The CIH virus, also known as W95.CIH and the Chernobyl virus, is expected to trigger once again on June 26, an antivirus software vendor has warned today.
The virus has the potential to corrupt a PC's BIOS and erase data on hard drives. According to Symantec, the virus has known variant and target dates: w95.CIH V1.2 and V1.3 triggered on April 26, and W95.CIH V1.4 triggers on the 26th of any month.
CIH attacks a PC by infecting 32-bit Windows 95, 98 and NT executable files, which when launched infect the computer's memory and new files as they are opened. The virus also attempts to overwirte part of the BIOS, which can keep a computer from starting when the power is turned on, says Symantec.
Symantec's Norton Antivirus 5.0 detects CIH and repairs any infected files, whilst the company has also released a free program for users of antivirus software that has not protected PCs against the virus. The KILL_CIH.EXE tool "turns off" all strains of the virus in an infected PC's memorydoes not protect agaAccording to Symantec the KILL_CIH.EXE tool is immune to infection by CIH and so can be deployed in a hostile virus environment without a risk of worsening the infection.
The tool can be downloaded from http:www.symantec.com/avcenter/kill_cih.html