N
N
Name4222017-02-06 12:36:59
Antivirus
Name422, 2017-02-06 12:36:59

Is it possible for this file to be monitored or otherwise harmful?

Hello.
There is one program: Mars Notebook.
www.mars-soft.net/rus/notebook.htm
It is free for Russian-speaking users.
To use all the features of this program, you need to register.
To do this, download the file Notebook.usr (right-click - save as)
and save it to the directory with the program, restart the program if it was downloaded.
1) Is this file possible for surveillance or other harmful effects on the computer?
2) How does the verification mechanism work that the program is registered by a Russian-speaking user? A resident of any other country can simply register this program.
Antivirus does not swear at this file.
PS No, this is not advertising.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
N
nirvimel, 2017-02-06
@nirvimel

1. Install Windows XP SP3 into a virtual machine (pure corporate, not some shitty assembly).
(Don't say it's long if you have to do it once and then use it all the time).
2. Take a snapshot of a virtual machine with a clean, freshly installed OS.
3. Install your own toroyan (even if it is a very valuable and useful program, there is no difference).
4. Take a snapshot of the virtual machine with a freshly installed Trojan.
5. Run this Charm of yours. Work with her for exactly one session.
6. Roll back the virtual machine to snapshot (4) (or to snapshot (2) when you want to play with another trojan).
...
7. PROFIT.

C
CityCat4, 2017-02-06
@CityCat4

You can upload the file to virustotal for verification.
Checking that the program is registered by a Russian-speaking user? Well, FAR, for example, did this - "enter the name of the current day in Russian." This is of course clumsy protection, but the program is not designed for information security experts either :)

A
Andrew, 2017-02-06
@OLS

Download one of these:
https://securityintelligence.com/comparing-free-on...
or this
https://www.raymond.cc/blog/analyze-suspicious-exe...
and explore.
I would recommend malwr

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question