Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT sourceware DOT cygnus DOT com Delivered-To: mailing list cygwin AT sourceware DOT cygnus DOT com Message-ID: <0D7E878509BED111BEAC00A0C9A3CA604E1842@granite.plpt.com> From: "Alonzi, Thomas" To: "'cygwin AT sourceware DOT cygnus DOT com'" Cc: "'bruce AT objectcentral DOT com'" Subject: VIRUS ALERT - vide Date: Sun, 12 Sep 1999 12:59:09 -0700 Importance: high X-Priority: 1 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2232.9) Content-Type: text/plain A potentially nasty virus is in V IDE executables contained in zip files down loaded from www.gnu.ai.mit.edu link from www.objectcentral.com . If you execute any of the files on the 26th, the virus will strike. It garbles both the (flash) boot rom and the HD. See full description below. Network Associates Virus Scan 4.0.3a reports Virus Win95/CIH.1003 in the following files: vide-win.zip * vide.exe win-utils.zip * make.exe * tar.exe * cp.exe * touch.exe Virus Name Win95/CIH.1003 Date Added 9/7/99 Virus Characteristics This family of viruses, written in South-East Asia, first appeared in June 1998. Currently there are three known variants; and at least two of these have been found `in the wild'. The viruses infect Windows 95 files in PE format. Win32/CIH viruses are able to split up the body of the virus code and place it within unused parts of the infected file (PE files usually contain lots of unused space). The viruses contain a very dangerous payload, which triggers on the 26th of any month. On this date, they attempt to overwrite the flash-BIOS. If the flash-BIOS is write-enabled (and this is the case in most modern computers with a flash-BIOS) this renders the machine unusable because it will no longer boot. At the same time, they also overwrite the hard disk with garbage. The viruses contain the following (unencrypted) strings: .a variant: CIH v1.2 TTIT, .EXE Indications Of Infection EXE files of the PE (Portable Executable) format. Method Of Infection The only way to infect a computer with a file infecting virus is to execute an infected file on the computer. The infected file may come from a multitude of sources including: floppy diskettes, downloads through an online service, network, etc. Once the infected file is executed, the virus may activate. Virus Information Discovery Date: 7/1/98 Type: Win32 Risk Assessment: medium Variants Unknown Aliases Win32/CIH, W32/CIH.Spacefiller ---------- From: Bruce Wampler[SMTP:bruce AT objectcentral DOT com] Sent: Monday, August 16, 1999 6:25 PM To: cygwin newsgroup Subject: Re: GNU C++ Tutorial bruc- AT objectcentral DOT com wrote: original article:http://www.egroups.com/group/gnu-win32/?start=15988 > I need a soon as posible a GNU C++ Tutorial. > Thanks !!! > I don't know of any GNU C++ specific tutorials, but I have collected the best free C++ references available on the net in one place, all packaged for easy reference. Several GNU GCC specific documents are included. Please see: http://www.objectcentral.com/vide/help/vhelp.htm This package is online, or you can download the whole thing. -------------------------------------------------- [Sorry if this got into the group twice. I've been using the e-groups interface, and I got a message that this message bounced because e-groups had addressed it to gnu-win32 AT cygnus DOT com instead of cygwin AT sourceware DOT cygnus DOT com. Perhaps someone needs to update the info at e-groups. I find it much easier to read this group via e-groups over getting my mail box full of all the messages.] -- Bruce E. Wampler, Ph.D. Author of the V C++ GUI Framework e-mail: mailto:bruce AT objectcentral DOT com web: http://www.objectcentral.com -- Want to unsubscribe from this list? Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com -- Want to unsubscribe from this list? Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com