Information Disaster April 26
In April, the biggest problem of the month related to computers can rightly be considered the epidemic of the Win95.CIH virus – Chernobyl.
Everyone is used to the presence of computer viruses. Periodically they appear on the computer. Sometimes they manage to be detected on time. Sometimes something goes bad, but, as a rule, special tragedies do not occur. Last year, a new, very dangerous Win95.CIH virus was released. The virus appeared, apparently, in Taiwan. Over the past year, it has spread throughout the world, including Ukraine. According to the British magazine Virus Bulletin, this virus is consistently among the ten most common in the world. Moreover, Win95.CIH is the only virus out of these ten that has serious destructive functions built in.
This virus uses a rather interesting infection mechanism, which provides it with high secrecy and a very high ability to “reproduce”. There are practically no computers that have 1 … 2 files infected with this virus. If the computer is infected, then the virus is located in almost all .exe files. In general, the Win95.CIH virus has long been known. A detailed description of it can be found on the sites of antivirus companies (DialogueScience) and computer magazines (Chip). The latest versions of most antivirus programs know and are able to cure this virus. In this regard, the Win95.CIH virus is not something out of the ordinary. Its main differences from other viruses are the very dangerous destruction produced by this virus and the long “hidden period” (when the action of the virus does not manifest itself).
Destruction caused by the virus:
the first 2048 sectors of each hard drive are destroyed, and a random sequence is written in their place;
part of the BIOS contents is destroyed.
The duration of the “hidden period”:
the destructive actions of the “classic” virus (CIH.1003, or CIH v.1.2) appear only on April 26, the day the Chernobyl disaster occurred.