What are you guys doing to avoid malware when getting software? http://virustotal.com https://malwr.com Anything I might not know about to be able to tell if it has malware?
What are you guys doing to avoid malware when getting software? http://virustotal.com https://malwr.com Anything I might not know about to be able to tell if it has malware?
.
Running unknown programs inside Sandboxie is a good pre-emptive measure. Not all of them, harmful or not, will run correctly because many "special" Windows features are blocked to prevent them from leaking outside the sandbox, but it'll help you spot stuff that behaves suspiciously. You can block network access for sandboxed applications too.
For the most part, though, just get your warez from reliable sources and avoid anything that's too good or small (filesize-wise) to be true, and you'll be fine.
"I just remembered something that happened a long time ago."
I don't download anything that I don't trust.
Poster
Test everything in a virtual machine, that's what I do first, then I can check to see if its accessing anything it shouldn't.
Regards
Retired
^So much this. Common sense with a sandbox/vm to fall back on.Originally Posted by anon
I'd add, if you're pirating your OS, you're doing it wrong.
Woah, I had to abandon sandboxie a long time ago because it didn't support 64-bit. Looks like it does now.
What are the reliable sources these days?
I just don't download software I don't trust. I don't even download freeware (legal) unless I can see the source code and compile it myself.
As for detecting malware:
You can try checking pcap logs but that only goes so far. Some software is designed to do malicious damage which isn't detected through this method. In which case you really need to look at logging exactly what files are created and deleted. The problem is, if you don't know what the software is meant to do, then it might be creating legitimate files. Furthermore, if the malware writer names the files correctly and doesn't call them something like spyware.exe, malware.exe or virus.exe, virus.dll and so on, then you will definitely have a harder time determining.
Most software installation is about trust. I don't trust vmware, so I use virtualbox. The whole idea of having so many background processes running all the time spooks me. Even if the current edition is safe, which I don't have time to analyse piece by piece; when you are asked to update, no one knows if the NSA ask kindly for vmware to drop a trojan in it.
.
I personally use Warez-BB. Stick to what trusted, long-standing members of the community post, and read the comments otherwise. Scene releases on the biggest private trackers should also be safe.
"I just remembered something that happened a long time ago."
omg, this site is awesome. Thanks!I personally use Warez-BB. Stick to what trusted, long-standing members of the community post, and read the comments otherwise. Scene releases on the biggest private trackers should also be safe.
Poster
well im not as fancy using vmware or other virtual boxes as ive had issues with them in the past on windows---so when dl'ing from usenet i look on the developers site to try and get a size range of what the cracked proggy should be ---then i try to find post with a .nfo as most bad stuff posted does not include the time or effort for a nfo.then when i pet the rars i scan them with avast and malwarebytes then double click open first rar to see whats inside-then if all seems safe i extract and rescan all files.also some cracks patches will come up as false positives-and even after instal will show up wrong such as my dvdrebuilder patch ive been using for years.just be safe in what u run and always have good up to date v.p. as usual watch for dl'ing of .exe or other unknown formats and make sure any associated programs that might run like wmp does not have the call home features enabled.also u do not need to always update programs some still work great like older versions of window washer --good luck
favorite quotes made my me
if you want to you can but if you dont you wont
most possibly yes but maybe no
Posting Permissions
Reply With Quote
Bookmarks