Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

wesleyh

macrumors 6502
Original poster
Hello,

I got a .com virus in my mac mail, and just to test if vmware would be run on doubleclick, I tried this. And yes, it did start vmware and tried to unsuspend windows. Obviously I cancelled at that moment.

However, my question is, how do I remove the default opening software for this .com? I don't want vmware opening any file from my mac at all. I would like to have a dialog box appear like "we don't know what to open this with, please select program" or simply "this file can't run on your mac."

What other extensions does vmware have configured to open windows?
 
So you purposely double clicked on a virus 😕

The easiest way to stop vmware from not running .com programs that you receive is not to double click them, or am I misunderstanding your post.
 
Yes I purposefully clicked it just to see what would happen if someone who doesn't know they're not supposed to click on it would happen. And it will simply infect windows right there. NOT GOOD. I mean, mac mail doesn't even show the extension.

Obviously I stopped vmware before this virus could be launched.

Need a solution for this, not some stupid "don't click it" baloney.
 
If your VMWare windows installation is protected by a decent AV, it'll be caught as Windows boots up, so no worries there. If it isn't, then do so at once.

Alternatively, install AV within OS X (there's a free version of Sophos that works well) and use that to scan incoming email.

For what its worth - any mixed Mac / Windows corporate network will have antivirus installed on the Macs to prevent the spreading of Windows malware - the Mac may not be susceptible, but it's still worth preventing further transmission. At home, if you're running Windows in VMWare or on separate machines, the same policy is appropriate.
 
Need a solution for this, not some stupid "don't click it" baloney.
No offense but not clicking on known virsus is sound advise.

I mean its not baloney when we're advising people not to install the mac defender malware why is it baloney when we're talking about double clicking .com that could or is a virus

The first line of defense in avoiding malware is know what you're double clicking. I get an email at work or on my pc at home and I see an attachment that I don't recognize or recognize the sender I don't open it. Simple. Why is that baloney. 😕
 
Macs don't have viruses, ads tout this as a feature that sets it apart from windows.

So, an unknowing user will double click a file from mail. Apple current malware still require user interaction. A .com that starts windows does not.

That really should be a setting somewhere in vmware, but I can't find it.

I won't install a virus scanner in windows, in fact, I took internet connection away from windows since it's not needed anyway and to protect from viruses.

Obviously, if .com files open in wvmware that doesn't help one bit.
 
I won't install a virus scanner in windows, in fact, I took internet connection away from windows since it's not needed anyway and to protect from viruses.
Most people install virus software on windows regardless if its running in vmware or not. There are many ways to get malware, not just over the wire.

As you yourself seen, you can double click an executable that came through mail.app. There's also the chance of getting it from usb thumb drives, CDs and what not. Given that we're talking about windows, the prudent action is to install anti-virus software.

There's plenty of very good free ones, like AVG or even Microsoft. The other line of defense is with you the user as I stated. Be very careful of what you double click.
 
No no no, the only software that is installed is what I have already installed. Nothing else will be added. I do not want to slow down a virtual machine.

All I want is a setting to block all .com, .bat, .exe that are not from within the windows VM. Surely that is not too much to ask..
 
No no no, the only software that is installed is what I have already installed. Nothing else will be added. I do not want to slow down a virtual machine.

All I want is a setting to block all .com, .bat, .exe that are not from within the windows VM. Surely that is not too much to ask..
There's no way for the Windows VM to distinguish between a .com, .bat or .exe that you launched from within the VM, or if you double-clicked outside to launch the VM. You take a risk running Windows, even in a VM, without antivirus running. There are many good free AV apps for Windows that won't drain significant system resources. Of course, you can do what you want, but the most prudent course of action has already been recommended to you. It's up to you to decide if you'll take it.
 
It should be quite simple for vmware to know the distinction between a file in or out of the VM...
 
I said, "it should be". From a programming perspective... Vmware is launched when the .com is clicked, not windows. (Windows is launched by vmware, not by the .com)

Vmware could easily detect this and have some sort of blacklist extensions, but this doesn't appear to be available at the moment unless someone call tell me where to find this.
 
My suggestion then, is to contact vmware and provide that as a recommendation. As it stands that type of functionality does not exist. Its up to you now what you want to do. Try to manage not running .com programs that come through your email, load an anti-virus application or live with the risks.
 
I said, "it should be". From a programming perspective... Vmware is launched when the .com is clicked, not windows. (Windows is launched by vmware, not by the .com)

Vmware could easily detect this and have some sort of blacklist extensions, but this doesn't appear to be available at the moment unless someone call tell me where to find this.
Neither Windows nor VMware has any way of knowing how it was launched; only that it was. The file is just a file. It makes no difference to Windows where the file resides, whether on a local or network drive, in a folder or attached to an email. There's simply no way to do what you're trying to do, from a programming perspective. Just install a good antivirus and you won't have to worry about it.
 
Neither Windows nor VMware has any way of knowing how it was launched; only that it was. The file is just a file. It makes no difference to Windows where the file resides, whether on a local or network drive, in a folder or attached to an email. There's simply no way to do what you're trying to do, from a programming perspective. Just install a good antivirus and you won't have to worry about it.

Err, vmware has to launch windows, and it has to tell it to execute the file the user just double clicked. Vmware knows all too well where that file is, what extension it is, and that it was launched because of that file.

My suggestion then, is to contact vmware and provide that as a recommendation. As it stands that type of functionality does not exist. Its up to you now what you want to do. Try to manage not running .com programs that come through your email, load an anti-virus application or live with the risks.

Yeah, I tried posting on their forum. What a usability nightmare.

It just doesn't work when I click "add new post", it simply reloads the same page (and yes, I'm logged in).
 
Last edited by a moderator:
How about looking at this:

1. Select Virtual Machine > Settings.
2. In the Settings window, in the System Settings section, select Applications.
3. Click Default Applications.
4. Select the level of application sharing.
5. Make sure that "Open your Mac files and web links using Windows applications" is not selected.


It is the only thing I found that _might_ solve your problem.

I also agree with you that it is completely stupid for VMware to register .exe and .com handling in OS X.
 
How about looking at this:

1. Select Virtual Machine > Settings.
2. In the Settings window, in the System Settings section, select Applications.
3. Click Default Applications.
4. Select the level of application sharing.
5. Make sure that "Open your Mac files and web links using Windows applications" is not selected.


It is the only thing I found that _might_ solve your problem.

I also agree with you that it is completely stupid for VMware to register .exe and .com handling in OS X.

Thank you, this works! (Also, not sharing the entire home folder but then the user still has the option to click allow)

I think I tried this before, but the problem is I hadn't configured this on the second virtual machine.. So it was the second one that opened up.

Thanks so much, finally this issue is resolved!
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.