How to check if a program is infected
Hello all users heres some easy ways to find out if a program is infected or not without having to run the program. We know some of them you have already known.
1.Sandboxing:
Wikipedia describes a sandbox as: 'a security mechanism for safely running programs. It is often used to execute untested code, or untrusted programs from unverified third-parties, suppliers and untrusted users.' and this is exactly what it is.
A sandbox is an isolated work-space on a harddisk in which programs can be run without fear of infecting your PC.
Do you need to download a sandbox? No, in fact, I advise you use 'Anubis Sandbox', a free online sandbox. You upload your file to anubis, it runs it and tells you exactly what it does.
Anubis Sandbox
2. Vmware (most effective)
What is vmware? 'VM' stands for 'Virtual Machine', a virtual machine is an operating system complete with virtual hardware which runs on another operating system. An example of this is me running two Windows XP operating systems on one computer at the same time with the use of a vmware-based program. This means, we can run whatever we want in my second virtual Windows XP as it will not effect the rest of our PC.
A good free vmware program is 'Microsoft Virtual PC'.
For more information on vmware and how to use it, PM me.
3. Multi-Scanners
Do you need to download a sandbox? No, in fact, I advise you use 'Anubis Sandbox', a free online sandbox. You upload your file to anubis, it runs it and tells you exactly what it does.
Anubis Sandbox
2. Vmware (most effective)
What is vmware? 'VM' stands for 'Virtual Machine', a virtual machine is an operating system complete with virtual hardware which runs on another operating system. An example of this is me running two Windows XP operating systems on one computer at the same time with the use of a vmware-based program. This means, we can run whatever we want in my second virtual Windows XP as it will not effect the rest of our PC.
A good free vmware program is 'Microsoft Virtual PC'.
For more information on vmware and how to use it, PM me.
3. Multi-Scanners
Disclaimer: Never use any legitimate multi-scanners (such as
virus total or jotti's malware scan) to scan programs you have crypted, packed,
joined or created yourself as many of them then send the program to anti-virus
companies which then add it to their signature dates.
Multi-scanners such as Virus Total, Jotti's malware scan and KIMS, scan a single program with multiple anti-viruses to see if any detect them as malware. This does NOT mean the program is definantly infected but does increase the chances (many hack tools are detected as malware when they are in fact not).
To scan crypted, packed, joined or home-made malware, ONLY use underground multi-scanners such as 'KIMS'.
Enjoy.......
No comments:
Post a Comment