Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

virus in virtual pc?


  • Please log in to reply
3 replies to this topic

#1 polarpimp

polarpimp

  • Members
  • 178 posts
  • OFFLINE
  •  
  • Local time:03:16 AM

Posted 23 July 2009 - 11:06 AM

wat if i get my virtual machine infected, could it transfer?

BC AdBot (Login to Remove)

 


#2 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,259 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:12:16 AM

Posted 23 July 2009 - 01:26 PM

Generally speaking, Virtual Machines are walled off almost completely from the host operating system. Usually, the only connection from the VM to the host which is "visible" to programs running in the VM is the virtual network connection. So an infection could be transferred from a VM to a host if you transfer an infected file over the virtual connection or the malware in the VM can copy itself to other computers over a LAN.

Since you're posting in the Linux forum, I'm assuming that your main operating system is Linux and that you are (or want to) running Windows in a virtual machine like VMware, VirtualBox, or QEMU. Should the virtualized Windows session get infected the Linux host will not be infected.

Cross-platform malware is extremely, staggeringly rare. This is partly because Windows and Linux have different formats for executable files. Windows uses the Portable Executable (PE) format whereas Linux uses the Executable and Linkable Format (ELF) which are not compatible. However, their have been examples of malware which takes advantage of platform-independent or 'workalike' runtime environments such as .NET/Mono and java [Link].

The long and short of it, though, is that provided the host and guest operating systems are different (like Linux and Windows) then there is only an extremely remote and purely theoretical danger of anything like this happening.

#3 snowdrop

snowdrop

  • Members
  • 513 posts
  • OFFLINE
  •  
  • Local time:02:16 AM

Posted 23 July 2009 - 02:26 PM

I notice you recently ran anHJT thread on your XP machine but did not return to the thread to complete the cleaning process: is your present enquiry related to it ?

I know people elsewhere to do run VM's who deliberately 'infect' them to see how the infection affects the computer and how to clean it ; none of them that I know have (yet) reported they have gotten an infection on their main machine :thumbsup:

However, a point that does come to mind is...if they infect it deliberately with a Backdoor trojan or similar 'nasty' how then do they 'clean ' it..I guess uninstall the VM and start again

maybe someone can 'drive by' this thread and expand/clarify on that point?

#4 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,259 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:12:16 AM

Posted 23 July 2009 - 03:02 PM

However, a point that does come to mind is...if they infect it deliberately with a Backdoor trojan or similar 'nasty' how then do they 'clean ' it..I guess uninstall the VM and start again


Most VM software can revert to a saved state, eradicating all changes made to the guest since the saved state was created.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users