Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: how to safely test malware?

16 Jun 2010   #1
AussieGuy92

 
 
how to safely test malware?

ok guys i know someone on this forum must test malware in a vitual machine or some other way i want to be able to test malware in a vitual machine with out it infecting my laptop, i am guessing i will have to use sandboxie but this is the confusing part how do i set it up to be able to play around with virus and antivirus/malware programs

input would be great!

-Andrew.


My System SpecsSystem Spec
.
16 Jun 2010   #2
WindowsStar

Windows 7 Enterprise (x64); Windows Server 2008 R2 (x64)
 
 

The best way is to have a test machine. Set it up the way you want it and then make an image of it (with the many many suggestions on how to image here at seven forums, you will have to decide what works best for you).

Then do your testing and when you are all done you just put the image back on the machine and you are right back to where you started with a clean machine. This is about the only way to make absolutely sure you don't have something leftover from some nasty malware.

VMs are getting to be a bit risky now-a-days. These malware programmers have now found ways to get from the VM to the host OS. Not good. Now your daily machine for school, work and play is infected. -WS
My System SpecsSystem Spec
16 Jun 2010   #3
Dinesh

Windows® 8 Pro (64-bit)
 
 

The best way to test malware on your main rig is Shadow Defender - the easiest PC/laptop security and privacy protection tool
put your machine in shadow mode and heavily infect your machine, run anti virus, do whatever you want.
Once you're done, simply restart your computer and you're back. As if nothing happened to your rig.
My System SpecsSystem Spec
.

16 Jun 2010   #4
WindowsStar

Windows 7 Enterprise (x64); Windows Server 2008 R2 (x64)
 
 

Quote   Quote: Originally Posted by Dinesh View Post
The best way to test malware on your main rig is Shadow Defender - the easiest PC/laptop security and privacy protection tool
put your machine in shadow mode and heavily infect your machine, run anti virus, do whatever you want.
Once you're done, simply restart your computer and you're back. As if nothing happened to your rig.
+1 This will work as well.
My System SpecsSystem Spec
16 Jun 2010   #5
AussieGuy92

 
 

Dinesh so that's how you do your testing?
My System SpecsSystem Spec
16 Jun 2010   #6
Dinesh

Windows® 8 Pro (64-bit)
 
 

Quote   Quote: Originally Posted by stillfreefilms View Post
Dinesh so that's how you do your testing?
Always.
My System SpecsSystem Spec
16 Jun 2010   #7
AussieGuy92

 
 

thanks for the suggesting i tried it installing ccleaner and then restarted all traces of install gone going to play around with some malware tomorrow.

+1 rep

-Andrew
My System SpecsSystem Spec
16 Jun 2010   #8
Dinesh

Windows® 8 Pro (64-bit)
 
 

Quote   Quote: Originally Posted by stillfreefilms View Post
thanks for the suggesting i tried it installing ccleaner and then restarted all traces of install gone going to play around with some malware tomorrow.

+1 rep

-Andrew
It is a good product indeed. But its only a trial for 30 days. But the best part is that its fully functional even in trial version.
My System SpecsSystem Spec
17 Jun 2010   #9
Jaxryley

 
 

Sandboxie, Returnil and VM's are used here.

The main machine is always virtualised with Returnil and malware testings carried out in a sandbox or a VM.

Buster Sandbox Analyser is used to monitor what the sample gets up to in the sandbox.

And sometimes I run malware through Sandboxie in a VM which is virtualised by Returnil. LOL.

Some malware can send out a call to reboot or shutdown the system. Returnil nor Shadow defender can't stop the call but Sandboxie contains the system call to reboot/shutdown.

We all have our ways to do things and whatever suits you and you're comfortable with then use it.
My System SpecsSystem Spec
17 Jun 2010   #10
malexous

Arch Linux 64-bit
 
 

Some malware will detect that they are running in a sandbox or virtual machine and change their behaviour, therefore, best to test in a real environment.

Most won't have a machine specifically for testing. As has been suggested, Shadow Defender or creating an image and reverting back to it after the testing is good.

It's probably not a good idea to test on a machine that has sensitive data. Some malware will want to steal it and call home.
My System SpecsSystem Spec
Reply

 how to safely test malware?




Thread Tools




Similar help and support threads
Thread Forum
Malwarebytes Anti-Malware 2.0.3 Beta Test
Malwarebytes Anti-Malware 2.0.3 Beta Test For those interested we have released the next public beta of our software. We would like to request that users test the new beta and post your feedback so that we can continue to improve the product. ...
System Security
EmsisoftAntiMalware the ONLY program to detect ALL Malware in a test !
hi ! i found this on TWC-forum: "The independent Malware Research Group started an interesting series of tests on September 1. 19 well-known security programs were challenged to a "duel" with ten of the most dangerous and widely spread Malware pests. At the start of September 2010 the...
System Security
Browser Security / Financial Malware test
MRG Tests Malware Research Group
System Security
MRG's latest malware test
No particular surprises for me: MRG Tests Malware Research Group
System Security
Site designed to test your malware protection
I did not see this posted anywhere so I thought I would share it with you guys. I have only tested this site running in a virtual environment but it seems to work really well. I scanned my system throughly after testing and found no traces of spyware. I thought some of you might be interested in...
System Security
The newest test: 0-Day Malware - 11/2009
Results: http://www.anti-malware.ru/files/dynamic_test_results_2.gif Read more...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 14:57.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App