Program: Safe Environment For Executables?

#1 matt9862

New Member

Group: Members
Posts: 2
Joined: 19-July 08

Posted 19 July 2008 - 10:08 PM

Hey there,

I'm not new to viruses and I know how to avoid them. Most people will tell you to purely avoid untrusted/unknown executables and I agree of course, but for general download use I am after a program described below. This would be used on executables that have passed all virus checks and common-sense authentication checks. Just a last precaution.

It should 'lock down' a selected executable and monitor every process it attempts to do and request permission before it lets it do each action. Things like registry entries, copying/deleting/modifying files and anything else that modifies your computer.

Like Vista's UAC (a most annoying feature 99% of the time) but extended. It wouldnt be active on every file like UAC is, just on a targeted executable, or I guess putting the whole computer in lockdown while you run the file would work just as well.

Does this exist? Thanks for any help :thumbsup:

Matt

#2 Galadriel

Bleepin Elf

Group: Malware Response Team
Posts: 2,715
Joined: 11-November 04
Gender:Female
Location:Missouri, USA

Posted 19 July 2008 - 10:38 PM

There are several types of programs that allow you to do similar things.

You can use a Virtual Machine. For example, Microsoft's Virtual PC. or VMWare.

You can use a sandbox. Sandboxie is a good one.

As far as monitoring applications go, there are some.

Process Monitor by SysInternals is a good one.
Additional SysInternals utilities can be found here.

Hope this helps.

I cemna prestar aen. Han mathon ne nen. Han mathon ne chae. A han noston ne 'wilith. - Galadriel
'The avatar is changed; I can feel it in the water, I can feel it in the earth, I can smell it in the air.'
Phear teh ceiling cat, for he is roofkittehd! - Basement Cat

I'm a Bleeping Folder, are you? - Join BC in the fight against diseases - Click here
Become a BleepingComputer fan: Facebook

#3 matt9862

New Member

Group: Members
Posts: 2
Joined: 19-July 08

Posted 20 July 2008 - 12:33 AM

Many thanks Galadriel,

Reading the descriptions, the sandbox idea sounds perfect for my intentions. Thank you for the advice :thumbsup:

Matt

Edit: Reading some more, you can run your internet browser within the sandbox? Is there a reason this software isnt more widely used? I understand you cant make permanent changes to things like Favourites, but it sounds like its practically virus immune if you wipe everything that isnt 100% trusted. Just a side thought.

This post has been edited by matt9862: 20 July 2008 - 12:37 AM

#4 Galadriel

Bleepin Elf

Group: Malware Response Team
Posts: 2,715
Joined: 11-November 04
Gender:Female
Location:Missouri, USA

Posted 20 July 2008 - 01:16 AM

You're welcome. Glad I was able to offer you some choices.

As far as why it isn't more widespread, I can't really say. It's been around a few years and the original purpose was actually for safer surfing if I recall correctly. It's known and used in certain circles, but the general public hasn't been exposed to it much, which is a shame.