This is the same as the Chernobyl virus - also note that all variants of Win95.CIH I know of don't kill your computer on the 26th of any month - instead, when it detects the clock set to the 26th, it activates. Then it starts corrupting files, one by one, until it eventually hits something important - but it's a much more gradual degredation that overnight

Well, Chernobyl was built to corrupt your Flash-BIOS, in addition to putting garbage on your HDD and until the 26th, it will infect .exe files. That will render your computer unable to boot, and if you ever do get a new motherboard, your HDD is still screwed. Once BIOS is dead, you can kiss your computer good bye.

the win95.cih virus IS THE CHERBOBYL virus. Anyways, I was the one that notified ticalc.org of this Virus today, after I downloaded it, I then told everyone in #ti...Hi, I don't know if this goes to Nick or what. Any ways, I guess you could say I got news. I was
downloading "83PlusAsm v.1.01 " under Windows Utilities. It contains the Win95.CIH
virus. The appropriate thing to do, wound be to add this item to your news, since it will disable
any computer of the 26th of the month.
Im on IRC under RAM_page_

This isn't a hoax, I'm not one of those lamers :-P
-Alex
....Al Least they told us, it would have sucked if they didnt :-P

no, only computers with FLASH BIOS and you can REFLASH it back, i have before and i can do it again. You can clean a hdd and then reflash the bois

Only if you are able to boot... You'd need a motherboard that's exactly the same to do the trick, but it would still be tricky.

Though I have never had this particular virus there is a way to reset your Bios without booting up. To do this you should first look in the manual the came with the computer, it will be called reseting CMOS. If you cannot find the book open up your computer (BE VERY CAREFUL DO NOT DO THIS IS YOU HAVE NEVER OPENED A COMPUTER BEFORE) then look around the CPU for a jumper switch. It will probably be red. Then look for text around it, it should be called bios reset or CMOS reset, or something to that effect. Next move the jumper to the other position and turn you computer on for about 20 seconds. Now turn it off and replace the jumper. You may have to re-configure some of your stuff to work in the CMOS however you bios is not reset.

ONCE AGAIN WATCH WHAT YOU ARE DOING YOU CAN SERIOUSLY SCREW UP YOUR COMPUTER

Hope this helps somebody
John Wigle

Reseting the CMOS is not the same as reflashing a BIOS. The CMOS is memory that stores your settings in the BIOS, and does not write to the BIOS (It is powered by a lithium battery when your computer is turned off)

CMOS and BIOS have little to do with each other. BIOS (Basic Input-Output System) is a program stored in ROM which allows you to manually configure the innards of your computer. CMOS (Complimentary Metal Oxide Semi-conductor) stores the information about your computer (i.e. drives, RAM, port settings...) into a chip which is comparable to RAM. CMOS requires little power, and is usually powered with a button battery like the memory backup battery in the back of most TI graphics calculators. These batteries normally live for about 15-20 years before they die. Once they do, your computer may be unable to boot, or it will take a lot longer, since it will have to gather all the information about your computer again. You might have to confirm some settings yourself. To prevent this from happening if your battery dies, you should get one ASAP after your battery dies.

That's impossible, when your BIOS is already corrupted, your computer will be so screwed, it will never even be able to boot into DOS, or whatever OS you prefer. Chernobyl will only affect 32-bit Windows systems, I believe (Win95, Win98). So I think all you Linux users are in the clear with this one... Then again, since this program is a Windows program, I don't know why you would have downloaded it in the first place.
As far as clearing up your HDD, you could do so, possibly by using Norton Ghost if one of your friends has a comparable HDD, or you could just buy a new one for around $200. Getting an new motherboard, however will set you back around maybe $500-1000. I don't know, nor have I heard of this method before, but there may be a method of clearing the entire ROM of the Flash-BIOS, and somehow re-writing it in there. I don't know, and seriously doubt if this is possible, but I don't see why it wouldn't be.

Hardware knowlege seems to be rather limited...

If your harddrive is corrupted, you can first try fdisk /mbr, then fdisk. If that doesn't work, look for some low level formatting tools. Maxtor and Western Digital both do that. NOTHING survives a low level format. NOTHING.


As for BIOSes, it depends on the type of bios whether or not you can recover. Most new bioses have what's known as a boot block, a simple, classic read only ROM (ironic, isn't it?) that you can't write to without a rom burner. It's capable of booting the system, DOS, and an ISA video card. If you set your flash diskette up properly, it can do a fully automated flash of your bios, and put you back where you started.

The only way it could truly kill it is if it reads and writes to the FlashROM a million+ times, which will do the same thing as an 83+ or 89 you do that to. It'll burn the flashrom out completely. But before that happened, you'd have shut your computer off.

In the end you can always buy a new bios chip, and reflash again...

SOFTWARE STILL CANNOT DAMAGE HARDWARE PERMANETLY. THERE IS ALWAYS A RECOVERY METHOD.

No, I beleive your hardware knowledge seems rather limited...
You stated:
"If your harddrive is corrupted, you can first try fdisk /mbr, then fdisk. If that doesn't work, look for some low level formatting tools. Maxtor and Western Digital both do that. NOTHING survives a low level format. NOTHING."
Too bad you won't have a working BIOS to interpret CMOS info. Granted, I did neglect to mention using FDISK and FORMAT, I was getting into recovering the data and software which a user would have installed. That is the major bummer of having a corrupted HDD. Yes, nothing will ever escape a low level format, but then you have to spend hours re-installing your OS and software, and restoring your software settings. Beleive me... Been there, done that.
"As for BIOSes, it depends on the type of bios whether or not you can recover. Most new bioses have what's known as a boot block, a simple, classic read only ROM (ironic, isn't it?) that you can't write to without a rom burner. It's capable of booting the system, DOS, and an ISA video card. If you set your flash diskette up properly, it can do a fully automated flash of your bios, and put you back where you started."
What you just described are the old BIOSs. The new ones do not require ROM burners, and are easily modified if you have the programming knowledge to do so. You can't boot into DOS unless you have:
1. A functioning BIOS
2. A DOS boot disk
Trust me... I have worked with some of the greatest computer minds in my area. I think I know what I'm talking about.
"In the end you can always buy a new bios chip, and reflash again..."
And how exactly will you implant the new BIOS chip? Maigcally? Unless you have a soldering iron and are really good with electronics, or you happened to have one of those easily removable BIOS chips, you are majorly screwed. Your method may work, so I will give you credit.
Just learn, do not test my patience or insult my knowledge. I have studied computers for years, and I despise having my knowledge questioned.
And remember this: though there may always be a recovery method, there is always a way around those recovery methods in which to inflict damage to your computer.

Wow, I $500 to $1000 for a motherboard! I don't know where you buy your hardware at, buy I'm sure they *love* to see you coming! Seriously though...On the boards I have seen you can reset the BIOS using a jumper. This feature was included in case you screw up your bios trying to flash it. If you can't reset the BIOS, most companies will send you a new one free or really cheap.

P.S. Can I sell you some motherboards? At $500 to $1000 a pop I could pay off my car pretty quickly :)

The real question is where do you buy your hardware at? A brand new board that contains a Pentium III chipset can cost upwards of $800. I bought an 850 MHz PIII Motherboard for $600. I got a real deal, because I did research, and I found out it can cost hundreds more at other places. So before you open your big mouth, watch what you say before you try and insult me. And you can keep your third rate motherboards to yourself.

The virus flashes the BIOS. Sure, you can flash the microcode on your processor, but only like *maybe* 10 people on earth know how to do that. In the previous comment you said motherboard. I haven't seen a processor soldered onto a motherboard sincy my Packard Bell 486.

youre right, ive never seen any computer stores selling motherboards with chipsets on them...

All you have to do to decrease seroius damage it set the BIOS clock back until you find it. Then delete it.

AMA

To the people infected by this: I know this doesn't help at all, but it may be a little reassuring.

The creator (just in case you want to know) of this help file is Jeff Chai, one of my friends from school. I know him pretty well, and I can promise you that he didn't intentionally infect the TI community with a virus. It might have been the fault of the help file compiler, or that he unknowingly had a virus on his computer at the time he made the file. But he didn't mean to. Although that doesn't help, but he didn't.

And if I find this virus on my machine, or find it to be of any major damage on anyone's computer, rest assured that he's gonna get an ass-whoopin tomorrow.

Oh yea, you can email him for more answers about this at:

ecchai@netzero.net

Jeff: I hope you can run.

- Jeff

Oh and yes, I just noticed this.

Nick -

Jeff Chai also made the "TI-83+ ASM Include File". I doubt that has the virus too, but you might want to remove it, since he made it in conjunction with the help file.

- Jeff

All I need is one email from someone who can confirm this. I don't have McAfee on my system right now; I'm getting it from a friend. It'll be on tomorrow.

--BLueCalx

What Virus Scanner do you use? (Personally, I use Norton AntiVirus)

Gotta love Norton AV! I wouldn't trust any less. Which version do you have?

All I have to say is NORTON SUCKS. Norton from my personal experience sucks, I also saw a check list of McAfee and Norton software and McAfee beat the #&^$ out of it. I would never trust Norton, I would sooner use IBM's old virus protection that came on an old IBM AT PC that I have.

Well, I still would recommend McAfee to anyone who is very busy and doesn't have much time to spare. But if you have time, and want a more thorough scan, you use Norton. Norton AV 2000 can sniff out ANY virus in e-mail, and its e-mail protection is updated every month. The virus definitions are updated every week, although i find the notification for me to update my virus definitions annoying at times...

McAfee VirusScan for Windows NT (I have Win2K installed).

--BlueCalx

People, people.. stop flaming the guy that uploaded the program to the site. I've dealt with this virus more than once - when you run an .exe file and the virus is on your computer, it will automatically infect that .exe as soon as you run it. If you don't have relatively new virus protection software, you probably won't be able to tell that you are infected with it. I'm pretty sure the 83PlusAsm program became infected without the author's knowing it, and then it was uploaded to the site..

You don't have to feel sorry for me. Please don't. I probably deserved this. =(

Guys leave this dood alone...stop tearing him apeart for something that wasnt cause by him......i think we should just drop it.....its not his fault.....

I couldn't agree more. Why the heck would he come and try to defend himself if he did it intentionally. Think about it.

Sorry if I was ignorant again. According to Jeff, and according to McAfee (Jeff sez), the win95.cih attaches itself during FTP transfer. I thought the virus was a result of a careless mistake. I'm not flaming anyone, this guy is my friend. Right now I'm helping to clear his name.

Oh yea Jeff, sorry I wasn't here to talk to you I was at Mike's house... I'll cya later.

- Jeff