How do I properly check if a program is a virus/trojan in VMware?

How do I properly check if a program is a virus/trojan in VMware? How I should check if a program is a virus in VMware? Some programs I do need admin ability to install and it makes sense. But how do I know if it's doing more than I want? Some thoughts are:
Asked by: Guest \| Views: 346

Total answers/comments: 1

Comments display order:

bert [Entry]

"Along the lines of your analysis (though, it's always safer to check where you downloaded it from and use local antivirus software),

Check for what network communications it attempts.
It's always fairly easy to enumerate what network activity is likely from the program description.
You can use the Sysinternals TCPView to follow it or just do frequent netstat.
Some Host antivirus/firewall tools also allow configuring a block for a process.

Most malware focuses on 'corrupting' other applications on your system.
This means, just following the newly installed application will not be sufficient.
You need a way to detect when it starts playing with other executable files in your systems too."