Jump to content

Software patcher

batman4ever

By batman4ever
in Tech Help & Security [software & hardware]

Recommended Posts

batman4ever Junior Member

batman4ever

Posted
Posted

I have a question. Is there a way to check if the patch of the software is safe to use? Since most of the antivirus tool found it is unsafe or trojan...


  • Andr-Tech
uk666 Master Poster

uk666

Posted
  • Andr-Tech
Posted (edited)
Nobody can guarantee that the posted program is clean of malware unless somebody download the program, use it and post observations. So always, check the comments!

 

Keygens tend to trigger false alerts, only download from uploaders with a good reputation and always check the comments

 

Using an online scan service like virustotal.com is a better alternative than scanning with a single antivirus because this service are using many antivirus engines

 

The other option to decide about an executable file is to run it in a virtual environment like a “sandbox†and to monitor its actions. 

 

You do not need a virtual machine for this, Sandboxie accompanied by Buster Sandboxie Analyser (BSA) module is one of the most powerful and convenient sandboxing tool. Sandboxie because a presumed infected program cannot perform permanent changes to your system and BSA because it offers detailed information about the analysed program behaviour and even it tries to decide whether it is malicious or not. 

 

Edited by uk666
  • Like 1
batman4ever Junior Member

batman4ever

Posted
  • Author
Posted

 

Nobody can guarantee that the posted program is clean of malware unless somebody download the program, use it and post observations. So always, check the comments!

 

Keygens tend to trigger false alerts, only download from uploaders with a good reputation and always check the comments

 

Using an online scan service like virustotal.com is a better alternative than scanning with a single antivirus because this service are using many antivirus engines

 

The other option to decide about an executable file is to run it in a virtual environment like a “sandbox†and to monitor its actions. 

 

You do not need a virtual machine for this, Sandboxie accompanied by Buster Sandboxie Analyser (BSA) module is one of the most powerful and convenient sandboxing tool. Sandboxie because a presumed infected program cannot perform permanent changes to your system and BSA because it offers detailed information about the analysed program behaviour and even it tries to decide whether it is malicious or not. 

 

Thank you for your info. I did test out the patcher in this one with virustotal and more tan half of them stated it has trojan....

http://forum-andr.net/topic/62639-auto-hide-ip-5528/?hl=ip

My question is since the patch will alter the program to full version, does that consider is not clean or the file itself contain trojan in it?

  • Andr-Tech
uk666 Master Poster

uk666

Posted
  • Andr-Tech
Posted
To answer your question, an anti-virus most likely detects it as a Trojan because it patches other programs (assembly or registry entries). Any application that is not signed by a reputable author and attempts to modify other application’s structure’s is usually classified as ‘potentially malicious’. 

 

Most likely, it is false positive (meaning it is not actually a virus, but the anti-virus thinks it is). However, if you are not too sure you should not run it. Better safe than sorry.
  • Like 1
Go to topic listing
×
×
  • Create New...