro.com and do a house call as an extra precaution and make sure. If it does not show any virus, it may be corrupted files. Do an uninstall and then reinstall. Good luck. ;)

Sounds like you may have the Klez virus. I would go Trenmicro.com and do a house call as an extra precaution and make sure. If it does not show any virus, it may be corrupted files. Do an uninstall and then reinstall. Good luck. ;)

Thanks Zonie,

I appreciate the help,

Orangeman ;)

That was a good tip Zonie.

I checked out my AV's website, AVG Antiviurs. They said to eliminate the Klez in SAFE MODE. When I did this I discovered not Klez, but the Mapson.A virus as well as the BackDoor.Delf Trojan dialer.

I had a hell of a time getting rid of it. I had 19 instances of the Mapson. When I tried to reboot I couldn't, because my System.ini file was eaten away. I tried to reinstall Windows but couldn't because the virus had eaten away at my Partition Table too.

Luckily I made an AVG rescue disk and restored the system files, hence I am able to write this now.

My only problem is now; can I use Roxio 3 backup because it may also have a virus backed-up, or do I have to start over again with it as well. I think I just answered my own question.

Thanks again Zonie,

Orangeman :grin:

Sorry to hear it was the Mapson virus. Bad thing it is. I was happy to help you out a little. Hopefully it won't take too much to get back to normal.

That was a good tip Zonie.

I checked out my AV's website, AVG Antiviurs. They said to eliminate the Klez in SAFE MODE. When I did this I discovered not Klez, but the Mapson.A virus as well as the BackDoor.Delf Trojan dialer.

I had a hell of a time getting rid of it. I had 19 instances of the Mapson. When I tried to reboot I couldn't, because my System.ini file was eaten away. I tried to reinstall Windows but couldn't because the virus had eaten away at my Partition Table too.

Luckily I made an AVG rescue disk and restored the system files, hence I am able to write this now.

My only problem is now; can I use Roxio 3 backup because it may also have a virus backed-up, or do I have to start over again with it as well. I think I just answered my own question.

Thanks again Zonie,

Orangeman images/smilies/lach.gif How did AVG let in all that viral activity in the first place? Do you keep it up to date orange? Geesh, these aren't even new viruses!
http://securityresponse.symantec.com/avcenter/venc/data/w32.mapson.worm.html
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.delf.cli.html
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.delf.html
And, they are not supposed to do as much damage as you state. Unless someone did hack your system. Of course there are several variants, but none seem to do the damage that you claim. System.ini and Partition table? I can't see it. So, what I would like to know from you: do you think AVG is a good AV program now, or what?

HI Trip,

Actually it was Mapson.A. I wound up having to use a mapson remover from Panda to finally remove it. AVG was just overwhelmed. There were over a hundred instances of the thing before it was finally diagnosed.

The problem I faced was that it was only detected in Safe Mode. Normal Mode was well, 'normal.' It wasn't detected.

Is AVG as good as they say it was? Well My AVG is updated almost every day and NEVER turned off.

I have my doubts. I had to download a mapson remover from Panda in order to get rid of it. Luckily I had a backup from Norton Ghost I got for Christmas so I wasn't too bad off.

I'm stuck with it for two years unless I chuck it and decide to go back to Norton.

Here's some more info on Mapson:

http://securityresponse.symantec.com/avcenter/venc/data/w32.mapson.worm.html#threatassessment

Orangeman :eek2:

HI Trip,

Actually it was Mapson.A. I wound up having to use a mapson remover from Panda to finally remove it. AVG was just overwhelmed. There were over a hundred instances of the thing before it was finally diagnosed.

The problem I faced was that it was only detected in Safe Mode. Normal Mode was well, 'normal.' It wasn't detected.

Is AVG as good as they say it was? Well My AVG is updated almost every day and NEVER turned off.

I have my doubts. I had to download a mapson remover from Panda in order to get rid of it. Luckily I had a backup from Norton Ghost I got for Christmas so I wasn't too bad off.

I'm stuck with it for two years unless I chuck it and decide to go back to Norton.

Here's some more info on Mapson:

http://securityresponse.symantec.com/avcenter/venc/data/w32.mapson.worm.html#threatassessment

Orangeman :eek2:Well you should have your doubts: that is/was horrible performance by a Virus Protection App. And yours is the pro version, right? How do you suspect that this particular virus effected your partition table and *.ini files? It's NOT supposed to: damage is supposed to be minimal!!! Do you use Kazaa or any of the other offendiing programs? If so, you've seen many references to Spybot and Adaware here, so I'd suggest running them as well. Is everything now alright? Hope so. Glad you had a backup/ghost image anyway.http://forums.windrivers.com/images/smilies/thumbs.gif

Well you should have your doubts: that is/was horrible performance by a Virus Protection App. And yours is the pro version, right? How do you suspect that this particular virus effected your partition table and *.ini files? It's NOT supposed to: damage is supposed to be minimal!!! Do you use Kazaa or any of the other offendiing programs? If so, you've seen many references to Spybot and Adaware here, so I'd suggest running them as well. Is everything now alright? Hope so. Glad you had a backup/ghost image anyway.http://forums.windrivers.com/images/smilies/thumbs.gif


Thanks Trip,

Yes, everything seems to be going well, except I can't get the old HD to work.

Orangeman ;)

Thanks Trip,

Yes, everything seems to be going well, except I can't get the old HD to work.

Orangeman ;)Yeah, just noticed: and added to the discussion.

A note on AVG : check that 'use heuristics' button ... much better ! :)

AVG also seems 'bad' on multiple user systems (so those with user accounts) make sure that originally you install it as 'THE administrator' not from an account that has administrator privaleges .. the sure way is to install it in safe mode, using the administrator account that 'only' lives there, this is more likely windows getting confus-ed over permissions than it being 'strictly' AVGs 'fault', many applications display this 'weakness' - profiling is something Uncle Bill seems to have yet to master 'completely' ;) - I appreciate this is 98 so the idea of permissions doesn't often appear, but profiling is pretty inter-related.

You want to think very carefully about Goback ... its horrible to start with, but there are 'net whispers' about it 'somehow' impinging on Anti-virus stuff ... & as for AVG itself if you ask me the 'free' version (6) is better than 7.0 ;) - put it this way if I'm paying ... then I'm not paying them !

Actually I like GoBack. It allows me to recover the system to when it worked. It also allows me to recover individual files to when they were at a safe state.

They do state that when you have a virus to disable it, otherwise the virus may become part of the 'recovery'

I wonder if they can detect viruses in GoBack?

Thanks,
Orangeman