There is this game that I want to play badly. It is an old game and hard to find. Any copies I find on the internet seem infected with malware or they could be false positives since anti virus software tag them as malware. In any case I dont want to risk it and install potential malware on my system. I thought about installing the game within a sandbox, would that work? Would the game be playable from within the sandbox? I have no experience with this and would appreciate some help.
There are some games that you can install inside the sandbox with the help of Sandboxie. Especially older ones will often work. I've installed demo's from older versions of Need For Speed and PES for example. Keep in mind that Sandboxie won't stop automatically stop certain behavior like outbound network access.
Can you suggest one that I could use and what are the benefits of using a virtual machine compared to Sandboxie?
I use VMware, but there are others. I am going to be honest. If you have to ask that you are putting your computer at risk for a game. Also do a lot of backups. I still say don't do it.
bear in mind that running a vm itself requires a powerful rig (cpu, gpu & mem). on top of that, if the game you wanna run has high sys reqs, then it will not run smoothly, even not run at all. but you say it's an old game. if the sys reqs are not that high and you have a powerful rig, then you will not have any issues running it under vm. try vmware or virtualbox.
1- As said here by a really fervent fan of sandboxie, ''sandboxie isnt made for testing apps that may contains malware" then basically Sandboxie is useless in your case and "may not protect you" (said the fan). 2- in a VM you basically reinstall an OS inside a contained environment, do whatever you want in it, then save or discard your works, so the interaction with any softs is almost identical as your real system.
guest, quit Mickeymousing stuff. I said (parapharsing myself), "Sandboxie was not designed to be used as an analyzer of behavior. Since Sandboxie is an application sandbox (and Not an analyzer), the behavior we see in programs when they run in the sandbox should not be used as a guide for telling whether programs are good or bad/malicious. We should not install programs outside the sandbox based on their behaviour in the sandbox. Doing so is wrong and can hurt you when a malicious program fools you into thinking that it is clean and you install it outside the sandbox and become infected." Quit changing what I write. Doing so confuses new users. It doesn't confuse the people that know Sandboxie but when you do it, you are hurting people who are new to Sandboxie. Bo
@bo elam quit debating with me since you don't seems to have the required technical knowledge to grasp what I'm saying. If you can't tell, for example when mimikatz.exe or powershell.exe running in VLC sandbox is potential malicious behavior or not, you better go teach new users how to use Sbie than opening a new debate with me.
guest, I am not debating with you, I dont even want to talk with you, to me you are an annoyance but you push too much. This past few days, you Mickeymoused what I said days ago, too many times. I being ignoring you but you do it too much, you done it at least 3/4 times this past few days. Quit trying making seem what I write as if it was something else. You are continuously reinventing what I said days ago in your guest mickey mouse MT way, please, stop doing it. What I said is what I paraphrased myself, not what you making up that I wrote. Bo
Stop the name calling now. The thread starter, denisz12, does not deserve to have his thread turned into a platform for members to have a go at each other.
Hi denisz. Personally, I dont play any games or ever installed or ran any under Sandboxie. So, my personal experience with games and SBIE is zero. But some will work/install fine under Sandboxie and some wont. You have to try them and see what happens. Myself, if I think a program might be infected, I wont install it, not even sandboxed. So, in my opinion, if you think this game could be malicious, its not worth it and I recommend you follow your instinct and forget about it. Bo
Maybe take a look at gog.com (good old games). They got lots of old games patched up to run on todays windows. But you have to buy it I wouldn't want to risk my pc security for any game (even when using VM/sandboxie.)
Sorry to see this thread turning into a fight between two members. I now have two questions. 1. If the game is in face infected can it find its way out of the sandboxie/VM and still infect my system? 2. Does anyone here inspect possibly infected files? Is there a section to upload files to inspect? Do you guys know a site where I could upload said files for someone to inspect what they do?
1. I highly doubt it, but I'm not expert on this. In fact, a lot of malware is VM-aware, meaning it will lie dormant if it detects it's in a VM when the user attempts to launch it. This in itself would be a pretty good indicator you're dealing with malware. 2. Personally, I like to use Virustotal web site to inspect files.
1 Normally speaking, malware won't be able to infect the system, because it has low priviliges and Sandboxie blocks access to the real system. However, malware might still be able to steal data, so you should always combine Sandboxie with other security tools. 2 I use VirusTotal, but you can't have 100% trust in it. Most of the time, at least one AV will correctly identify malware, but with zero day malware, they might all fail to spot it.
unless it is a kernel exploit or other kind of privileges escalations like the latest ctfmon.exe vulnerability.
As with two others, I also use VirusTotal (besides having AV installed locally). There can be false positives, so keep that in mind. Personally I feel more convinced if the scan specifically identifies a named threat, rather than just flagging a possible generic concern. The other simple point I wanted to make — sorry if it's too obvious — is if you're concerned about zero-day exploits then simply wait. What this means is that if you wait for long enough then some other users less cautious than you are likely to become infected, honeypots are likely to be hit, and the exploit is more likely to be detected. How long is long enough? I don't know. It would depend upon the popularity of the file/site, which would determine the frequency of exposure to it among global users. I would guess that waiting days or weeks might be enough to reduce the risk. —DIV
This is an older thread but I'm also interested about Sandboxie and say the Sandbox feature that's part of Windows. Less and Less trusting of online games these days that REQUIRE an internet connection. Why are even single player PC games insisting on one having a continuous internet connection? Fewer and fewer companies are to be trusted frankly, just by how lax they are in protecting people's personal data of late. Other than using a VPN, is there another way to game with a higher level of security? Sandboxes appear not to be an option. I ask 'cause when the new Mass Effect game is released, I do not want to be bound by game controllers. TIA
You can of course try to play it in Sandboxie. If it works, it's naturally more secure than not using Sandboxie. The issue is that Sandboxie really isn't made for gaming. As for Windows Sandbox, that is even more secure as it uses hardware virtualization. It's also a lot more taxing and it is completely deleted when you shut down the virtual machine, so what's the point?
Appreciate your comments. Even disc-based games now want to phone home after one loads them up. My spydee sense is tingling but if game services are requesting -- no, demanding you connect, how can anyone not wonder what all that telemetry is all about, beyond repairs and updates. Just saying. This is the right place to ask this kind of question. Naysayers in other venues will say ah, you're just paranoid but today we now know that end users asking the right questions is for cause.
This is old but I want to add something. Unless you have the skills of someone who is used to being infected like a computer software pirate (not pointing any fingers) hehe don't do it. I might take the risk. Oops. LOL
