Results 1 to 5 of 5

Thread: Klez infected by new CIH Variant...

  1. #1
    Senior Member
    Join Date
    Jan 2002

    Exclamation Klez infected by new CIH Variant...

    woohoo...ain't we got fun when a worm causing havoc gets infected with a virus ...CIH is baaaaack


    The payload for W95.CIH.1049 executes on August 2nd.

    The first payload overwrites the hard disk with random data, starting at the beginning of the disk (sector 0). The overwriting of the sectors does not stop until the system has crashed. As a result, the computer will not boot from the hard disk or a floppy disk. Also, the data that has been overwritten on the hard disk will be very difficult or impossible to recover. You must restore the data from backups.

    The second payload tries to cause permanent damage to the computer. This payload attacks the Flash BIOS (a part of your computer that initializes and manages the relationships and data flow between the system devices, including the hard drive, serial and parallel ports, and the keyboard) and tries to corrupt the data that is stored there. As a result, nothing may be displayed when you start the computer. To fix this requires the services of a computer technician.

    W95.CIH.1049 has been known to infect the worm W32.Klez.gen@mm .
    I used to be With IT. But then they changed what IT was. Now what I'm with isn't IT, and what's IT seems scary and weird." - Abe Simpson

  2. #2
    Senior Member
    Join Date
    Feb 2002
    wow... nas-T
    Remember -
    The ark was built by amatures...
    The Titanic was built by professionals.

  3. #3
    Senior Member
    Join Date
    Sep 2001
    If anyone needs to clean this virus goto this thread and download the tool that DJM has posted. It works great on removing Klez from your systems.
    [gloworange]\"A hacker is someone who has a passion for technology, someone who is possessed by a desire to figure out how things work.\" [/gloworange]

  4. #4
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    I almost got hit by it last night. Of course the email came from a AOL luser.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  5. #5
    Senior Member
    Join Date
    Oct 2001
    yeah i had allot of trouble ridding my system of it, w95.cih, but i never knew it came from a worm, norton family security was disabled, and i had around 2000 infected files. when i reativated it again.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts