New Virus Erases Hard Drive

By on June 8, 2004

From the ‘It Was Bound To Happen’ department: Symantec
reports that a new virus is making the rounds that deletes all files on the infected PC:

The malware targets Windows computers, and arrives in an email bearing the subject “Re” and an attachment that will have an .asp, .hta, .htm, .htt, .html, .vbe or .vbs extension. Upon infection, the virus uses Microsoft Outlook to send itself to everyone in the Microsoft Outlook Address Book. “If the day is the 6th, 13th, 21st, or 28th, the worm will delete all the files from the computer,” Symantec reports. Despite its nasty payload, SANS notes that VBS.Pub “doesn’t possess any earth-shattering characteristics to make it a significant propagation threat.”

If this one did propogate widely, it would be regrettable, but it would at least help solve the problem of old, unpatched, unprotected Windows boxes that act as virus sponges.

Now let’s wait for the first “doesn’t happen on a Mac” comment. ;-)

Gadgetopia

Comments

  1. Excellent article, Rob.

    The point that many who gleefully point to the vulnerabilities in OS X miss is that none of them has been exploited. And the “Broken Windows” argument outlined in the article Rob referenced is a good reason that the chances are slim that a vulnerability will be exploited, and if it does, that it won’t get far. (In case you haven’t read that article, “Broken Windows” doesn’t refer directly to any Microsoft OS.)

    Even when Apple’s response to a vulnerability isn’t up to snuff, the Mac community is usually quick to come up with a solution. See http://www.unsanity.com/haxies/pa/whitepaper

  2. I’m really glad that there is finally a virus that does actually wipe out your hard drive. I mean, I’ve been hearing rumors about this virus since I got my first computer nine years ago, but no one has ever actually produced it.

    Now if only the virus would do it when you just looked at the email (not having to run an attachment or anything), then it would finally live up to the hype.

    If it would try to hack into the Pentagon servers too, so that the FBI would come arrest you, that would just be super.

  3. My response to Rob upon him describing the article was that a bum might try to panhandle in San Francisco because there are lots of people there so it pays off. San Francisco therefore has some ‘bad neighborhoods’.

    Bums in Parker, SD don’t get very far because not many people live there. ‘Good neighborhoods’ in Parker.

    If enough people move to Parker, they’ll have panhandlers there too.

  4. ivan.sanders@qi-satellite.com

    Dear Rob,

    I use 200XP with Norton 2004 bought and installed. I am infected with both Haldex Ltd. and Searchfindinfo.com pop ups which I suspect are the Adware scan entry – C:\WINDOWS\SYSTEm32\nethv32.dll. Nothing appears in the Registry (nothing of theirs deliberately downloaded) and unregistering nethv32.dll is successfull – only to be immediately re-infected. I am an amateur but my studies indicate that this means that my hard drive is infected? Is there a marketed product which will resolve this? Or do I have no option but to pay an Engineer to twiddle with the computer in ‘safe mode?’

    Regards, Ivan Sanders

Comments are closed. If you have something you really want to say, email editors@gadgetopia.com and we‘ll get it added for you.