Proland Software Download Protector Plus Antivirus 2007

Home
Products
Download Antivirus Software
Order On-line
Support
Email
Protector Plus Antivirus Software for
Antivirus for Windows 95 and 98
Antivirus for Windows 3.x and DOS
Antivirus for Windows NT
Antivirus Software for Windows Vista
Antivirus for NetWare
Protector Plus Console for Desktops

Download Protector Plus anti virus 2007
Win95.CIH virus cleaning program - CleanCIH.EXE Ver 1.6
(also known as Chernobyl, CIH, Spacefiller, Win32.CIH)

Download the CIH virus removal tool now (under 20k)

If you have any difficulties in using this program please refer to Win95.CIH FAQ page.

Blueball Information about the Win95.CIH virus:

Win95.CIH (also known as Chernobyl, CIH, Spacefiller, Win32.CIH) is a virus that infects 32-bit Windows 95, Windows 98 and Windows NT executables files having the .EXE extension. When an infected program is run in a Windows 95 or Windows 98 computer, it infects the computer and becomes memory resident. The infected program will not work properly on a Windows NT computer. Once the virus becomes memory resident, it infects all the 32-bit EXE files opened. So the virus spreads to all files executed and also copied. The size of the virus code is quite small and it is about 1000 bytes. The virus will not increase the size of the infected file. It uses an unique method to copy its code to the infected file. It fills up the unused space available in the 32-bit EXE file (PE format) with its code. If the virus can not find a single continuous large enough empty space to copy itself, it will slice itself up to many pieces and place them in the smaller empty slots. This virus is also known as Win95.Spacefiller for this behavior. The virus alters the header entry point to the beginning of the virus code and builds the broken up parts to one piece of code when the EXE file is run. The virus code contains the text "CIH", so it gets this name.

Win95.CIH virus has a dangerous payload that will trigger on the 26th of April or any month, depending upon the variant of the virus strain. This virus can damage the contents of the BIOS flash memory chip. Most of the new computers sold (80486 and later CPUs) have their BIOS programmed into the flash memory chips. Win95.CIH writes garbage to the flash memory chip if the chip is write-enabled. Many PC manufacturers leave the flash memory chip write-enabled. If this happens the computer will become unusable until the contents of the chip are restored or the motherboard is replaced. After damaging the BIOS the virus also makes the data in all the hard disks unreadable. Win95.CIH bypasses all types of BIOS protection mechanisms to do its destructive job. Because of these characteristics this is surely one of the most damaging virus.

Click here to download the free removal tool (CleanCIH.EXE) for the Win95.CIH virus.

Blueball Variants of Win95.CIH virus:

There are three variants (1.2, 1.3 and 1.4) of Win95.CIH virus. These variants can be identified from the text string present in the virus code. The variants 1.2 and 1.4 are reported to be in the wild and spreading. Win95.CIH.1.2 and 1.3 do the damage on 26th of April only and Win95.CIH.1.4 does it on the 26th every month. Win95.CIH.1.4 is also the most frequently reported variant. Our scan and clean program will detect and remove all these variants

Blueball Instructions on using CleanCIH.exe:

CleanCIH.EXE is a DOS based program. We have made it a DOS based program because of the nature of Win95.CIH virus. This type of viruses can be cleaned effectively only by DOS based programs. To use this program you will have to restart your computer in MSDOS mode. This procedure will ensure that Win95.CIH is not in the memory and will not spread further while you are running this program. Also when you run CleanCIH.EXE in the MSDOS mode it will be able to scan and clean all Windows 95/98 programs.

To restart your computer click on the "Start" button and select "Shut Down" then choose "Restart the computer in MSDOS mode" and click "Yes". Now the computer will reboot in MSDOS mode and you can see "C:\>" on your screen. You should change the directory to where you have downloaded CleanCIH.EXE and execute it from there.

If you are not familiar with MSDOS commands or if you have any other questions please refer to the Win95.CIH FAQ page at:

http://www.pspl.com/faqs/cihfaq.htm

Blueball Command Line options for CLeanCIH.exe:

Usage   : CleanCIH <Path> <Options>

Options :  /AUTOCLEAN for Automatic disinfection.
                 /PROMPT for Prompting before disinfection.

Examples:

CleanCIH C:\ to check the entire C drive.

CleanCIH C:\WINDOWS to check the C:\WINDOWS directory and its subdirectories only.

CleanCIH C:\ /AUTOCLEAN to check and clean the entire C drive.

CleanCIH C:\ /PROMPT to check and prompt before cleaning the entire C drive.

Download CleanCIH.EXE Now

Blueball About Protector Plus Antivirus Software Packages:

Proland Software is the developer of Protector Plus range of antivirus software packages. Protector Plus is available for Windows 95/98, Windows NT server, Windows NT workstation, Windows 2000, Windows 3.x, DOS and NetWare servers.

Protector Plus range of antivirus products offer on-line virus detection and removal. All the packages have the ability to detect and isolate all types of viruses and trojans. Protector Plus antivirus software can detect and remove Win95.CIH virus reliably.

You can download the FREE Evaluation Copy of Protector Plus antivirus software for any platform.
You can also purchase these antivirus software packages on-line.

These products are updated on a continuous basis and the latest upgrades for all the platforms are made available for downloading from this site.

Antivirus for Windows 95 and 98Antivirus for Windows NTAntivirus for Windows 3.x and DOSAntivirus for NetWare


HomeProductsDownload Antivirus SoftwareOrder On-lineEmail

(c) Proland Software, 2000