Thread: "Smart" Meters made them sick
View Single Post
  #58   Report Post  
Posted to alt.home.repair
Oren[_2_] Oren[_2_] is offline
external usenet poster
  
Posts: 22,192
Default computer trojan destroys hard drives
On Thu, 14 Feb 2013 12:08:17 -0600, "Pete C."
wrote:


wrote:

On Thu, 14 Feb 2013 10:53:18 -0500, "Stormin Mormon"
wrote:

A couple weeks ago, I got some trojan from Hell. It wiped out my hard drive.
I didn't know what was happening, and had an external drive plugged in. That
stopped working, so I tried my other external drive.

I took the three drives to a friend (graduate of a computer college), who
could not recover anything. Mailed the drives to another friend who found
all three to be dead. Friend two even used the forensic programs that the
cops use.

Something got me. And, it did some kind of damage that two techies could not
recover.

Usually these things just blow up the partition table. That makes the
drive pretty much unusable until you restore it.
To actually wipe the data will take some time, up to hours depending
on the size.

I am not sure what you mean by "forensic programs that the
cops use" but if these are real cops they actually look at the data
blocks and they will be there unless they got overwritten (that
"hours" thing I was talking about)

For all practical purposes wiping out the partition table and the
indexes will make a drive toast and that happens pretty fast. You can
see the raw data but it won't be that usable if it can't be put in
context.

Usually you can inspect a drive on an expendable machine.

If you really want to look at a drive you think is that infected, use
a bootable CD tool. Then it can't spread.
Back in the FAT days, Norton would usually fix most of these problems
without losing the data. I am not sure what works on NTFS drives.

These days I just depend on good backups and I don't hesitate to wipe
the infected drive and starting over when someone brings me a "virus"
machine. Start with a "write all 1s" program (AKA low level format,
even if not true)
Then partition it and format it.
.

I'm thinking that "smart" malware would update the drive firmware
rendering it inoperable until that firmware was replaced. Depending on
how the drive is built, reloading the firmware may be no easy task.

From 2005

http://blogs.computerworld.com/node/1099
Reply With QuoteReply With Quote