can a virtual machine get a virus?

Discussion in 'Parallels Desktop for Mac' started by lmd2, Jun 3, 2006.

  1. lmd2

    lmd2 Bit Poster

    Messages:
    2
    just installed windozeXP on my macbook 'cause I need to use two PC apps on my job. So far it seems like the perfect solution.
    On my two windows machines I run anti-virus software of course, never seemed necesary on my macs, but not sure how this works on a virtual machine - if I get infected do I just delete the VM and start over, does anyone else have experience with this, or are VMs immune somehow (I don't see that being likely).
    TIA
    lmd2
     
  2. Sheppy

    Sheppy

    Messages:
    145
    You should protect your VM from viruses just like you would a real machine. The infection would be constrained to the VM, but the VM can indeed become infected.
     
  3. nhand42

    nhand42

    Messages:
    37
    Yes, virtual machines can get viruses

    Yes, virtual machines can get viruses.

    You should take the same precautions (virus scanner, personal firewall, anti-spyware) in your VM as you do inside a non-VM.
     
  4. Djoh

    Djoh

    Messages:
    42
    I would suggest another, very simple precaution:
    Once you're done installing all the software you need on Windoze (including updates etc.), shut down the VM and copy the VM's folder (including virtual disk drive) somewhere as a backup.
    I also keep all the files I'm actually working on saved in a shared folder (one that the PC does not have permissions to leave, so it can't see the rest of my Mac HD).

    Thus any time I've messed up the VM (or if a virus ransacks it), you just delete the current VM folder and replace it with a copy of your (virus-free) backup, and hopefully all the files you were playing with are still accessible in your mac-side shared folder.

    I would say still run anti-virus stuff, but I've found this to be an easy solution.
     
  5. mavidal

    mavidal Product Expert

    Messages:
    122
    A virtual machine is just like a real machine. One of my uses for it is to test spyware cleaning techniques. I find it much easier to blow away a virtual machine and start over than to do it to a real machine.

    To the poster about making a copy, thanks for the tip, I will have to do that. Saves me some time in re-installing the os.

    IF you want to play around and see how weak (and I mean weak) windoze is, make sure you have at least an antispyware (like windows defender) and an antivirus (I use AVG) and go to www.theserials.com, install the active X and see how fast your computer gets screwed up. This has convinced me that windoze is really a piece of crap programmed by committee.

    I actually have it cleaned up to the point that the malware does not load up anymore, but for some darn reason, I am still getting an occasional pop-up of IE and I can't find the culprit.

    My joy would be to shoot the S.O.B.'s that write this crap, in public and publish it on the web.
     
  6. joem

    joem

    Messages:
    1,247
    So as a test of Windows security, you recommend goint to a web site that deals in illegal software and purports to help people steal it, and you recommend downloading and installing a PROGRAM they provide and RUNNING THEIR CODE on your system, and watching their malware mess with your system.

    What sort of idiot would actually do that? Run untrusted code from an illegal site? What were you thinking???

    I assume you were just playing with this to see what would happen and maybe figure out a way to defend against it, but c'mon folks, unknown CODE?? This is not in any way an indictment of Windows or any other OS someone has written malware for and convinces some unsuspecting fool to run.

    Heck, name your OS and I'm sure someone here can email you a small program that will wipe it out if you run it. (And I suppose there will be some fools who run it and are surprised when their machines stop working).
     
  7. mavidal

    mavidal Product Expert

    Messages:
    122
    Joem:

    Your right about playing as I wanted a fast way to infect the machine. The active X they install is found in many website (name it, porno, gambling, warez, etc etc) it is from E.C.S. international, since what this installs I find on 80% of my service calls.

    What is insedious is that they are not asking you to install any software to help steal software as the site only offers serials numbers, but to get in, you have to install the active X control How many legitimate website do you go to that require some sort of active X? Now imagine the site being hijacked and this malicous pile of crap software gets installed.

    What I am talking about is that windoze has so many back doors available, that just from one lousy active X that it would make your head spin. Heck, I found a service installed on the machine that allowed remote registry changes! No warning that anything was being changed etc.

    This is a vanilla install of XP, with all the patches that MS puts out, and it is still getting totally hosed up.

    BTW, go to the same site with Firefox and no issues. Guess what browser I have been using since it first came out. :)

    AVG catches about 95% of the crap that is installed. Some of it is so new that none of my spyware tools see the files.

    As for Idiots, quoting a famous circus man, There a sucker born every minute, and when it comes to computers, there are many idiots out there.

    I do not condone the piracy of software, but malicous websites are out there, they place themselves high in search engines and that is how people get nailed, becuase they do not know the good from the bad or the ugly! :)
     
  8. James Bond 007

    James Bond 007

    Messages:
    159
    Joem, I am sure he only wishes to demonstrate how easy it was to get infected if you use Internet Explorer to surf the internet in Windows, even when it is fully patched. If you are not using Windows XP SP2 (e.g. Windows 2000 or Windows 98), you will not even get a warning that an ActiveX control is about to be installed when you go to those sites.

    There are a lot of ordinary people who are not aware of this and just use IE to browse to whatever site they go. Thus their PCs are often infested with spyware to the point that the machines are basically unusable. For those people, ironically, a Mac would have been a better choice!:D

    That is why we use Firefox (or Opera) and not IE when surfing the internet in Windows.
     
  9. rockaday

    rockaday

    Messages:
    3
    So which VM folder do you copy? I assume users>library>VM. Is this right?
    Thanks
     
  10. joem

    joem

    Messages:
    1,247
    Copy the .hdd file. This is your hard disk. By default it's in
    ~/library/parallels/vmname
    where vmname is the name of your VM.

    If you have more than one hard disk attached to your VM, there will be more than one .hdd file.

    If you are using floppies, you will have one or more .fdd files.

    The .pvs file is your VM definition, which is unlikely to get hosed by malware, but you can copy it as well since it's small.

    FWIW, I use the VM directory to hold other files related to my work with that VM, so I don't back up the entire directory. In fact, I often just make a copy of the .hdd file in the same directory with a different name.
     
  11. pak150

    pak150

    Messages:
    3
    Performance question

    How much of a toll will installing AV software on the virtual windows take on overall system performance? Does it significantly slow down the Windows side, the Mac side, or both?

    Thanks!
     
  12. mavidal

    mavidal Product Expert

    Messages:
    122
    The antivirus program will consume your guest os resources the same as it would on a normal machine. The newer versions of Norton and McAfee are resource hogs.

    I would think that it will take a bit more resources on the OSX side but not much.

    I use AVG. You can get it for free at free.grisoft.com. Great antivirus and very small footprint so it does not consume resources.

    My virtual machine runs faster than my standalone windoze with a P4 1.6Ghz processor with 512Mb of ram. The virtual is set up with 384Mb.

    Mike V.
     
  13. Paul Linden

    Paul Linden

    Messages:
    76
    If it slows down the Windows VM it'll slow down the Mac OS too since it's taking resources to run.

    It's hard to say how much of a hit it makes, but if you do things that do a lot of disk access, it can noticeably slow it down. For instance, I code Java, and compiling causes lots of file reading and writing. I see a 50% speed increase if I disable the virus "on-access" checker that checks every file you read and write.

    That's why I've installed Linux on my PC at work and do most of my Java coding on my iMac and C++ programming in a Parallels Linux VM.
     
  14. cetuma

    cetuma

    Messages:
    40
    The only legitimate website I go to that requires Active X is WindowsUpdate. Worse part is not only do they require installation of their ActiveX control, but they also now require installation of spyware that sends daily messages back to MS.

    I agree.. Firefox and Camino, and I barely even need to worry about AV software.
     
  15. pak150

    pak150

    Messages:
    3
    Thanks for the info. I doubt I'll be using a lot of disk access, I just want to use the VM to use my Mac to access my company's document management system, so I would only be running Outlook.
     
  16. Marko

    Marko

    Messages:
    27
    You should be also protect your Mac OS X partition by ONLY sharing a Folder specific for Sharing Files between Guest OS's!!!

    Any malicous virus or back door opened in the Guest OS will then only be limited to your Guest OS HD File and the Shared folder!!!

    DO NOT Share your Hard Drive!!!

    You don't want malicous code to start deleting your MacOS X files.
     
  17. veggiedude

    veggiedude

    Messages:
    100
    There are some freeware virus protection out there. Using one would be wise if you are downloading things into your VM.

    To protect yourself, backup your VM by burning it to DVD, or if it is too big, copy a backup to an external drive.

    Should your VM become corrupted by a virus, just dump it and get your clean copy - problem solved in a few clicks.

    :cool:
     
  18. ciprol

    ciprol

    Messages:
    15
    How good is this advice? I read elsewhere that even sharing one folder under OS X can lead to problems to the remainder of the OS X installation. Is it true?
     

Share This Page