W95.CIH.remnants

W95.CIH.remnants is a detection that has been created specifically to detect remnants of W95.CIH in executable files. Even though the virus code is never executed, the file still contains remnants of the virus. This includes cases where the virus is in the file but the file runs as normal. In these cases, the virus will not execute at all. However, because the virus is in the file, it should be detected and the viral body should be removed.

Symantec is aware of files containing these remnants of W95.CIH having been shipped on some commercially available versions of the Lotus Notes software.

NOTE: Definitions prior to November 21, 2002 will detect these remnants as W95.CIH.corrupt.

Protection

• Initial Rapid Release version November 21, 2002
• Latest Rapid Release version August 20, 2008 revision 017
• Initial Daily Certified version November 21, 2002
• Latest Daily Certified version August 20, 2008 revision 016
• Initial Weekly Certified release date November 21, 2002

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

• Wild Level: Low
• Number of Infections: 0 - 49
• Number of Sites: 0 - 2
• Geographical Distribution: Low
• Threat Containment: Easy
• Removal: Easy

Damage

• Damage Level: Low

Distribution

• Distribution Level: Low