Re: [WinMac] Virii on Windows

Jared & Jamie Hay(jandjhay[at]v-wave.com)
Mon, 27 Jul 1998 09:59:41 -0600

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: Chris Fitzgerald-Walsh: "Re: [WinMac] RE: Mac Freezes at NT Login"
Previous message: Sean Page: "[WinMac] RE: Mac Freezes at NT Login"
Next in thread: Chris Mueller: "Re: [WinMac] Virii on Windows = CIH"

>Hi everyone,
>
> I just received the following message from the Univ. of Texas
>administration. Frankly, it makes me glad to use a Mac. But I wonder at the
>maliciousness of those who would conceive of such a virus.
>
> --Marc
>
>
>This June, a new virus called "Win32/CIH" or "PE_CIH" first
> appeared, and it has now been discovered on campus machines. The
> virus infects Windows 95 and Windows 98 executable files (PE
> format), but NOT Windows NT or any Macintosh computer.
>
> Win32/CIH viruses can split up the body of the virus code and place
> it within unused parts of the infected file. The viruses contain
> highly destructive code, which triggers on the 26th of any month.
> On the 26th (this Sunday is 26 July), the virus code attempts to
> overwrite the flash-BIOS in infected machines. If the flash-BIOS is
> write-enabled, and most modern computers have a writable flash-BIOS,
> the overwriting renders the machine UNUSABLE because it will no
> longer boot. Any hardware damage caused by the virus is not covered
> under manufacturer's warranties. At the same time, the disk
> partition information is destroyed.
>
> The Win 32/CIH virus was triggered in a test using a Windows
> 95 system. After the computer's date rolled over to 26 July, all
> disk partitioning information was lost, leaving the system
> unbootable and the data unrecoverable. No known tools are
> available to help save lost work, but analysts are searching.
>
> This virus has been discovered on computers in several campus labs,
> including the Windows 95 systems in the Student Microcomputer
> Facility. If you have used a diskette on one of these systems and
> then used it elsewhere, you may have spread the virus. Of course, it
> is always possible that you picked up the virus elsewhere. Testing
> your system may be prudent.
>
> What Can You Do?
>
> NOTE: If you do not have time to disinfect your machine before
> Sunday, 26 July, you should shut your system down on the 25th and
> not use it again until the 27th. This virus can be a very
> devastating and ALL precautions should be taken to avoid it. Do NOT
> turn on an untested machine any time during the 26th.
>
> DETECTION --
>
> To detect the virus, you should immediately run a virus detection
> program that scans for the CIH virus. If your detection software
> will not run BECAUSE of the virus (and we have found a case of that
> for the Dr. Solomon's software), you must boot your system with a
> clean boot disk containing the disinfecting software.
>
Sorry, but I had to say this... You can't use you PC on Saturday,
because of this virus. You can't use your PC on Tuesday, because of that
virus. You can't use your PC on Thursday, because of the other virus....
Just which days of the week, month, etc. can I use my PC? I've got work
to do!!!!

the JarHead

J & J Consulting
Jared & Jamie Hay
#101 - 10715 - 116 St.
Edmonton, AB T5H-3M3

Remember, Buckaroo Banzaii,
No matter where you go... Across the Eighth Dimension
There you are!

* Windows-MacOS Cooperation List *
* FAQ: <http://www.darryl.com/winmacfaq/> *
* Archives: <http://www.darryl.com/winmac/> *
* Subscribe: <mailto:winmac-on@xerxes.frit.utexas.edu> *
* Subscribe Digest: <mailto:winmac-digest@xerxes.frit.utexas.edu> *
* Unsubscribe: <mailto:winmac-off@xerxes.frit.utexas.edu> *

Next message: Chris Fitzgerald-Walsh: "Re: [WinMac] RE: Mac Freezes at NT Login"
Previous message: Sean Page: "[WinMac] RE: Mac Freezes at NT Login"
Next in thread: Chris Mueller: "Re: [WinMac] Virii on Windows = CIH"

This archive was generated by hypermail 2.0b2 on Mon Jul 27 1998 - 09:04:14 PDT