New
#41
Good idea to drop the experiment!
You should also be aware that many new malware infections can easily detect if you're running VMware. They will not drop the original bit of malware that is known as the infector file or dropper
Good idea to drop the experiment!
You should also be aware that many new malware infections can easily detect if you're running VMware. They will not drop the original bit of malware that is known as the infector file or dropper
A VM would be the way to do this.
mrizos on YouTube has tons of videos on different product reviews. might be worth checking his vids out.
I would just be worried about stuff that can infect your BIOS. How much of that is out there?
Hi Jacee,
I notice that IOBit was on Sergiogarcia's list - any news on the latest with them and Malwarebytes
We've got 8 pages here .. IOBit’s Denial of Theft Unconvincing - Malwarebytes Forum nothing conclusive
Thanks Jacee,
Will have to follow that as It's potentially huge in it's implications - I know IOBit are not the first name I would think of when thinking security software but as a name I do recognise, if even one of the things they're accused of are true - It can't help the image of the industry
VM can be bypassed, how? There are few worms which can do this easily, I mean: Blue-Pill and SubVirt. However, these worms were created for x86 architecture and they work in x86 system environment. SubVirt can't be implemented without reboot of vm, blue-pill awakes inside the Matrix controlled by the ultra thin Blue-Pill hypervisor. Please note that there is prototype version of Blue-Pill works on x64 architecture.
About viruses for BIOS, on the last (2009) conference CanSecWest was presentation of this type of virus. (materials form this presentation)
It works on computers with Windows and OpenBSD operating system and also on VM, this virus putting his code into special BIOS fragment in space reserved for decompression rest of BIOS code. BIOS virus has an access to disk, memory and others devices installed on your computer.
How you can be infected by this type of BIOS virus? First of all, you have to run 'infected' BIOS update/upgrade. The user can do this from Windows level or directly during boot after POST screen.
Only then BIOS 'allows to write' cycles. This new form of attacks take into consideration the shifting new BIOS on the flashrom (write/read/edit cycles) - during these operations are changes which aim is to adapt all control sums - only then hacked BIOS can pass auth verification and will be successful flashed.
Computer security is a term which is changing very quickly, the best what you can do is be up-to-date with it.
Last edited by Creer; 16 Nov 2009 at 16:47. Reason: typos
Hi all
There are two easy ways to find out whether you are running in a virtual machine or not
1) Bios call -
2) inspect the hardware list - the hardware is usually a clue as to whether you are running in a virtual environment.
Both very easy to do.
Harder -- but the IDT (Interrupt descriptor table) will be different on Windows real and virtual machines.
cheers
jimbo.
You could also test Norton Internet Security 2010
It's very good at removing viruses and malware
Download Norton Internet Security 2010 17.0.0.136 - The fastest and lightest comprehensive online threat protection available - Softpedia