Hi all,

I have a question about malware, and how to detect it.

What's to stop a program from masquerading as something useful (say a download manager, or something similar, to convince a user to allow it outbound through their firewall) but actually embedding some malware into their code?

For example, what would stop something from running the same kind of code that teamviewer or join.me runs on a person's system without actually telling them that it's running? How would you detect if something like that were happening?

I was just wondering about that, and I thought this might be a good place to ask. If this information is available somewhere, please point me in the right direction, and I'll be happy to read it.