Why is a keygen I downloaded recognized as a Trojan by AVG?

andrei December 4, 2011
Pinterest Stumbleupon Whatsapp

So I downloaded a CS5 keygen and every time I use it, stupid AVG says its a Trojan.

Why does AVG recognize it as such? Is there really such a huge harm in 68KB?

I also have further questions so if you could address them please let me know…

Ads by Google

  1. Anonymous
    December 6, 2011 at 2:33 pm

    well possible after reconnecting again the soft will connect to internet, best will be to run the soft without internet connection.

    • Andrei
      December 6, 2011 at 6:11 pm

      I will try using it without the Internet connection
      Will post back with results
      Thanks

  2. Andrei
    December 6, 2011 at 5:24 am

    My other question Jeff is this, every time I use the serial it accepts then rejects it, i put in a second one and it works. But i have to repeat this process everytime I use the software... I just mentioned this but I tried working around it but using a (run-as-date app/ and changed the host file w/ notepad) it doesnt help anything...

    I have even more questions particularly about bluebugging software, i just started researching it and I am curious as to what software that actually is??
    How does it work?

    Dont know if you can PM here on this site? 

    • Jeff Fabish
      December 6, 2011 at 6:40 am

      Hi Andrei,

      The problem is that it is probably running a serial verification module upon startup or during its runtime. Please contact me at electricnetworks[at]gmail [ dot ] com as you can't PM with Disqus.

      - Jeff

    • Johnfahlsing
      December 6, 2011 at 12:35 pm

      try disconnecting your system from the net when using the program. If it wants you to keep adding the number, you have a bad number, not all key generators work the same. KAT has a wide list of good ones.

  3. Andrei
    December 6, 2011 at 5:14 am

    Thank you everybody for the helpful advice
    1). keygens are illegal and highly dangerous (oops ;-)
    2.) VBN code? (nice - look into that)
    3.) sandboxie virtualbox (read about that in 2600 -havent used it yet)

    AVG says:  Trojan horse Agent3.AVUK

    Yeah that is what I did; disable RS, run key, open prog, enable RS

    I am just looking in deeper to the issue, kind of like when someones asks you how a toilet works you say sure, you press the button and it flushes.

    despite the fact that there is actually much more to flushing that turd down..
    (warning not original thought - ripped off from psych book (Invisible Gorilla)

  4. Johnfahlsing
    December 6, 2011 at 1:31 am

    Jeff is right almost... Keygenerators don't cause harm in a way. I use em all the time, and the best thing to do is this...
    Turn off AVG resident shield, download the keygenerator, run it, then if you have sucessfully cracked the prog, then run avg and check for virus, turn on resident sheild when done. Its how I get around them, and never had a virus i couldn't detect, and destroy afterwards. Fear, its a mind killer!

    • Jeff Fabish
      December 6, 2011 at 2:11 am

      That's a bit suggestive, no? How can you blindly say (without investigating) that the key generator won't harm his system?

      Upload it to VirusTotal or Jotti. Once the scan is complete, if it finds any malicious objects do research on them, see what users have to say. Is it a false positive? Did it mess their system up? If comments are filtered, don't trust the results. 
      I need to know more about the trojan in order to tell you if it's malicious or not. For example, a trojan and a trojan hack tool are very different things. Your anti-virus will probably say it's "trojan.SOMETHING", tell me what it is. 

      I wouldn't ever advice disabling your security, rather add an exception if you think the file is safe. This way, if the application ends up trying to play hanky panky with your files, your anti-virus will tell you.

      - Jeff

      • Johnfahlsing
        December 6, 2011 at 12:37 pm

        Did i not say, turn off resident shield, install proggy, use keygenerator, then run avg, test for virus'???

  5. Jeff Fabish
    December 5, 2011 at 8:29 am

    To answer your question, an anti-virus most likely detects it as a trojan because it patches other programs (assembly or registry entries). Any application that isn't signed by a reputable author and attempts to modify other application's structure's is usually classified as 'potentially malicious'. It may be a false positive (meaning it's not actually a virus, but the anti-virus thinks it is) or it may actually be malicious.

    On a side note, keygens are illegal and highly dangerous. A 64kb application probably can't do much, I speculate it may be a trojan downloader, whereby it downloads the rest of itself upon execution. I suggest either running it in a sandbox or virtual machine environment such as Sandboxie or Virtual Machine, respectively. This way, if it is malicious it doesn't disrupt the files you need. 
    Hit me with the rest of your questions, Andrei ! 

    - Jeff

  6. Anonymous
    December 5, 2011 at 8:15 am

    depends on Avira policy and in general security softwares, if you want to use the keygen you can disagree with avira by shutting temporarily the real time protection, but you may also regret if AVira was right regarding the keygen

  7. Jay
    December 5, 2011 at 8:11 am

    1. keygens can be virus.
    2. you should by buy programs and get a key officially.
    instead of using duplicate keys.
    3. you can find such keys without the keygen on net.

    • Andrei
      December 6, 2011 at 5:16 am

      Yes you can find serialz without a key gen ... I know 

      but my bum ass prog makes me put them in 2 at a time every time i start it up 
      also I have tried using a (run-as-date prog/ manually changed the host)
      no luck 

      i need the software but i dont need it so bad that i am going to shell out $400 for a digitial photography class in school 

      • Jay
        December 6, 2011 at 6:03 am

        you may use a cracked version which is also illegal and may also affect your pc with a virus.
        you will have to google it yourself because of the policy of this site, which is not to provide support for these things.

  8. FIDELIS
    December 5, 2011 at 7:56 am

    Hello, I would not be downloading keygens if I were you.  Most keygens are recognized as malware because they are written in vbs code.  Unless you know how to code and read the language, you do not know what the package includes....

Ads by Google