What I have to know about malware before start testing security software?

[Deleted member 178]

yes, specially if you got infected

 

[WinAndLinuxTutorials]

I opened Malware Domain List to get some malware links, but I found many kinds of malware there, which one I have to select?

 

[illumination]

I opened Malware Domain List to get some malware links, but I found many kinds of malware there, which one I have to select?

I would like to recommend you reread Jacks first response in this thread, testing,even in a virtual environment can be dangerous. When I first started, I had two old Dell towers to test on, ones i did not care if anything happened too.. I also had my operating system and drivers on CD in case anything happened, i could always boot from the BIOS to force the CD to load first and wipe the drive and start over. There is more to this then just throwing malware at a product and seeing if it will remove it. Learning the different aspects of malware, what they do and how they effect the system is essential.. I would do a lot of research before even beginning to start. Learning to repair what the malware does to files upon removal is just as important as removing them, systems can become corrupted, ect..

 

[jamescv7]

Remember some links could be a nasty and make it infect in just a seconds. Especially like rootkits which they are really nasty and huge damage can do in a system.

 

[Deleted member 178]

i know how to do but i let others do, i sit and watch

 

[Hungry Man]

I suggest you keep something like Process Explorer open. Download the malware, run it, and see if a process is created.

Certain programs (like CIS) will allow processes to start but keep them sandboxed. Keep that in mind.

 

[WinAndLinuxTutorials]

Remember some links could be a nasty and make it infect in just a seconds. Especially like rootkits which they are really nasty and huge damage can do in a system.

Don't worry, I will be using Linux as a host OS and a Windows 7 VM to test.

 

[WinAndLinuxTutorials]

I suggest you keep something like Process Explorer open. Download the malware, run it, and see if a process is created.

Certain programs (like CIS) will allow processes to start but keep them sandboxed. Keep that in mind.

I have prepared all the programs required like Process Explorer as a process manager, and scanners like Malwarebytes, Hitman Pro, etc. to scan the VM after completing the test.

 

[jamescv7]

Well your all set with that case.

 

[Deleted member 178]

yes you can start your tests. btw if you can test Webroot SA beta...

 

[windowsdefender]

yes you can start your tests. btw if you can test Webroot SA beta...

When I get one done, I will post here :feedback:

 

[windowsdefender]

i know how to do but i let others do, i sit and watch

Ha ha

 

[WinAndLinuxTutorials]

i know how to do but i let others do, i sit and watch

 

[WinAndLinuxTutorials]

^^BTW, which OS I have to use in a VM for malware testing, Windows XP, Windows Vista or Windows 7?
Windows XP has the least security, Windows Vista has more security than XP, and Windows 7 has even more security than Vista. So I think using Windows Vista because it is a balance between the two, what do you think?

 

[Deleted member 178]

use the one u are using actually, so you will know your weaknesses.

 

[Hungry Man]

If you're testing malware I would suggest Windows XP 32bit since it has the least security and you get the "worst case scenario." While 7 users may be protected from some of your results it's best to see how all of the malware runs.

 

[Ink]

^^BTW, which OS I have to use in a VM for malware testing, Windows XP, Windows Vista or Windows 7?

Depends on what OS you are comfortable testing on and if your system can handle it. Chose between Windows XP SP3 or Windows 7 - both require less resources and run lighter (*more responsive, less sluggish performance) than Windows Vista.

Windows XP is a 10 year old OS (and imo isn't meant for 2011 usage)
Windows 7 is a 3 year old OS (and is similar to Windows Vista)

Take your pick, but I don't recommend installing Windows Vista on the VM.

 

[WinAndLinuxTutorials]

^^BTW, which OS I have to use in a VM for malware testing, Windows XP, Windows Vista or Windows 7?

Depends on what OS you are comfortable testing on and if your system can handle it. Chose between Windows XP SP3 or Windows 7 - both require less resources and run lighter (*more responsive, less sluggish performance) than Windows Vista.

Windows XP is a 10 year old OS (and imo isn't meant for 2011 usage)
Windows 7 is a 3 year old OS (and is similar to Windows Vista)

Take your pick, but I don't recommend installing Windows Vista on the VM.

Why it's not recommended to install Windows Vista on a VM?

 

[jamescv7]

^^BTW, which OS I have to use in a VM for malware testing, Windows XP, Windows Vista or Windows 7?
Windows XP has the least security, Windows Vista has more security than XP, and Windows 7 has even more security than Vista. So I think using Windows Vista because it is a balance between the two, what do you think?

For me if you have enough RAM then you can go Windows 7 for testing purpose.

 

[Deleted member 178]

Why it's not recommended to install Windows Vista on a VM?

because it is useless, if you have enough RAM, use windows 7, more users, better OS.