Processes-virtualization-detection
Jump to navigation
Jump to search
VMware processes
Malware can list running processes to determine if it is run inside VMware:
C:\>net start | findstr VMw VMware Snapshot Provider VMware Tools
To overcome this detection technique, you can stop the process:
C:\>net stop "VMware Tools"