Avery and List. Avery, thank you very much. As I usually do, I checked with several sites before answering, THIS IS NOT A HOAX, EXTREMELY DANGEROUS. I copied some info, and at the end I pasted Symantec site, where you can get the antivirus, this site also includes several antivirus for the most dangerous latest viruses as Melissa. http://www.symantec.com/avcenter/ The CIH Virus Attacks Dateline: 9/4/98 The CIH virus is one of the most malicious and ground breaking viruses to be developed in the underground world. First identified in Taiwan back in June, the CIH virus has spread throughout the world on Windows 95 and 98 PCs, infecting applications when executed. On the 26th of each month infected PCs may have their hard drives and flash BIOS chips overwritten! CIH is a fast spreader because it started in Asia, where illegal copies of software run rampant in some Asian countries. Both legal and illegal copies of software have been infected by the CIH virus, including the ever-popular "Wing Commander," by Origin Systems. The virus uses several advanced stealth techniques to help hide it's presence on an infected PC. If the hard drive of an infected PC is overwritten, backups of data can easily be restored to a reformatted drive. Resetting the Flash BIOS is another story... Flash BIOS is normally protected by a jumper on the motherboard. But, some machines have the jumper set to the "on" position for Flash BIOS modifications. If the CIH virus overwrites the Flash BIOS the machine will not boot until the chip is reprogrammed. That translates to major down time for most users. How CIH works Once you've run an infected program, it goes resident in memory-- it just sits there and waits. Now, whenever you open another executable file, the infected program checks to see if it's a "portable executable" file (that's the format used for executable files in Windows 95 and 98). The virus then checks whether the file can be infected. It can only be infected if there's enough room for the virus. If there is enough room, it infects the file. If the virus can't infect the file-- or if the file has already been infected-- it checks the next condition. The next condition Is it the 26th of the month? If the answer is yes, the virus tries to overwrite your BIOS. Then it trashes your hard drive. GO TO THIS ADDRESS, AND YOU WILL FIND ALL YOU NEED TO TEST YOUR COMPUTER: http://www.symantec.com/avcenter/ ----- Mensaje original ----- De: Avery Todd <atodd@UH.EDU> Para: <pianotech@ptg.org> CC: <caut@ptg.org>; <mpt@talklist.com> Enviado: Jueves, 22 de Abril de 1999 01:54 p.m. Asunto: IT SECURITY ALERT: April 26th Windows 95/CIH Virus > List, > > I just read this today, sent by broadcast to all entire university > computers. I assume it doesn't affect a Mac, but thought those of you > with PC's might want to check it out. > I don't know what a "CIH virus" is and I normally don't do this type > of thing, except to refute them, but with the computer people we have > on this campus, I'm assuming it's a very legitimate concern for Windows > users. > > Avery > > >Date: Thu, 22 Apr 1999 10:17:32 -0500 > >From: "Brian M. Walker" <bmw@UH.EDU> > >Subject: IT SECURITY ALERT: April 26th Windows 95/CIH Virus > >Sender: UH Staff - A moderated broadcast list to all staff at the UH Main > > Campus <UH-STAFF@LISTSERV.UH.EDU> > > > >On April 26, the Windows 95/CIH Virus is programmed to execute > >and if your system is infected, you may lose data, the ability > >to boot your computer or both. Information Technology recommends > >that anyone who has a computer running the Windows95 or Windows98 > >operating system should turn off their computer before leaving work > >Friday evening if they have not had time to take the anit-viral > >steps listed at <http://www.uh.edu/infotech/990420_cih.html>. > >Further, if you have not had time to take these steps, IT recommends > >that you leave your computer off on Monday, April 26. > > > >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > >Brian M. Walker, CISSP email : bmw@uh.edu > >Manager, Security & Disaster Recovery security@uh.edu > >Information Technology Division phone : (713) 743-1528 > >University of Houston fax : (713) 743-2743 > >~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > >
This PTG archive page provided courtesy of Moy Piano Service, LLC