Hi,

i would like to ask for your position. Is MS Virtual PC 2007 a suitable environment to test serval Viruses / Software / Cleaner?
I´d like to test such things, but i hesitate due to infektion risk to the hostsystem? Are there any exlpoids known to use this way of infektion?

Thanks for your concern.

Bata

I use virtual pc a lot, i haven't found or heard about any exploits for it yet.

Its excellent for testing out software, you can do whatever you like inside the virtual machine even multiple reboots and at the end if you don't like it you simply shut it down deleting all changes and you have your original setup back.

I've also done a bit of malware testing inside virtual machines and haven't had any problems. I've infected the virtualised OS with multiple baddies then reverted all changes and my squeeky clean OS is back.

Just remember that no piece of software is perfect so it pays to have a back up of your system before doing anthing like this, just to be on the safe side.

Well thanx for your reply. That´s what i like to read. :)
I Know that every software has it´s weak points, but as you mentioned, a fresh backup is always welcome. ;)

Have a nice weekend.

Bata

-{ Quote: "I use virtual pc a lot, i haven't found or heard about any exploits for it yet.

Its excellent for testing out software, you can do whatever you like inside the virtual machine even multiple reboots and at the end if you don't like it you simply shut it down deleting all changes and you have your original setup back.

I've also done a bit of malware testing inside virtual machines and haven't had any problems. I've infected the virtualised OS with multiple baddies then reverted all changes and my squeeky clean OS is back.

Just remember that no piece of software is perfect so it pays to have a back up of your system before doing anthing like this, just to be on the safe side." }-
If I understood correctly when I read the article, the blue pill will probably change this. I've done pretty much everything I can image to the VM and it has always been able to recover. I've been trying FD_ISR which allows you to undo things with snapshots,and that's nice...but VM snapshot recovery is instantanious.

-{ Quote: "I use virtual pc a lot, i haven't found or heard about any exploits for it yet.

Its excellent for testing out software, you can do whatever you like inside the virtual machine even multiple reboots and at the end if you don't like it you simply shut it down deleting all changes and you have your original setup back.

I've also done a bit of malware testing inside virtual machines and haven't had any problems. I've infected the virtualised OS with multiple baddies then reverted all changes and my squeeky clean OS is back.

Just remember that no piece of software is perfect so it pays to have a back up of your system before doing anthing like this, just to be on the safe side." }-

Does running a virtual machine require the use of an admin account?
I want to use it under a LUA. I've read through alot of the help file, but I am still not sure if the VM is working when I start the VM and open my web browser from the host OS desktop to access the internet. The connection succeeds, but am I actually surfing inside the VM at this point?

I've used MS Virtual PC a few times and finally settled on VirtualBox. Virtual PC just won't run certain flavors of Linux, which is just about all I use the machines for. I haven't found anything that VirtualBox won't run, and although I'd like to try VMware, I just can't seem to consistently get the ISO thing figured out. My brain just short circuits on it with VMware.

Virtual machines are good for testing software. But if you want to go "underground" and test malware pay attention to not run the host system as an administrator but only as a restricted account. It is the only way to be sure that something bad does not pass on your real machine.;)

-{ Quote: "Virtual machines are good for testing software. But if you want to go "underground" and test malware pay attention to not run the host system as a restricted account. It is the only way to be sure that something bad does not pass on your real machine.;)" }-

Amen. When I play with malware, I always image the host first, then put the host into Shadow Mode with Shadow Defender, then fire up the VM machine, and run that in Shadow Mode. Have to be real careful.

Thanks for your responses. I thought LUA was safer. I guess not. Now for the question of whether or not starting the browser from the host PCs start menu is actually running in the VM when the VM software is started, and shared NAT is on.

-{ Quote: "Thanks for your responses. I thought LUA was safer. I guess not. Now for the question of whether or not starting the browser from the host PCs start menu is actually running in the VM when the VM software is started, and shared NAT is on." }-
Excuse me for the confusion I created. I mistyped :'( .
Yes you should run it only as a restricted account and not as admin.

I do not think that is unsafe opening the browser on the host machine while on NAT. But if you know that your are running a malware on your virtual then is a thing to avoid.

-{ Quote: "Excuse me for the confusion I created. I mistyped :'( .
Yes you should run it only as a restricted account and not as admin.

I do not think that is unsafe opening the browser on the host machine while on NAT. But if you know that your are running a malware on your virtual then is a thing to avoid." }-


So the correct way of running software inside of the VM is to open the software from within the VM (black window)?
If this is the case, will the VM save only what has been started from within the VM?

-{ Quote: "So the correct way of running software inside of the VM is to open the software from within the VM (black window)?
If this is the case, will the VM save only what has been started from within the VM?" }-
Whatever you do inside the VM will stay inside the VM unless you choose to move it out. There is an option to share a folder between the host system and VM.

-{ Quote: "Thanks for your responses. I thought LUA was safer. I guess not. Now for the question of whether or not starting the browser from the host PCs start menu is actually running in the VM when the VM software is started, and shared NAT is on." }-


Anything you start from the host is running on the host. To run anything from the VM you have to start it on the VM.

Pete

Coupla things with Virtual PC 2007 which is what I use.

If you bring up taskmanager within the VM it runs on a single cpu core so it doesn't emulate your real system if duo core.Not a prob though.

You can do an install of a system then copy and paste the VHD to another folder and then assign a new VM to it.

I have a base install of XP and Vista VHDs which are copied to another folder if and when I need another vm for saved testings.

-{ Quote: "Coupla things with Virtual PC 2007 which is what I use.

If you bring up taskmanager within the VM it runs on a single cpu core so it doesn't emulate your real system if duo core.Not a prob though." }-

Every Virtual machine runs under a single process, so if you have 2 VM running they share the same process and CPU on the host machine, this is good for keeping host machine from bogging down, but bad for the virtual boxes, so good advice is to never run more than 1 VM at a time if you can help it.

I use Virtual PC for testing websites and .net apps that we [the team] write. We have some virtualised servers, including a subversion linux box running on virtual server, which is used for all our projects (about 10 developers). Virtual Server creates seperate processes for each virtual machine.

-{ Quote: "Coupla things with Virtual PC 2007 which is what I use.

If you bring up taskmanager within the VM it runs on a single cpu core so it doesn't emulate your real system if duo core.Not a prob though.

You can do an install of a system then copy and paste the VHD to another folder and then assign a new VM to it.

I have a base install of XP and Vista VHDs which are copied to another folder if and when I need another vm for saved testings." }-


I use XP and I finally find that I will need to insert a CD before the VM boots so that it will make XP as the OS. I don't have a boot CD. What should I do to use the VM properly?

Hello,
If you wish to test malware, have your host running Linux...
Mrk

-{ Quote: "I use XP and I finally find that I will need to insert a CD before the VM boots so that it will make XP as the OS. I don't have a boot CD. What should I do to use the VM properly?" }-
Untyil you come across an XP install disk you could try Damn Small Linux to get a bit of practice in.

Download the iso and then capture the iso with the vm for installation.
http://www.damnsmalllinux.org/download.html