Trojans, keyloggers and other nasties

[springer]

I have this "friend" I'm asking for...

Anyway, he wants to know, if he got a cracked program from someone and ran the .exe through his freshly updated anti-spyware and anti-virus programs with no indication there was anything wrong, what are the chances of him safely using the program?

Thanks in advance

 

[redtricycle]

If you're going to run dangerous things...

Run it in a virtual machine (VMWare).

 

[jerxs]

Who in gods name would use a cracked program?:anon.sml:

 

[LazyHippy]

Any half-decent antivirus will pick up on nasty shit. If you got it from a reputable torrent site or something then ya should be fine mate. Sorry, your friend should be fine. The guys distributing the stuff wouldn't wanna harm their business, so will normally block anything reported as a trojan, virus, spyware etc.

 

[ScottDaMan]

LazyHippy, yes, because a business giving away free shit is so profitable, who would want to harm it. Right?

 

[LazyHippy]

Sites like demoniod etc quickly pull any shit and I've got a feeling it probably is pretty profitable, going by the amount of traffic they have. I might be completely wrong though - they might not get a single click on their ads and just run these sites out of sheer generosity.

 

[Bofu2U]

Just keep in mind, anyone that knows what they're doing with a virus/trojan can easily get past virus filters. Heck, it's really not that hard once you know how they work.

However, it would have been smarter to check his netstat to see if a port opened up. Does he have a firewall to look at? Try checking outgoing over port 6667-6669, for a possible botnet infection.

Hope this helps.

 

[springer]

Thanks all.

It was my brothers kid who got what he thought was a full version of a program from a friend. Didn't discover it was cracked until running it. Obviously, it was modified... there are strange characters in the name, like 3s instead of Es, etc.

He panicked and called me. I had him run it through his Spy Sweeper and Trend Micro anti-virus and neither caught anything. I had him reboot in safe mode and rerun Spy Sweeper and still didn't find anything so I told him he was "probably" safe.

Afterwards, I came here to ask. I'll go look at his router logs and check the firewall.

If the program is not malicious, he'd like to keep it because it's useful and the price was right.

Thanks again.

 

[trigatch4]

"reputable torrent site"

hahahah sounds like an oxymoron to me!

 

[LazyHippy]

"reputable torrent site"

hahahah sounds like an oxymoron to me!

lol, yeah probably! but there's some i'd trust, some i wouldn't. Not that I'd advocate sharing copyrighted stuff or anything like that...

 

[wickedDUDE]

its possible to get viruses from any torrent site. the owners dont monitor all of the content, that would be impossible.

 

[elvanvitar]

its possible to get viruses from any torrent site. the owners dont monitor all of the content, that would be impossible.

your right. but the users do. and if several say it's not clean then it usually gets removed (depending on the torrent site). Demonoid is by far the best at doing this imo. They run a tight ship as far as that goes.

 

[CoLL1eR]

The person could have easily binded it and made it undetectable. He should monitor outgoing traffic to making sure its not trying to call back to anyone to send the logs if its a keylogger, etc..