LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-02-2006, 11:53 AM   #1
ddaas
Member
 
Registered: Oct 2004
Location: Romania
Distribution: Ubuntu server, FreeBsd
Posts: 472

Rep: Reputation: 30
xp on vmware and spyware


Hi,
I have installed vmware-5.5 on FC4 and win xp as the guest os.
I was very surprised when clamav fount the following.
What do you think?


Quote:
--------------------------------------
Scan started: Thu Feb 2 10:57:28 2006

--------------------------------------
Scan started: Thu Feb 2 10:57:32 2006

/home/vmware/Windows XP Professional/Windows XP Professional-s001.vmdk: Adware.Cydoor-2 FOUND
/home/vmware/Windows XP Professional/Windows XP Professional-000001-s001.vmdk: Adware.Cydoor-2 FOUND
/home/vmware/Windows XP Professional/Windows XP Professional-000001-s002.vmdk: Adware.Cydoor-2 FOUND
/home/vmware/Windows XP Professional/Windows XP Professional-Snapshot1.vmem: Adware.Cydoor-2 FOUND
/home/vmware/Windows XP Professional/Windows XP Professional.vmem: Adware.Cydoor-2 FOUND
/home/vmware/Windows 2000 Professional/Windows 2000 Professional.vmdk: Adware.Cydoor-2 FOUND
 
Old 02-02-2006, 12:26 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,409
Blog Entries: 55

Rep: Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582
What do you think?
Neat.
 
Old 02-02-2006, 01:29 PM   #3
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177Reputation: 3177
Bear in mind that, even for a guest OS, you need to run the guest OS as a non-administrator user (of that guest). It is much harder to remove malware once it gets in, than it is to keep the malware out in the first place. A disciplined approach to using "limited users" will greatly simplify this process.
 
Old 02-02-2006, 01:32 PM   #4
ddaas
Member
 
Registered: Oct 2004
Location: Romania
Distribution: Ubuntu server, FreeBsd
Posts: 472

Original Poster
Rep: Reputation: 30
The guest OS has no network access.
That's why is curious ....
I didn't install any strange software on it.

It seams that it has come with another program...

Do you think it is dangerous or I can ignore it...(I don't want to install antivirus, anti-spyware on win, it is only for my wife for a specific program). I would not install it ....I am full of $M bullshit
 
Old 02-02-2006, 01:48 PM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,409
Blog Entries: 55

Rep: Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582Reputation: 3582
If you run ClamAV, AVG or any trial AV from within Wintendo and it appears as if system32/cd_clint.dll is infected then that's a FP IIRC.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
On spyware vs anti-spyware primo General 0 11-11-2005 11:28 PM
Debug Linux kernel in vmware (two machines in vmware)?? cyu021 Programming 0 03-30-2005 08:46 PM
Vmware Virtual Machine Problem With Windows In Vmware jvdbossc Linux - Software 2 05-28-2004 07:54 AM
Spyware jag2000 Linux - Newbie 7 02-02-2004 10:55 AM
Spyware? BajaNick Linux - Software 7 07-15-2003 03:11 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:12 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration