Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to tolerably run program embedded with virus in great preventive care


  • Please log in to reply
3 replies to this topic

#1 abdulbadii

abdulbadii

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:04:23 PM

Posted 28 December 2017 - 07:31 PM

How to tolerably run a program embedded with virus in great preventive care ?
I highly suspect a program with some malware code in it, but I really need to run it the program as its normal behavior as if it wasn't adulterated or touched at all
Many thanks in advance

Edited by Platypus, 28 December 2017 - 07:51 PM.
Moved from Log analysis forum


BC AdBot (Login to Remove)

 


#2 Umbra

Umbra

    Authorized Emsisoft Rep


  • Members
  • 139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:23 PM

Posted 28 December 2017 - 09:47 PM

By using a Virtual Machine (VMware Workstation, Virtual Box, etc...), a sandbox (Sandboxie, ReHIPS, Shade Sandbox, etc...) or a light virtualization software (Shadow Defender, Timefreeze, Deepfreeze,etc...)


Edited by Umbra, 28 December 2017 - 09:48 PM.


Emsisoft Community Manager


#3 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,734 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:10:23 AM

Posted 29 December 2017 - 04:33 AM

If a program has been modified by malware, you can never be sure that it will execute its normal, intended functions.

 

Sometimes, AV will detect malware and clean the executable in stead of deleting it. This could be an option for you, but again, no 100% guarantee.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,734 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:10:23 AM

Posted 29 December 2017 - 04:35 AM

You can submit your suspicious program to VirusTotal and report the link back here, I'll have a look.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users