Interesting, possible malware-caused problems scanning a Win ME system

Discussion in 'Trojan Defence Suite' started by Tuulilapsi, Dec 16, 2003.

Thread Status:
Not open for further replies.
  1. Tuulilapsi

    Tuulilapsi Registered Member

    Joined:
    Dec 8, 2002
    Posts:
    53
    That Bigmem.drv looks a bit mysterious, but it appears to an age-old file - Microsoft BIGMEM Virtual Device, it says. I know I've seen that one before on my own systems, and it should probably be a legit file. AVGBASE.VXD looks like the Win 9x guard for H+BEDV's AV, which she apparently had installed at some point. That should probably die. Then there's the Microsoft RMM Virtual Device of RMM.PDR. Not at all sure what that is, but the creation and modify dates look good. And it is mentioned in the Win ME folder listing at MS Knowledge Base. Those two under the VMM32 folder would appear legit as well, at first glance.
     
  2. Andreas1

    Andreas1 Security Expert

    Joined:
    Jan 29, 2003
    Posts:
    367
    Location:
    Mainz (Ger)
    :doubt:
    Then I'll be back when I have more ideas - run out of ideas for now.
    Thanks for checking the above out, tho. Maybe someone else sees something significant in it.

    Andreas
     
  3. Bowserman

    Bowserman Infrequent Poster

    Joined:
    Apr 15, 2003
    Posts:
    510
    Location:
    South Australia
    You could also try downloading and running Microsofts Memory Diagnostic tool from here in the meantime.
    Let it run between 3 and 5 passes and record any errors........it might just find something :).

    Regards,
    Jade.
     
  4. Tuulilapsi

    Tuulilapsi Registered Member

    Joined:
    Dec 8, 2002
    Posts:
    53
    Thanks Bowserman, going to have to try that tomorrow, because I'm about to go see the Return of the King. :)
     
  5. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    I'm thinking to old wires on the computer, i mean the wire plugged to the hardrive and to the moterboard.
    In the past, i had one which was to much bent and when i wanted to copy some data from a hardrive to another my comp freezed.
    After buying another one more long (to avoid to bent it) all works fine.

    May be it could be your pb, or a bad memory as Gavin said.
     
  6. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Did you also look at the required system files at the DCS site? With the install of an age-old game something more recent might have been overwritten?

    Are you familiar with faber toys?
    www.faberbox.com in which you have immediately the files per running program with their version numbers etc at hand, so you can get that free gem, click the dependencies and move with that thing at hand to the TDS files page and compare what is mentioned in the fastest way.
    http://www.diamondcs.com.au/tds/index.php?page=files while you can grab the files you might need immediately from that page.
     
  7. Tuulilapsi

    Tuulilapsi Registered Member

    Joined:
    Dec 8, 2002
    Posts:
    53
    Yea, I've gone through the system files too, nothing missing there (at least nothing on that TDS required system files list). And it's not a TDS-specific problem, so I (hope) it's not some dll-hell issue. Oh, how I love thee, Windows. ;)

    Ran 4 passes of Windows Memory Diagnostic before I got tired of watching the screen - no errors were reported.

    Gavin mailed me (thanks, Gavin) reporting the VxDs are clean.

    As for old wiring, gkweb, the system is only 16 months old or so. But well, one never knows...
     
  8. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Make sure everything is well connected and pressed firmly in it's place. A bad connected card or other item can cause lots of problems, harm even. This kind of things can happen in new systems too.

    And isn't there a possibility to have the memory checked in the shop where it came from?
     
  9. Andreas1

    Andreas1 Security Expert

    Joined:
    Jan 29, 2003
    Posts:
    367
    Location:
    Mainz (Ger)
    There is still one possibility, which Gavin pointed out earlier in this thread:

    :rolleyes:

    Andreas
     
  10. Tuulilapsi

    Tuulilapsi Registered Member

    Joined:
    Dec 8, 2002
    Posts:
    53
    That's probably the case. *sigh* I'm going to have to teach her Mandrake. Maybe that'd actually work. ;)
     
  11. DolfTraanberg

    DolfTraanberg Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    676
    Location:
    Amsterdam
    TDS won't run on this :doubt:
     
  12. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Windows 98 doesn't seem to mind being reinstalled over itself :) The registry remains overly bloated depending on how much has been installed/uninstalled, but this replaces files and can restore smooth running :)

    I guess on the RAM side you could reduce the amount of memory in the hope that 1 of the pieces of memory is OK and 1 isnt ? assuming you have more than 1 that is :)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.