Mail Archives: cygwin/1999/09/12/16:02:08
A potentially nasty virus is in V IDE executables contained in zip files
down loaded from www.gnu.ai.mit.edu link from www.objectcentral.com . If
you execute any of the files on the 26th, the virus will strike. It garbles
both the (flash) boot rom and the HD. See full description below.
Network Associates Virus Scan 4.0.3a reports Virus Win95/CIH.1003 in the
following files:
vide-win.zip
* vide.exe
win-utils.zip
* make.exe
* tar.exe
* cp.exe
* touch.exe
Virus Name
Win95/CIH.1003
Date Added
9/7/99
Virus Characteristics
This family of viruses, written in South-East Asia, first appeared in June
1998. Currently there are three known variants; and at least two of these
have been found `in the wild'. The viruses infect Windows 95 files in PE
format.
Win32/CIH viruses are able to split up the body of the virus code and place
it within unused parts of the infected file (PE files usually contain lots
of unused space).
The viruses contain a very dangerous payload, which triggers on the 26th of
any month. On this date, they attempt to overwrite the flash-BIOS. If the
flash-BIOS is write-enabled (and this is the case in most modern computers
with a flash-BIOS) this renders the machine unusable because it will no
longer boot. At the same time, they also overwrite the hard disk with
garbage.
The viruses contain the following (unencrypted) strings:
.a variant: CIH v1.2 TTIT, .EXE
Indications Of Infection
EXE files of the PE (Portable Executable) format.
Method Of Infection
The only way to infect a computer with a file infecting virus is to execute
an infected file on the computer. The infected file may come from a
multitude of sources including: floppy diskettes, downloads through an
online service, network, etc. Once the infected file is executed, the virus
may activate.
Virus Information
Discovery Date: 7/1/98
Type: Win32
Risk Assessment: medium
Variants
Unknown
Aliases
Win32/CIH, W32/CIH.Spacefiller
----------
From: Bruce Wampler[SMTP:bruce AT objectcentral DOT com]
Sent: Monday, August 16, 1999 6:25 PM
To: cygwin newsgroup
Subject: Re: GNU C++ Tutorial
bruc- AT objectcentral DOT com wrote:
original article:http://www.egroups.com/group/gnu-win32/?start=15988
> I need a soon as posible a GNU C++ Tutorial.
> Thanks !!!
>
I don't know of any GNU C++ specific tutorials, but
I have collected the best free C++ references
available on the net in one place, all packaged
for easy reference. Several GNU GCC specific
documents are included. Please see:
http://www.objectcentral.com/vide/help/vhelp.htm
This package is online, or you can download the
whole thing.
--------------------------------------------------
[Sorry if this got into the group twice. I've been
using the e-groups interface, and I got a message
that this message bounced because e-groups had
addressed it to gnu-win32 AT cygnus DOT com instead of
cygwin AT sourceware DOT cygnus DOT com. Perhaps someone
needs to update the info at e-groups. I find it
much easier to read this group via e-groups over
getting my mail box full of all the messages.]
--
Bruce E. Wampler, Ph.D.
Author of the V C++ GUI Framework
e-mail: mailto:bruce AT objectcentral DOT com
web: http://www.objectcentral.com
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com
- Raw text -