Ok, I need some insight before I go back into Torrenting. I need a piece of software from a less than reputable company (Wondershare). Now I know Keygens can be run through Sandboxie or a VM to get the key but how do Patches and Cracks work?
One of TorrentGalaxy's most trusted uploaders & software patchers keeps the software updated and uploaded & includes in the download listing the www.virustotal.com report for the installation files which shows a clean listing; however the Patch shows a listing for multiple AV/Malware software which shows the Patch being a virus. So, how do I use the software if the Patch is "infected". Am I missing something? Thanks!
When the source of a crack/patch isn't trusted, I'd do like you said and install it in a VM, then compare the patched files with their unpatched copies using diffing software (Beyond Compare's hex compare feature is useful for this). If there are a huge amount of changes, like completely different size and content, or it is protected with a packer (typically will be a several MB larger), I would definitely steer clear of it. If it's just a few changed bytes (and maybe the digital signature overlay is stripped off), then it's most likely safe and you can just copy the patched files out of the VM and overwrite your main install.
Edit: Also, always prefer official installers directly from the developer's site if they are available; "pre-cracked" installers are always a red flag to me.
This sounds like excellent advice. I happen to have a licensed version of BeyondCompare that I can install and do Hex compare. I appreciate the guidelines to follow and I agree with you on the "pre-cracked" options. I would always install from the developer's site first and then use the patch if I use it at all. Unfortunately, this software mush have a "phone-home" features and has a "hosts file" change as well. As with the previous response, I would appreciate your input on whether you would try it or not.
Thanks for your excellent advice & input!
Do NOT run a crack or patch of any kind. They may pass a Malwarebytes scan, or test clean on virustotal, but one I just ran across tried downloading a bunch of data when I ran it in a VM. Don't risk it, I've been burned in the past. And now with online banking, Paypal, Venmo, cryptocurrency, it's just not worth it.
You might try installing the software in a VM, running the patch in the VM, and then moving the software over to your primary, but I would still be worried about that.
The other people here say you'll probably be fine, but you need to ask yourself if it's worth giving up any of your passwords to an attacker. At best you're looking at a completely benign patch, and a working installation of the software. At worst...it can be pretty bad.
Wait for a keygen, or go without the software. Or, and I do this a lot lately, look around for a free, open source equivalent.
I mean he says it comes from a very reputable source so he will be fine. If he finds something he should reported and make everyone know about it. And of course never sign in into your bank account on the same machine you use to pirate software.
