Roman Yudichev2011-09-20 08:30:42
Roman Yudichev, 2011-09-20 08:30:42

Antivirus control "virtualok"?

Given: the virtual machine is infected with a virus.

Will the host antivirus detect the infection by scanning the virtual machine's disk (or RAM) image file?
Does anyone have real experience?

UPD: The question is related to obtaining an image of a virtual machine from a third-party source. For example, from trackers.

As option number 1 of the check, you can take a snapshot, put the antivirus inside, check everything, and then roll back.
As option #2 (from temaHT ) VMWare, for example, makes it possible to mount a virtual disk image to the host system. Next, scan in the usual way.

But does anyone have experience in the initial formulation of the question?

Answer the question

In order to leave comments, you need to log in

4 answer(s)
temaHT, 2011-09-20

I think that the following option is possible: mount the disk of the guest machine in read-only mode. And set the antivirus on the mounted disk. If he finds something, then he will have to think further how to cure the “infection”.

Sergey, 2011-09-20

McAfee has a function in the antivirus such that he can mount the disks of turned off virtual machines in ESX, check the contents for viruses and update the signature databases of his antivirus if it was installed inside the virtual machine.
Trendmicro generally has an antivirus for the hypervisor, it works through VMSafe.

Duron700, 2011-09-20

I put the antivirus on the virtual machine... Stay away from sin... because the host machine is under Linux, in the virtual machine there is a 2003 server.
Although in my particular case it was easier to remove the virus by hand than to wait for the antivirus to get up, update and scan everything.

Maxim, 2011-09-20

An attempt to check virtual machines from under the main system, in my opinion, is not very good, because the virtual machine accesses its hard disk as a block device, in 90% of cases for the system that is the main one it is not at all known what lies there.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question