vmware fusion - don't open .com extension

Discussion in 'macOS' started by wesleyh, Jun 24, 2011.

  1. wesleyh macrumors 6502

    Joined:
    Mar 23, 2007
    #1
    Hello,

    I got a .com virus in my mac mail, and just to test if vmware would be run on doubleclick, I tried this. And yes, it did start vmware and tried to unsuspend windows. Obviously I cancelled at that moment.

    However, my question is, how do I remove the default opening software for this .com? I don't want vmware opening any file from my mac at all. I would like to have a dialog box appear like "we don't know what to open this with, please select program" or simply "this file can't run on your mac."

    What other extensions does vmware have configured to open windows?
     
  2. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #2
    So you purposely double clicked on a virus :confused:

    The easiest way to stop vmware from not running .com programs that you receive is not to double click them, or am I misunderstanding your post.
     
  3. wesleyh thread starter macrumors 6502

    Joined:
    Mar 23, 2007
    #3
    Yes I purposefully clicked it just to see what would happen if someone who doesn't know they're not supposed to click on it would happen. And it will simply infect windows right there. NOT GOOD. I mean, mac mail doesn't even show the extension.

    Obviously I stopped vmware before this virus could be launched.

    Need a solution for this, not some stupid "don't click it" baloney.
     
  4. tersono macrumors 68000

    tersono

    Joined:
    Jan 18, 2005
    Location:
    UK
    #4
    If your VMWare windows installation is protected by a decent AV, it'll be caught as Windows boots up, so no worries there. If it isn't, then do so at once.

    Alternatively, install AV within OS X (there's a free version of Sophos that works well) and use that to scan incoming email.

    For what its worth - any mixed Mac / Windows corporate network will have antivirus installed on the Macs to prevent the spreading of Windows malware - the Mac may not be susceptible, but it's still worth preventing further transmission. At home, if you're running Windows in VMWare or on separate machines, the same policy is appropriate.
     
  5. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #5
    No offense but not clicking on known virsus is sound advise.

    I mean its not baloney when we're advising people not to install the mac defender malware why is it baloney when we're talking about double clicking .com that could or is a virus

    The first line of defense in avoiding malware is know what you're double clicking. I get an email at work or on my pc at home and I see an attachment that I don't recognize or recognize the sender I don't open it. Simple. Why is that baloney. :confused:
     
  6. Bear macrumors G3

    Joined:
    Jul 23, 2002
    Location:
    Sol III - Terra
    #6
    Probably several. There should be an option somewhere to disable this. For Parallels, it's part of the "Shared Applications" options.
     
  7. wesleyh thread starter macrumors 6502

    Joined:
    Mar 23, 2007
    #7
    Macs don't have viruses, ads tout this as a feature that sets it apart from windows.

    So, an unknowing user will double click a file from mail. Apple current malware still require user interaction. A .com that starts windows does not.

    That really should be a setting somewhere in vmware, but I can't find it.

    I won't install a virus scanner in windows, in fact, I took internet connection away from windows since it's not needed anyway and to protect from viruses.

    Obviously, if .com files open in wvmware that doesn't help one bit.
     
  8. MisterMe macrumors G4

    MisterMe

    Joined:
    Jul 17, 2002
    Location:
    USA
    #8
    That's just plain dumb.
     
  9. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #9
    Most people install virus software on windows regardless if its running in vmware or not. There are many ways to get malware, not just over the wire.

    As you yourself seen, you can double click an executable that came through mail.app. There's also the chance of getting it from usb thumb drives, CDs and what not. Given that we're talking about windows, the prudent action is to install anti-virus software.

    There's plenty of very good free ones, like AVG or even Microsoft. The other line of defense is with you the user as I stated. Be very careful of what you double click.
     
  10. wesleyh thread starter macrumors 6502

    Joined:
    Mar 23, 2007
    #10
    No no no, the only software that is installed is what I have already installed. Nothing else will be added. I do not want to slow down a virtual machine.

    All I want is a setting to block all .com, .bat, .exe that are not from within the windows VM. Surely that is not too much to ask..
     
  11. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #11
    There's no way for the Windows VM to distinguish between a .com, .bat or .exe that you launched from within the VM, or if you double-clicked outside to launch the VM. You take a risk running Windows, even in a VM, without antivirus running. There are many good free AV apps for Windows that won't drain significant system resources. Of course, you can do what you want, but the most prudent course of action has already been recommended to you. It's up to you to decide if you'll take it.
     
  12. wesleyh thread starter macrumors 6502

    Joined:
    Mar 23, 2007
    #12
    It should be quite simple for vmware to know the distinction between a file in or out of the VM...
     
  13. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #13
    How?
     
  14. wesleyh thread starter macrumors 6502

    Joined:
    Mar 23, 2007
    #14
    I said, "it should be". From a programming perspective... Vmware is launched when the .com is clicked, not windows. (Windows is launched by vmware, not by the .com)

    Vmware could easily detect this and have some sort of blacklist extensions, but this doesn't appear to be available at the moment unless someone call tell me where to find this.
     
  15. maflynn Moderator

    maflynn

    Staff Member

    Joined:
    May 3, 2009
    Location:
    Boston
    #15
    My suggestion then, is to contact vmware and provide that as a recommendation. As it stands that type of functionality does not exist. Its up to you now what you want to do. Try to manage not running .com programs that come through your email, load an anti-virus application or live with the risks.
     
  16. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #16
    Neither Windows nor VMware has any way of knowing how it was launched; only that it was. The file is just a file. It makes no difference to Windows where the file resides, whether on a local or network drive, in a folder or attached to an email. There's simply no way to do what you're trying to do, from a programming perspective. Just install a good antivirus and you won't have to worry about it.
     
  17. wesleyh, Jun 24, 2011
    Last edited by a moderator: Jun 24, 2011

    wesleyh thread starter macrumors 6502

    Joined:
    Mar 23, 2007
    #17
    Err, vmware has to launch windows, and it has to tell it to execute the file the user just double clicked. Vmware knows all too well where that file is, what extension it is, and that it was launched because of that file.

    Yeah, I tried posting on their forum. What a usability nightmare.

    It just doesn't work when I click "add new post", it simply reloads the same page (and yes, I'm logged in).
     
  18. hans1972 macrumors regular

    Joined:
    Apr 5, 2010
    #18
    How about looking at this:

    1. Select Virtual Machine > Settings.
    2. In the Settings window, in the System Settings section, select Applications.
    3. Click Default Applications.
    4. Select the level of application sharing.
    5. Make sure that "Open your Mac files and web links using Windows applications" is not selected.


    It is the only thing I found that _might_ solve your problem.

    I also agree with you that it is completely stupid for VMware to register .exe and .com handling in OS X.
     
  19. wesleyh thread starter macrumors 6502

    Joined:
    Mar 23, 2007
    #19
    Thank you, this works! (Also, not sharing the entire home folder but then the user still has the option to click allow)

    I think I tried this before, but the problem is I hadn't configured this on the second virtual machine.. So it was the second one that opened up.

    Thanks so much, finally this issue is resolved!
     

Share This Page