Are there Viruses like this?

Discussion in 'malware problems & news' started by aigle, Aug 15, 2007.

Thread Status:
Not open for further replies.
  1. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I had instaled Avast home on desktop of one of my friends. One day he told me that while her daughter was searching on internet( may be music), she got some pop up alerts for a virus/ malware. He is not sure what his daughter replied to the popup. Anyway apparently the malware was able to run, the computer was shut down by her daughter/ or by the malware and after that she was never able to restart it again.

    He took PC to a geeky friend who told him that all the HD is wiped away, even no data to recover by simple means. He had to format and reinstall OS.
    My Q is that is there such a malware that just wipes away the HD. I know of KillDisk but even it just corrupts the partition table, u can get ur data if u boot from a CD etc.

    Any ideas/ experience aout such a malware?

    Thanks
     
  2. CogitoErgoSum

    CogitoErgoSum Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    641
    Location:
    Cerritos, California
    Hello aigle,

    Please see the following links.

    http://www.grc.com/cih.htm
    http://www.infectionvectors.com/hotzone/brick.htm
    http://www.securityfocus.com/news/11374

    I acknowledge that the above links are rather old and may or may not be relevent, but at least they give you an idea of what is out there. If I am not mistaken, I could have sworn that sometime this year there was a report of a virus or piece of malware that could erase parts of one's hard drive. I just can't recall where I read about it.

    Hope this helps.


    Peace & Love,

    CogitoErgoSum
     
    Last edited: Aug 15, 2007
  3. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Hi, thanks. Very interesting read! I thought KillDisk is nastiest but seems Chernobyl is the most nasty one.
    I am not sure how can I get samples for these( Chernobyl, W32.Mypics.Worm and W32.Blackmal.E@mm).
     
  4. thanatos_theos

    thanatos_theos Registered Member

    Joined:
    Apr 28, 2007
    Posts:
    540
  5. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    That seems a nasty one too. Thanks for the link.
     
  6. thanatos_theos

    thanatos_theos Registered Member

    Joined:
    Apr 28, 2007
    Posts:
    540
    You're welcome.
     
  7. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    This may not relate to the situation of your friend. An online chatter that I know had her hard drive "wiped out" when she somehow got an infected email that harbored a hidden DOS command of "FORMAT C:\" which cleaned out the hard drive and she could not reboot it. She had to go to a library PC to inform me on what happened. She didn't realize of what was occurring until it was too late. I told her that if the malware executed that DOS command and it was not stopped immediately from running, then her drive was cleaned out. I never heard from her again. :(
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,038
    Location:
    The Netherlands
    Well, a HIPS should be able to stop this RiskTool.Win32.Aefdisk malware, that´s why parent-child process execution and low level disk control is so important. And it´s also a good idea to prevent certain file types (like .bat for example) from running, something you can do via software restriction policies in XP Pro. IMO HIPS should also offer this feature. :)
     
  9. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,786
    I think it's safe to assume that a virus or malware can do just about *anything* given half a chance... So wiping most of a HD clean is no great surprise...
     
  10. si_ed

    si_ed Registered Member

    Joined:
    Aug 14, 2007
    Posts:
    54
    Malware can do pretty much anything that a user can, and probably more. However, while it may have deleted your data (and you have to ask yourself why it would do that - much of today's malware is designed to make money), it is probably possible to recover your files using one of many data recovery tools available.

    It is unlikely that the malware formatted your drive and then overwrote the data with garbage. It is, of course, possible, but I would try something like winhex to get your most important files back...
     
  11. CogitoErgoSum

    CogitoErgoSum Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    641
    Location:
    Cerritos, California
  12. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    thanks
     
  13. CogitoErgoSum

    CogitoErgoSum Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    641
    Location:
    Cerritos, California
    Hello aigle,

    You are very welcome.


    Peace & Love,

    CogitoErgoSum
     
Loading...
Thread Status:
Not open for further replies.