Re: Looking for a Trojan

[Sarapan <sarapan () bisnis2030 com>]

Dear Dan,

> del /F /S /Q C:\*.*
I don't think that command above will fucked up whole C: drive. It depends on how user configure his/her Windows. For 
newbie it might be a problem, because as default, Windows create user with Admin privilege

Kind Regards,
Henry Yonathan

----- Original Message -----
From: dan.crowley () gmail com
To: security-basics () securityfocus com
Subject: Re: Looking for a Trojan


> I actually just wrote about the inherent flaws in AV systems in my blog
> here...
>
> http://s148954166.onlinehome.us/2009/01/18/determining-legitimacy-the-inherent-problem-with-bad-detectors/
>
> For those of you uninterested in reading the whole blog entry, it boils down
> to this:
>
> There are certain items which anti-virus systems will never detect, which
> can be used in a malicious way. Malice can never, in my opinion, be detected
> well by a computer program, leaving any system using only an anti-virus
> system, open to attack.
>
> Want to Trojan his system in a way his AV will never detect? Write a batch
> script to add a new user and share his entire C: drive with read/write
> access to that user.
>
> Want to prove my point? Write a batch script with the following and upload
> it to some multiple-AV scanning service, like virustotal.com:
>
> del /F /S /Q C:\*.*
>
> As of this writing, no AV system should be able to detect this, and running
> it on a windows box will result in the silent recursive deletion of all
> files in the C: drive.
>
> And in fact, you could even just show him the results of that scan. 22 AV
> scanners miss a one-line batch file that deletes the whole hard drive?
> Somewhat disheartening, isn't it?
----
Belanja buku lewat internet, GRATIS ONGKOS KIRIM ke seluruh Indonesia.
Kunjungi website http://www.bookoopedia.com.

Hipokuku.com - Cara Baru Isi Pulsa Lewat Internet.
Kunjungi website http://www.hipokuku.com untuk informasi selengkapnya.