There seems to be a virus on my computer, and from what I've seen, it seems to be very damaging and evasive. It's damaging because the only reason I knew I had it was that it shut off my computer, moreso, when I restarted it, it refused to run windows. Here's where the evasive part comes in, I've tried formatting the hard drive and removing/ re-creating partitions, and nothing seems to work, I get to the point just after the windows loading screen and it says:




While initiating device IOS: Error: An I/O subsystem driver failed to load either a file in the .iosvbsys subdirectory is corrupt or the system is low on memory.




Any ideas on what I should do?http://www.sparkimg.com/emoticons/confused.gif

Hi Zer0 and welcome to cth.

Is the infected version of windows still installed on your comp or is it deleted?

I did suceed in formatting the computer, and use of the "dir" command confirms that windows is no more. The problem is still there however, and when I attempt to relaod windows, I get through the installation but then when it's loading (the scren w/ the clouds) it stops and gives me the error message. Obviously, my assumption now is that the virus resides somewhere out of windows and so-far I have been unable to find it.

Alright, I've done some research, and it would seem that i've identified the culprit, or at least it's type. It would seem to be a TSR virus that can hide in my RAM to escape deletion, a biproduct of hiding in my RAM is that it uses it all up (Or at least a large portion of it) to sustain itself, making it impossible to run windows. The only thing my reacherch didn't provide me with is a way to get rid of this pesky virus. My idea now is to physicaly disconnect by hd from my RAM cards and turn on the pc, severing the virus from the hard drive. This only raises furthur questions such as; Will the RAM remain contamanited? And is this an advisable, or even possible procedure at all? Again, this option is only a thought, and rest assured that I won't try it untill it's function is confirmed. Any assistance in this matter would be greatly appreciated

Hi Zer0,

Welcome to CTH.

Your error is usually associated with installation of OS....... is it win 95/98/98SE/Me, and sometimes with CPU specifications.

You need to know what CPU, ( make, model, speed) and also what RAM you have .

As you didn`t supply details, I can only guess.

Some possible solutions here:
http://www.computerhope.com/issues/ch000359.htm

Cheers

OS= Win/98
RAM= 256MB
Processor= 2.8GHz Celeron
It's a Compaq Presario S 6000NX
I realize that there are implications regarding running win/98 w/ a faster processor, but this is not the first time I have formatted the hd w/ win 98 and it always used to at least lets me run safe mode.
Btw: I tried changing the names of config.sys and autoexec.bat with little in the way of results; Although I was able to change config.sys, I couldn't find autoexec.bat. The results of this change where just that it took a little longer (actually seemed about twice as long) for windows to display the error message after trying to load itself.
Thanks for your help, and I appoligize for not providing my system data earlier.

Hi Zer0,
I moved this up to 98 forum,
You will get better advice there than from me :)
Cheers

My idea now is to physicaly disconnect by hd from my RAM cards and turn on the pc, severing the virus from the hard drive. NAW...

Memory and hard drive have nothing in common when it comes to a virus.

What is the name of the virus you found?

What is a memory resident virus? Quite simply this is a virus which installs code in memory which infects future programs. In order to accomplish this, the virus must find a way to allocate memory for itself, in other words, it needs to find a place to hide. Furthermore, the virus needs to establish a procedure to activate the resident code to infect files. The first, and most often overlooked, method is using the TSR (Terminate-Stay-Resident) interrupt 27h or 21h function 31h. Yes, there is a reason why this technique is very often overlooked. This is the least desired method of making your virus go memory resident. While being the easiest to invoke, it is also the easiest to notice, which, when virus programming is concerned, being noticed is not always the most desired trait.


You need to run a DOS virus program to get rid of it.

Using a CLEAN BOOT FLOPPY to get to the a:\> prompt, then run the DOS VIRUS program to get rid of it.

Many out there F-Prot is an excellent one:

HERE (http://www.claymania.com/f-prot.html)

Thanks for the info, but I didn't work quite as well as I had hoped. I did manage to get F-PROT to load on the incapacitated pc and sucessfully scanned the C:, but the search came up empty. To the best of my thinking, one of these reasons is the culprit; I am scanning the wrong drive; F-prot fails to detect the virus (although it is a fairly recent eddition, with some file updates being from just a few days ago;Should i uninstall windows again? (I reinstalled it, hoping what I had done had fixed it earlier; Or perhaps there is no virus at all and there is some totally different explanation. Whatever it is, I'm completely in the dark and again, any help would be greatly appreciated.

1. Insert a Windows 98 Startup (bootdisk) disk, and then restart the computer to a command prompt.
2. At the command prompt, type c:, and then press ENTER.
3. Type cd\Windows\system, and then press ENTER.
4. Type ren iosubsys iosubold, and then press ENTER.
5. Reinstall Microsoft Windows 98.

Thanks for your help everyone, worked like a charm.

Thanks for letting us know.