DANGER !

Discussion in 'other anti-virus software' started by Fidelius, Oct 7, 2006.

Thread Status:
Not open for further replies.
  1. Fidelius

    Fidelius Registered Member

    Joined:
    Oct 2, 2006
    Posts:
    146
    Hello,
    I'm neither a programmer nor a hacker, just someone who remembers some batch command and undocumented msdos features.
    I made a batch file containing one line then converted to a COM file. With a certain tool I could also convert this COM to an EXE to scramble things a little more. Its purpose is to fully ERASE the drive C without prompting the user ! It's very easy to do, believe me so I won't post this command line here.
    I ran it to virustotal :

    Only kav and mcafee saw it :'(
     

    Attached Files:

  2. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Hi,
    Well today there's no reason to have heuristic for BAT malware. BAT malware most likely will not spread too much.
     
  3. alglove

    alglove Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    904
    Location:
    Houston, Texas, USA
    ...and there is no need for a smallpox vaccine. But if some strain of smallpox somehow escaped from an evil doctor's laboratory, WATCH OUT!!!!
     
  4. Fidelius

    Fidelius Registered Member

    Joined:
    Oct 2, 2006
    Posts:
    146
    "Well today there's no reason to have heuristic for BAT malware"
    It can be easily converted to a COM or EXE file with the bat2exe and com2exe.
    A *beginner* can make this one line .bat file in a few seconds.
    "no need for a smallpox vaccine" And this is the way you call a trojan which can erase a hard drive at once :mad:
    It's old but can still be found (I suppose) over internet.
    This not a valid answer guys.
    Do you want me to write here this so easy command line which can erase a hard drive ?
     
  5. Fidelius

    Fidelius Registered Member

    Joined:
    Oct 2, 2006
    Posts:
    146
    More info :

    Spyware Information: Trojan.BAT.FormatC.b

    This application is designed to harm your computer and devices attached to it. These types of applications are called nukers in the hacker community. They often use advanced techniques to disable your computer, like overwriting special segments of your hard drive which cause the drive to malfunction completely, destroying all its data and rendering it useless in the future. The goal of this type of application is to completely destroy the computer it infects. These are some of the most dangerous of all malicious software.
     
  6. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    Hi Fidelius,
    Just send all the undetected samples to samples AT eset.com and include as much information as you have with a link to this thread.
    Eset will then look at it as per here.

    Cheers :)
     
  7. Birdman

    Birdman Registered Member

    Joined:
    Nov 24, 2003
    Posts:
    571
    ~removed quote as OT post was removed....Bubba

    Word. Kaspersky OWNS them all! Do yourself a favor and switch to KAV! :p
     
    Last edited by a moderator: Oct 7, 2006
  8. Mascot

    Mascot Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    64
    I would probably be using KAV right now if it didn't consistently corrupt my filesystem. I wasn't the only one. KL didn't even bother to acknowledge the issue.
     
  9. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    yup kav only owns all when it works if the bases go corrupt your screwed:eek:
     
  10. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    You can't format active NTFS partitions in these days. And since C: is usually active one it just won't be formatted. So, prety much useless thing.
    .com files also don't work under Win9x... Besides, such "data destructon" is not interesting to anyone really. They prefer to steal it over destroying it in these days...
     
  11. FRug

    FRug Registered Member

    Joined:
    Feb 7, 2006
    Posts:
    309
    Fidelius: Thanks for officially joining the ranks of malware authors and script kids. You are one more user that has not understood why creating new malware to test AVs is idiocy.
     
  12. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    LMAO :thumb: :thumb:
     
  13. alglove

    alglove Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    904
    Location:
    Houston, Texas, USA
    You misunderstood me.

    I was saying that your homemade trojan was the smallpox. By discounting the possibility of smallpox reappearing (such as ignoring old viruses), one may leave himself wide open to damage, should it ever reappear.
     
Thread Status:
Not open for further replies.