Is it possible to safely contain a virus - not letting it spread?

security windows virus malware spyware

I need to run a program, but I don't trust the author. I think it is infected with spyware, viruses, or malicious files. I scanned it and didn't find anything, but I'm still not feeling good about it.

So I was thinking to create another Windows user account.

  • Will viruses on one account infect the second account? Do I have to scan both user accounts?
  • And if I removed the account infected, will viruses be removed from the PC?

If that won't work then:

  • Is there any "sandbox" to do some testing and insure that you're PC is safe?
  • Is Virtualbox an option?

I have Windows 7.


Solution 1:

Use Sandboxie. You can get it at sandboxie.com

Using another account will only help if you set the account as limited and the program you're trying to run doesn't request privilege escalation. Running your program in a sandbox like Sandboxie is much safer and easier.

Solution 2:

Note that a problem (the main problem) with solutions like VirtualBox, Vmware, or Windows Virtual PC, is that some (many) viruses are designed to spread to network shares and attached drives.

A solution to this problem is to make sure that your virtual box/machine has no network connections and no attached drives.

Which does make it rather harder to use, and much less convenient. But not impossible. Copy any software you want to test to the virtual box/machine, stop it, disconnect it. Restart it and install/test/use the software you want to install/test/use, then stop and discard any changes that have been made to the virtual machine.

Solution 3:

When running suspect programs, you have to be aware that the program will infect the operating system of the computer, not just the user account.

To do so semi-safely, it would be best to run some sort of virtualization program like parallels or vmware or others which creates a virtualized instance - another copy of the operating system running partitioned. You could then boot the virtual OS, run the program and then later exit and throw away the virtual copy.

That said, it is highly desirable to NOT do this since it could do things like try to change your router settings or get other info about your LAN devices, damage or transmit info from files it can see and do other things - only limited by how much you allow the virtualized OS to see other things on your LAN.

Solution 4:

From my personally experience if you want to run a program, but do not trust it, don't run it. However, take a look at where the program comes from. Many programs can be found on sites like sourceforge.com, github.com, etc, are open source and are generally peer reviewed - thus are unlikely to harbor a virus.

  • Will viruses on one account infect the second account? Do I have to scan both user accounts? Yes, and yes Viruses will spread (why they are called viruses).
  • And if I removed the account infected, will viruses be removed from the PC? Unlikely - if the viruses was designed well removing directories (users) will not help.
  • Is there any "sandbox" to do some testing and insure that you're PC is safe? Yes, many. This depends on what you want and what type of testing.
  • Is Virtualbox an option? A great option. and free. This will lower the chance of the virus escaping the testing grounds. However, there is still a chance (small) that a good virus can escape.

Related

Automorphism group of a lattice's Voronoi cell
Playing the St. Petersburg Lottery until I lose everything
Numbers divide its prime factors' concatenation
Where does Mutt save attachment?
Is there a "Coalgebra - Cogeometry" duality? Good opposite of a category of coalgebras?
Tmux: no pane 'zoom' indication after customising status bar
How big is my pizza, if I know its slices' sizes?
Every function $f: \mathbb{N} \to \mathbb{R}$ is continuous?
What does it mean when two sets are "adjoined" in a metric space?
Headings shortcut in Word?
can't swing the proof for this inequality
Where did the angle convention originate?