RE: WAY OT--Crisis...virus! Need help

BROWN Nick (Nick.BROWN@coe.fr)
Mon, 26 Apr 1999 21:15:19 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: alano@summanulla.pcx.ncd.com: "Re: What kernel version am I REALLY running?"
Previous message: Stephen C. Tweedie: "Re: [big performances boost for DataBases] Re: cache killer memory"
Next in thread: James Willard: "Re: WAY OT--Crisis...virus! Need help"
Reply: James Willard: "Re: WAY OT--Crisis...virus! Need help"

Well, I stand very much corrected. Dropped in to my friendly neighbourhood
computer dealer this evening to find two (2) people standing there with
their PCs. Both had the same symptom: totally black screens on power-up.

Apparently the Chernobyl (aka CIH) virus _has_ struck.

BUT the good news, at least for followers of this thread, is: if your PC can
boot (or indeed display any message at all), you most likely don't have the
CIH virus, because it trashes your CMOS. I suppose it might trash your disk
instead if it has trouble writing to the CMOS, but I haven't seen that
mentioned on any of the A-V sites I visited.

---------------------------------------------------------------
|\ | o _ |/ Life's like a jigsaw
| \| | |_ |\ You get the straight bits
But there's something missing in the middle

Nick Brown, Strasbourg, France (Nick(dot)Brown(at)coe(dot)fr)
---------------------------------------------------------------

> -----Original Message-----
> From: BROWN Nick [SMTP:Nick.BROWN@coe.fr]
> Sent: 26 April 1999 15:29
> To: 'Allan M. Wind'
> Cc: linux-kernel@vger.rutgers.edu
> Subject: RE: WAY OT--Crisis...virus! Need help
>
> >> There is a virus due to activate about now. We made today a
> holiday in
> >> South Australia - should have done the same at Penn, perhaps.
> >That's the first positive impact, I've ever seen, a virus had.
> Don't
> >get any ideas now!
>
> My money is on it _not_ being a virus, given the number of partition table
> sectors (and disks generally) world-wide which will go belly-up today like
> any other day. Out of 2x10**8 PCs, I'd expect something like 1x10**5 to
> have a serious disk problem on any given day, by the time you combine HD
> MTBF and good old-fashioned bugs. And of course, people screwing up with
> FDISK and blaming a virus when their boss asks why they haven't got any
> work
> done.
>
> One way to make a backup of your partition table sector (MBR) for next
> time
> :-) would appear to be:
> dd if=/dev/hda of=/floppy/savembr bs=512 count=1
>
> [off-topic] I wrote a DOS version of this, too, as part of my free DOS
> anti-virus stuff I did about 6 years ago (when DOS viruses such as Stoned,
> Form, etc were the main problem). It saves the MBR and the active boot
> sector in a magic file, so you can later restore them, or compare them
> against the current live versions to detect viruses, etc. About twice a
> year I would undo somebody's FDISKing, to their total amazement.
>
> |\ | o _ |/ Life's like a jigsaw
> | \| | |_ |\ You get the straight bits
> But there's something missing in the middle
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.rutgers.edu
> Please read the FAQ at http://www.tux.org/lkml/

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: alano@summanulla.pcx.ncd.com: "Re: What kernel version am I REALLY running?"
Previous message: Stephen C. Tweedie: "Re: [big performances boost for DataBases] Re: cache killer memory"
Next in thread: James Willard: "Re: WAY OT--Crisis...virus! Need help"
Reply: James Willard: "Re: WAY OT--Crisis...virus! Need help"