Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Program: Safe Environment For Executables?


  • Please log in to reply
3 replies to this topic

#1 matt9862

matt9862

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:32 PM

Posted 19 July 2008 - 10:08 PM

Hey there,

I'm not new to viruses and I know how to avoid them. Most people will tell you to purely avoid untrusted/unknown executables and I agree of course, but for general download use I am after a program described below. This would be used on executables that have passed all virus checks and common-sense authentication checks. Just a last precaution.

It should 'lock down' a selected executable and monitor every process it attempts to do and request permission before it lets it do each action. Things like registry entries, copying/deleting/modifying files and anything else that modifies your computer.

Like Vista's UAC (a most annoying feature 99% of the time) but extended. It wouldnt be active on every file like UAC is, just on a targeted executable, or I guess putting the whole computer in lockdown while you run the file would work just as well.

Does this exist? Thanks for any help :thumbsup:

Matt

BC AdBot (Login to Remove)

 


#2 Galadriel

Galadriel

    Bleepin Elf


  • Malware Response Team
  • 2,753 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Missouri, USA
  • Local time:02:32 AM

Posted 19 July 2008 - 10:38 PM

There are several types of programs that allow you to do similar things.

You can use a Virtual Machine. For example, Microsoft's Virtual PC. or VMWare.

You can use a sandbox. Sandboxie is a good one.

As far as monitoring applications go, there are some.

Process Monitor by SysInternals is a good one.
Additional SysInternals utilities can be found here.

Hope this helps.
I cemna prestar aen. Han mathon ne nen. Han mathon ne chae. A han noston ne 'wilith. - Galadriel
'The avatar is changed; I can feel it in the water, I can feel it in the earth, I can smell it in the air.'

Phear teh ceiling cat, for he is roofkittehd! - Basement Cat

I'm a Bleeping Folder, are you? - Join BC in the fight against diseases - Click here
Become a BleepingComputer fan: Facebook

#3 matt9862

matt9862
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:32 PM

Posted 20 July 2008 - 12:33 AM

Many thanks Galadriel,

Reading the descriptions, the sandbox idea sounds perfect for my intentions. Thank you for the advice :thumbsup:

Matt

Edit: Reading some more, you can run your internet browser within the sandbox? Is there a reason this software isnt more widely used? I understand you cant make permanent changes to things like Favourites, but it sounds like its practically virus immune if you wipe everything that isnt 100% trusted. Just a side thought.

Edited by matt9862, 20 July 2008 - 12:37 AM.


#4 Galadriel

Galadriel

    Bleepin Elf


  • Malware Response Team
  • 2,753 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Missouri, USA
  • Local time:02:32 AM

Posted 20 July 2008 - 01:16 AM

You're welcome. Glad I was able to offer you some choices.

As far as why it isn't more widespread, I can't really say. It's been around a few years and the original purpose was actually for safer surfing if I recall correctly. It's known and used in certain circles, but the general public hasn't been exposed to it much, which is a shame.
I cemna prestar aen. Han mathon ne nen. Han mathon ne chae. A han noston ne 'wilith. - Galadriel
'The avatar is changed; I can feel it in the water, I can feel it in the earth, I can smell it in the air.'

Phear teh ceiling cat, for he is roofkittehd! - Basement Cat

I'm a Bleeping Folder, are you? - Join BC in the fight against diseases - Click here
Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users