This is a multi-part message in MIME format. --------------ABE5C69A3A3DA358910A8EA1 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit --------------ABE5C69A3A3DA358910A8EA1 Content-Type: message/rfc822 Content-Transfer-Encoding: 7bit Content-Disposition: inline Received: from imo21.mx.aol.com (imo21.mx.aol.com [198.81.17.65]) by postal.c-zone.net (8.8.7/8.8.7) with ESMTP id LAA21489 for <[email protected]>; Sat, 24 Apr 1999 11:18:26 -0700 (PDT) (envelope-from [email protected]) From: [email protected] Received: from [email protected] (14408) by imo21.mx.aol.com (IMOv20) id fYMTa07748; Sat, 24 Apr 1999 14:16:49 -0400 (EDT) Message-ID: <[email protected]> Date: Sat, 24 Apr 1999 14:16:42 EDT Subject: Virus To: [email protected], [email protected], [email protected], [email protected], [email protected] MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: AOL 4.0 for Windows 95 sub 13 Reply-To: [email protected] X-Mozilla-Status2: 00000000 Nasty PC Virus Set To Hit Monday By Dick Satran Reuters SAN FRANCISCO (April 22) -- A virus that can wipe out all the data on a personal computer's hard drive and even make it impossible to start programs up is set to hit next Monday, security experts warned. The virus is a malicious piece of software code that has been turning up in PCs for months, but the version that will strike Monday is the most-feared variation. The so-called CIH or ''space filler'' virus originated in Asia last summer and hits on the 26th of each month. The CIH 1.2 that appears only once a year in April is the ''most prevalent and dangerous'' form of the virus, said Sal Viveros, marketing vice president for Network Associates Inc., the largest computer security company. The CIH virus is far more dangerous to individual computers than Melissa, the much publicized bug that spread relatively benign problems far and wide on the Internet last month. The CIH virus can irretrievably destroy data on a user's computer, and even make the machine inoperable, while Melissa only really caused embarrassment, by sending a list of porn sites from a target computer's e-mail address book, and tied up some corporate e-mail systems with traffic. The CIH gets the name ''space filler'' because it uses a special technique that secretly fills file space on computers and thwarts many of the anti-virus softwares in place before its arrival. The virus is also called the Chernobyl virus because it's timed to go off on the anniversary of the Russian nuclear accident, one of technology's worst disasters. The virus is designed to hide from view by inserting itself into empty coding slots on a computer's software utilities. Viruses are often detected because they use up extra space on hard drives, but the ''space filler'' helps CIH avoid that traditional method of detection. It can lie dormant for months before causing damage. The April version of the virus is particularly damaging because it can also keep a computer from starting up by infecting the software on which all the PC's programs depend, the basic input/output system, or BIOS. If the BIOS is infected, the computer will not start. Most up-to-date anti-virus software will spot the bug, if it's there, and many corporate computers have recently upgraded their protection due to the Melissa scare, said Network Associates' Viveros. The biggest impact is likely to be on home computers, said Viveros, who added that computer users can download an anti-virus program free of charge from his company's site ( <A HREF="http://www.nai.com/">http://www.nai.com/</A>). The virus is spread by e-mail over the Internet or in pirated software. It infects Windows 95 and Windows 98 files. ''People should make sure they have the latest antivirus software run on their computers,'' said Bill Pollak, of Carnegie Mellon's Software Engineering Institute, which runs the Computer Emergency Response Team, or CERT. The center has already prepared an ''incident'' note that it will put on its site ( <A HREF="http://www.cert.org">http://www.cert.org</A>). REUTERS Reut18:00 04-22-99 Copyright 1999 Reuters Limited. All rights reserved. Republication or redistribution of Reuters content, including by framing or similar means, is expressly prohibited without the prior written consent of Reuters. Reuters shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon. All active hyperlinks have been inserted by AOL. --------------ABE5C69A3A3DA358910A8EA1--