What am I looking for?

it's difficult to describe what exactly i am looking for. basically, i seek something that can prevent data from being read from my computer. suppose i were to run a keylogger or similar type of software. it might be able to record exactly what i am typing, read data from other windows that i happen to have open, get a list of all the processes i am running, take screenshots, read data from my hard drive, etc. now i have considered solutions such as 'sandbox' type applications. but all of the ones i've looked at only have the ability to prevent my hard drive from being written to; that is, they can stop malware from infecting my hard drive, but not from spying on what i do while i am within the virtual or sandboxed state. so if i were to run a program sandboxed, for example, it would still be able to read what i am typing in another window that is not sandboxed. so if i am looking for software that has the ability to prevent a keylogger or other malware from reading stuff from other windows or from logging my keystrokes as long as it is within the "virtual" state, what exactly should i be looking for? is there any sandbox type software that can prevent read, as well as write operations? am i even looking for a sandbox? (for example, virtualization software like VirtualPC)

speaking of virtualization software, does it provide any protection at all? let's say that i had credit card numbers (or any other sensitive information that you can think of) on a file on one virtual computer, and i had malware running on another virtual computer on the same physical machine. will the malware be able to penetrate the virtual computer it's running on and gain access to my data? all feedback is welcome!

 

I cannot help you with the virtual machine questions. But I know a lot of people have been using KeyScrambler to encrypt their keystrokes. I am going to give it a try soon as it seems to come highly rated. A link is below-

http://www.qfxsoftware.com/products.htm

It probably would not hurt to have some sort of keylogger detection programs as well. There are some programs that scan for them, such as SuperAntiSpyware-


http://www.superantispyware.com/

And Snoopfree is an active keylogger monitor-

http://www.snoopfree.com/

 

Hello,

Malware should not be able to move from one vm to another, even if it's network aware. If you allow no file sharing between the vm or firewall them and do not allow any communication between them, there's no way how malware could propagate.

Regarding sandboxed programs running and reading other programs. The whole idea of sandboxing is to prevent processes from being able to access crucial system calls. This means that a keylogger could run in a sandbox, but if it has no access to necessary calls, it cannot do anything harmful.

As to your sensitive information:

Keep it in a non-default location. Don't use My Documents and similar crap. Create a folder called Uppsala on your D: or F: or K: drive. There's no chance any program will be deliberately able to screen your files and grab their content.

Firewalls also help control the traffic.

Mrk

 

This may help
http://www.techsupportalert.com/security_virtualization.htm
He tested some of the scenarios you are describing.
There are a few threads here about process firewalls; in particular PG which highlight blocking any .exe from running, which theoretically would prevent any unwanted installations from being loaded; but not bulletproof

There is another test of HIPS on the same site that may address some of your concerns.

You are correct that while a VM exists in isolation and is insulated from your host that a VM could be subject to any crimeware infection and subject to the usual problems :hijack, adware , info theft. If you are reverting to clean snapshot of that VM install then all the crookware would be gone, but the damage could have been done.

As usual MrK has some pertinent advice.

 

Every single one of the replies has helped me immensely. Thanks so much! I will now address each one and provide more details so you know exactly why I asked.

First, Keyscrambler looks like a very interesting program. I like the concept of scrambling keystrokes so that even if they are captured, the information collected is useless. As for Mrkvonic's suggestion to keep information in an obscure folder, I shall certainly keep that in mind!

Now, to the reason why I started this thread. I am a World of Warcraft Player, and I do not want my personal information read from other windows by something called the "Warden" client as I play the game. Here is a link that gives some very brief, background information on it:

http://www.rootkit.com/search.php?srch=warden

I am no cheater, and I do not run third party programs on my computer while playing the game; I believe it detracts from the game experience of myself and others. However, I am concerned that the game may be reading sensitive information as I play it. Would a virtual machine or sandbox prevent this kind of intrusion? I'm not exactly sure how the Warden works, but according to some of the links on the page above, it dumps all running DLLs, uses the function GetWindowTextA, and opens every running process, among other things. Being a newbie, however, I am not exactly sure what this means.

This may or may not be relevant, but I found a thread here at Wilders discussing whether ProcessGuard has the ability to block Warden, and the information that Gavin gave seems to imply that it has no such ability:

https://www.wilderssecurity.com/showthread.php?t=119787

I am not looking for a way to prevent Warden from detecting running cheats. I am looking for a way to play the game honestly, but without risking my private information. I carefully looked at the list of Sandbox reviews that have been posted. If I ran World of Warcraft inside a Sandbox, or inside a virtual machine, would it still be able to read information from my other windows? Please help me! As much as I enjoy the game, I am worried.