1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How Safe Are These Black Hat .EXE Files Floating around this forum?

Discussion in 'Black Hat SEO Tools' started by oldweb, Jan 5, 2013.

  1. oldweb

    oldweb Regular Member

    Joined:
    Dec 22, 2012
    Messages:
    414
    Likes Received:
    37
    Home Page:
    I see there are various offers from people to download their software here that let you run bots to create facebook likes, youtube views etc. I could really do with running some of these but I'm worried running one of these .EXE files will harm my computer or invade my computer?
     
  2. frazgta

    frazgta Power Member

    Joined:
    Jan 24, 2011
    Messages:
    574
    Likes Received:
    381
    They usually have a VT attached to them. If a virus is detected the mods delete the file ASAP. So yes they're pretty safe.
     
    • Thanks Thanks x 1
  3. fheaky

    fheaky Regular Member

    Joined:
    May 3, 2010
    Messages:
    349
    Likes Received:
    109
    First look if there's a virustotal scan, files can be crypted to remain undetected by virusscanners but it's a start. Second look who posted it, it's more likely to contain virusses if it's posted by someone who registered yesterday and has 2 posts than someone who registered a year ago, has an established reputation, is a VIP, has a lot of posts etc, etc. Third, read the replies in the thread and see if other people have found something malicious in the software. And if you don't trust it, I wouldn't download it.
     
    • Thanks Thanks x 1
  4. twitter.followers

    twitter.followers Elite Member

    Joined:
    Mar 23, 2011
    Messages:
    1,768
    Likes Received:
    2,208
    Where did you found a youtube views bot? Since there isn't any atleast on this forum.
    And its a BHW rule to post a Virus scan of the every file which you upload and share on the forum so that cuts of all the virus already.
    But, also it is highly recommended to scan files locally before opening to ensure full safety.
     
  5. fheaky

    fheaky Regular Member

    Joined:
    May 3, 2010
    Messages:
    349
    Likes Received:
    109
    Not true. If you encrypt your infected file virusscanners won't pick it up but your machine will still get infected.
     
  6. moarman

    moarman Newbie

    Joined:
    Jul 15, 2010
    Messages:
    28
    Likes Received:
    5
    I'm actually having a problem with one right now. It was working great before but when I just tried to use it my anti virus is flagging it with: Infection - Win32:Malware-gen
    Going to PM the creator right now to see what's up with it.
     
  7. twitter.followers

    twitter.followers Elite Member

    Joined:
    Mar 23, 2011
    Messages:
    1,768
    Likes Received:
    2,208
    It would be really cool if you could report the thread and/or PM a moderator about it so that it would help other people who might download it while you contact the OP and warn the users who downloaded it already as well.
     
  8. fheaky

    fheaky Regular Member

    Joined:
    May 3, 2010
    Messages:
    349
    Likes Received:
    109
    It could be a false positive.
     
  9. sirgold

    sirgold Supreme Member

    Joined:
    Jun 25, 2010
    Messages:
    1,260
    Likes Received:
    645
    Occupation:
    Busy proving the Pareto principle right
    Location:
    A hot one
    Use a Virtual Machine, that's all I could recommend. Anybody even slightly familiar with "certain" software creation knows how Virus Total is the perfect tool to test if your FUD is really FUD... Better safe than sorry they say... ;)
     
  10. Cewgg

    Cewgg Regular Member

    Joined:
    Mar 16, 2012
    Messages:
    236
    Likes Received:
    151
    if you are downloading files you don't know and you are not sure about them,use program called sandboxie or vmware.
    When you run file with these programs you can see if program creates startup keys or something that viruses does, you just terminate session and you will be not infected.
     
  11. Cewgg

    Cewgg Regular Member

    Joined:
    Mar 16, 2012
    Messages:
    236
    Likes Received:
    151
    hehe nice, we suggested almost the same things and at the same time. lol.
     
  12. dbyrn

    dbyrn Power Member

    Joined:
    Feb 20, 2010
    Messages:
    746
    Likes Received:
    224
    Occupation:
    helping people
    I use VirtualBox for all my software testing needs. You can use snapshot/revert mechanism to restore the state of the machine if something goes wrong.

    Take care,
    D.
     
  13. WizGizmo

    WizGizmo Super Moderator Staff Member Premium Member

    Joined:
    Mar 28, 2008
    Messages:
    3,834
    Likes Received:
    55,439
    That has never happened in the nearly 5 years that I have been a member and
    moderator. However, the safest way is to run EXE's on a virtual machine.
     
    • Thanks Thanks x 1
  14. moarman

    moarman Newbie

    Joined:
    Jul 15, 2010
    Messages:
    28
    Likes Received:
    5
    I will. I'm giving him a small amount of time to respond first because I don't want to hurt the guys rep if it ends up being a false positive. But as soon as I know one way or the other I'll post it here and/or contact a mod to give them the heads up. Like I mentioned, it was working great up until today so because of that I'm giving the creator the benefit of the doubt.
     
  15. JDesty

    JDesty Junior Member

    Joined:
    Dec 29, 2012
    Messages:
    104
    Likes Received:
    33
    Home Page:
    Advanced hackers have software(usually crypter) that can infect actual computer when ran sunboxed or virtual machine ...It works same way as LAN spreading. It just drops file in every system32 it can find on computer(yes, even outside vm). With private crypter and stub, their virus will stay FUD for at least an week(depends how many times scanned). Aswell many hackers update their program weekly to stay legit and keep getting more infections(yes, hash is different, but there are not very many people comparing them). So basically, there is no safe way to test programs. Only way is another computer running fresh windows, you run .exe and same time monitor taskmanager. If something new pops up right away or after restart, program is infected.


    Sometimes even honest high quality Black hat programs can show infections on virustotal. They are blackhat, some virusprograms might add them to database because of being illeagel software. That always doesn't mean they are infected with trojan.
     
    Last edited: Jan 6, 2013
  16. moarman

    moarman Newbie

    Joined:
    Jul 15, 2010
    Messages:
    28
    Likes Received:
    5
    Follow up:

    Thread:
    http://www.blackhatworld.com/blackhat-seo/black-hat-seo-tools/485928-get-free-tumblr-queue-bot-9.html

    Post about the issue:
    http://www.blackhatworld.com/blackhat-seo/black-hat-seo-tools/485928-get-free-tumblr-queue-bot-9.html#post5075435
     
  17. valentinas25

    valentinas25 Regular Member

    Joined:
    May 7, 2010
    Messages:
    404
    Likes Received:
    114
    safer that you think... But it if file is new it can be a virus even if VT says it's not,as they need to examine the sample first if FUD...
     
  18. healzer

    healzer Jr. Executive VIP Jr. VIP Premium Member

    Joined:
    Jun 26, 2011
    Messages:
    2,363
    Likes Received:
    1,966
    Gender:
    Male
    Occupation:
    Marketing automation tools
    Location:
    Somewhere in Europe
    Home Page:
    be smart, free isn't always clean :)

    this is a marketing forum, all about competition & domination if u know what I'm saying
     
  19. nycdude

    nycdude Jr. VIP Jr. VIP Premium Member

    Joined:
    Oct 1, 2009
    Messages:
    485
    Likes Received:
    560
    Location:
    Mazatlán
    I keep Malwarebytes (free) handy at all times and run it every single day because of the amount of bots and other things I download from here. Malwarebytes is pretty cool too because if you wanted, you can use it to check the .exe file before running it.

    I have to say, I download A LOT of .exe files from here and ran them with no problems. On everyone of my Malwarebytes scans nothing was found after running BHW shared bots.

    That said...absolutely DO NOT trust bots from other forums, run them in sandboxie and scan your system immediately if you do.

    Virustotal is a real good starting point though, if they say it's clean I trust it...but of course as they say, buyer beware.
     
    • Thanks Thanks x 1