What are you guys doing to avoid malware when getting software? http://virustotal.com https://malwr.com Anything I might not know about to be able to tell if it has malware?

Running unknown programs inside Sandboxie is a good pre-emptive measure. Not all of them, harmful or not, will run correctly because many "special" Windows features are blocked to prevent them from leaking outside the sandbox, but it'll help you spot stuff that behaves suspiciously. You can block network access for sandboxed applications too.

For the most part, though, just get your warez from reliable sources and avoid anything that's too good or small (filesize-wise) to be true, and you'll be fine.

I don't download anything that I don't trust.

Test everything in a virtual machine, that's what I do first, then I can check to see if its accessing anything it shouldn't.

Running unknown programs inside Sandboxie is a good pre-emptive measure. Not all of them, harmful or not, will run correctly because many "special" Windows features are blocked to prevent them from leaking outside the sandbox, but it'll help you spot stuff that behaves suspiciously. You can block network access for sandboxed applications too.

For the most part, though, just get your warez from reliable sources and avoid anything that's too good or small (filesize-wise) to be true, and you'll be fine.
^So much this. Common sense with a sandbox/vm to fall back on.

I'd add, if you're pirating your OS, you're doing it wrong.

Running unknown programs inside Sandboxie is a good pre-emptive measure. Not all of them, harmful or not, will run correctly because many "special" Windows features are blocked to prevent them from leaking outside the sandbox, but it'll help you spot stuff that behaves suspiciously. You can block network access for sandboxed applications too.

For the most part, though, just get your warez from reliable sources and avoid anything that's too good or small (filesize-wise) to be true, and you'll be fine.


Woah, I had to abandon sandboxie a long time ago because it didn't support 64-bit. Looks like it does now.

What are the reliable sources these days?

I just don't download software I don't trust. I don't even download freeware (legal) unless I can see the source code and compile it myself.

As for detecting malware:

You can try checking pcap logs but that only goes so far. Some software is designed to do malicious damage which isn't detected through this method. In which case you really need to look at logging exactly what files are created and deleted. The problem is, if you don't know what the software is meant to do, then it might be creating legitimate files. Furthermore, if the malware writer names the files correctly and doesn't call them something like spyware.exe, malware.exe or virus.exe, virus.dll and so on, then you will definitely have a harder time determining.

Most software installation is about trust. I don't trust vmware, so I use virtualbox. The whole idea of having so many background processes running all the time spooks me. Even if the current edition is safe, which I don't have time to analyse piece by piece; when you are asked to update, no one knows if the NSA ask kindly for vmware to drop a trojan in it.

What are the reliable sources these days?

I personally use Warez-BB. Stick to what trusted, long-standing members of the community post, and read the comments otherwise. Scene releases on the biggest private trackers should also be safe.

What are the reliable sources these days?

I personally use Warez-BB. Stick to what trusted, long-standing members of the community post, and read the comments otherwise. Scene releases on the biggest private trackers should also be safe.

omg, this site is awesome. Thanks!

well im not as fancy using vmware or other virtual boxes as ive had issues with them in the past on windows---so when dl'ing from usenet i look on the developers site to try and get a size range of what the cracked proggy should be ---then i try to find post with a .nfo as most bad stuff posted does not include the time or effort for a nfo.then when i pet the rars i scan them with avast and malwarebytes then double click open first rar to see whats inside-then if all seems safe i extract and rescan all files.also some cracks patches will come up as false positives-and even after instal will show up wrong such as my dvdrebuilder patch ive been using for years.just be safe in what u run and always have good up to date v.p. as usual watch for dl'ing of .exe or other unknown formats and make sure any associated programs that might run like wmp does not have the call home features enabled.also u do not need to always update programs some still work great like older versions of window washer --good luck

Does anyone have a guide to setting up a virtual environment for testing apps?

[QUOTE=anon;3738114]
What are the reliable sources these days?

There is a lot of freeware one uses and one looks at reputable discussion sites; for example I use free Avast and picked it based on polls and other discussion at Wilders Security Forums:
Wilders Security Forums - Powered by vBulletin (http://www.wilderssecurity.com/index.php)

For warez, besides warez-bb I look at The Pirate Bay for torrents and basically choose the among most seeded ones which have positive comments. Thus for example when I wanted an XP version I chose the Black edition.

I avoid Usenet for software because there just isn't adequate feedback about whether the software is good.

I also look for portable solutions of the software, doesn't require installing and they are usually more reliable.