Can .exe programs modeify files of the user?

[Numb]

Suppose my friend sends me a .exe, if I click it, is there a risk that the program might delete things from my desktop or maybe rename everything to 123253563.random or something like that?

Can it also access the recycle bin?

Maybe one day a game got breached and when I run the game it deletes everything on my computer..

edit: Sorry I forgot I was in this forum.. how do I move my thread? And where does this belong?

[wolle]

You're gonna need to run the .exe in a sandbox. I've never used one but I think Sandboxie is one of the most popular,

https://www.sandboxie.com/

[Arjay]

Suppose my friend sends me a .exe, if I click it, is there a risk that the program might delete things from my desktop or maybe rename everything to 123253563.random or something like that?

Can it also access the recycle bin?

Maybe one day a game got breached and when I run the game it deletes everything on my computer..

edit: Sorry I forgot I was in this forum.. how do I move my thread? And where does this belong?

What is your question?

[Numb]

My questions are:

When I run a .exe, do I run the risk of "the program might delete things from my desktop or maybe rename everything to 123253563.random or something like that?".

"Can it also access the recycle bin?"

When a popular game or application gets breached, the intruder might update the game client so that it has this piece of code that does the above.

Will antivirus pick all of this? Or are you doomed? How to be safe while using .exe?

Also suppose I destroy all the files of my friend, could I be sued?

[2kaud]

What an .exe can do is limited by the context in which the .exe is executed. Running it as an Administrator, for example, allows the .exe far more access to system resources than just running it as a user. Many of os 'security vulnerabilities' arise from 'tricks' discovered that allow an .exe run as a user to access resources to which it shouldn't have access.

Top-rated anti-virus software (note that some are rated much better than others and they shouldn't all be judged as equal) will detect most 'suspecious' activity and warn the user. However, this is not (and could never be) 100% reliable. The only way to be absolutely safe re an unknown .exe is to either run it in a sandbox as suggested by Wolle in Post #2 or in a 'throw away' virtual machine environment.

If you deliberately issue an .exe that performs unexpected and unwanted actions on a computer when executed, then you might well be liable to be sued - depending upon the laws of the country(s) concerned.

This is one reason why Microsoft, Apple et al have 'App Stores'. Programs obtained from these have been checked and 'certified' that they behave in the manner expected.

[wolle]

How to be safe while using .exe?

If you missed it, see my previous reply.

To be safe you need to run the .exe in a so called sandbox environment. It will allow you to control the .exe's access to the OS and thus prevent the .exe from doing bad things.

[MortenComp]

I support wolle. You can create a sandbox and run the executable there. You can use Virtual Box for example. It's easy to create an operating system and see what the program does.

[salem_c]

Bear in mind that if the code was truly malicious, then it's possible that it could detect your attempt to run in a sandbox / VM and "play along" to lure you into a false sense of security.
http://www.cplusplus.com/forum/windows/96874/

[wolle]

Bear in mind ...

Yes, there's a limit to how well software can protect you. Neither sandboxes nor virus packages are 100% secure. To step up security I suggest a two-computer solution.

The first computer is the on-line computer. It is connected to anything you want (typically the internet) and anything can be freely installed. It holds no sensitive information and if it gets compromised in any way it is reset to pristine factory state. Then everything is lost but that doesn't matter because nothing of major value is kept on this computer.

The second computer is the off-line computer. This is where all real work takes place and where all sensitive data is kept. Most of the time it is physically isolated from the outside world. Data may be transferred to and from it but only when absolutely necessary and then with stern safety procedures. Data is automatically backed up at fixed intervals and copies are kept at a safe location (like a bank locker).

So the idea is that the on-line computer acts as a sandbox to the off-line computer with only a small amount of highly controlled information exchange. Both computers should have full virus protection.

Admittedly the two-computer approach is somewhat tedious and doesn't fit every situation. Still it increases security quite a lot and I recommend it for anyone who's doing professional work from home, especially if exposing or losing information has legal consequences. And it definitely beats paying ransom to some hijacker.