programmer / hacker / phreak / pirate / retrogamer / irc idler / stoner

  • 0 Posts
  • 7 Comments
Joined 1 year ago
cake
Cake day: July 25th, 2023

help-circle


  • Fair point. Malware can tunnel through existing comms, thus firewalling the exe would do little to protect you.

    That’s why I recommended a multilayered defense and practicing good opsec.

    An exe that installs a service, modifies unrelated executables, and sends comms through an unrelated application would be a catastrophic failure in any good defense.

    If your system is this wide open then you’ll be likely to have all sorts of problems from non pirated software. Such as freeware that installs adware.

    I have tried to find these in the wild to no avail.


  • I don’t really use Windows except for playing games, so someone else may have a better answer.

    For me, I want 3 types of protection, priority order.

    1. Rootkit and ransomware protection. Lock down and protect system files.

    2. Firewall. Stop software from calling home (and possibly invalidating my forged license) and to stop malware from reaching out to command and control systems.

    3. Malware scanning and suspect execution detection. Most antivirus software detections will be in only one of a couple categories: keygen, generic trojan, or obfuscated executable. If I encounter this, I go to VirusTotal.com and drop the offending file(s) for it to scan. If I’m still concerned I will use an online sandbox execution recorder that tells you what the exe does such as outbound comms, file modifications, registry read/writes, etc.

    Windows Defender accomplishes these requirements. Although it is a bit clunky and other mainstream antivirus (paid or free) accomplish the same in a much cleaner interface.

    I cannot stress enough the importance of downloading pirated software from a trusted source.