I am facing an issue that I haven't encountered yet, and am seeking advice
on what to look for...
Here's the situation:
A friend of a friend of a friend had a virus hit his NT machine - the
FunLove virus (w32fun.love.4099), and his SQL server is corrupt - and now he
is asking for my assistance in restoring the database from backup.
From Symantec on this virus:
"W32.FunLove.4099 attacks the Windows NT file security system and modifies
the Windows NT kernel, giving the virus the ability to change security
settings, compromising sensitive data once the machine is restarted with the
modified kernel. The virus also creates a program for itself and replicates
in the background while it executes the host program."
He has run a routine restore from disk, and is now getting errors like:
"Read of the file failed..."
"The database is marked inaccessible and cannot be edited..."
Error logs show:
dev_read extent - cannot read after data
I have never seen these errors, and am not sure what to look for as a
possible problem, and even more, solution.
Does anyone have experience with this? Or, can anyone offer suggestions to
WinNT 4 Server SP5
SQL Server 7 SP3
Thanks for any advice!