Want to delierately infect a virtual PC with real-world viruses

darael · 13 Nov 2011 at 00:54

I'm going to look at testing various malware and antivirus programs. Obviously to do this I need to install malware and virusses.

This will all be done on a virtual PC, so it won't be an actual computer. Therefore I can restore the image as needed.

Biohazard · 13 Nov 2011 at 02:41

maybe

s452 · 13 Nov 2011 at 02:54

i have never done anything like what you are about to do, but common sense will tell me to play it as safe as you can, i.e.
if you have a spare empty HDD, install an OS onto that and remove all your normal HDDs before proceeding

ensure any devices on your network (if you have one) can not be infected, I would be inclined to isolate the test pc.

Sin_Chase · 13 Nov 2011 at 04:01

Common sense sez - "It's already been done, by large independent professionals, on a variety of platforms with resources far greater than yours. Why do you want to do it?"

Otherwise take the obvious precautions. Copy the base infected guest operating system so that you can copy back after testing to ensure you test fairly between products.

Linkex · 13 Nov 2011 at 05:02

For extra safety, run the virtual machine on a Linux host

memyselfandi · 13 Nov 2011 at 08:53

Linkex said:
For extra safety, run the virtual machine on a Linux host

On a separate network to any other Windows systems which could possibly be infected over the network.

anything I don't mind · 13 Nov 2011 at 09:47

eicar have a test virus, i want to test my havp scanner so if anyone else has any better malware test sites please let me know.

http://www.eicar.org/85-0-Download.html

http://www.eicar.org/86-0-Intended-use.html

Destination · 13 Nov 2011 at 09:57

The OP is simply a statement isn't it?
Is there any component of query?

masterluke · 13 Nov 2011 at 10:18

Install a fresh copy of windows.
Disable updates
Download some cracks, torrents, etc. Doesnt have to be anything illegal.
Bingo!

+1 on running a virtualbox machine on a linux host.

SoundsGood · 13 Nov 2011 at 10:23

Install some old versions of server software (IIS, ftp etc), put it on your DMZ and post your IP

theheyes · 13 Nov 2011 at 10:38

It's the network connections you want to watch. The host os will otherwise be fine as you will be extremely, extremely unlikely to find any malware that can escape a virtual machine. Note however that some of the more sophisticated malware can detect whether it is running on a VM and disable itself.

darael · 13 Nov 2011 at 17:13

Well if I could bothered, I could install an old harddrive in my netbook - but I can't, so I'm happy enough dicing with death on a Virtual PC.

The host has ESET Smart Security v5 installed, so I'd like to think that this will safeguard against any nasties.

Hagar · 14 Nov 2011 at 14:49

I think you need a virtual network, there was an article in PC Pro mag recently I think on how to set up a network of virtual machines to do things like this. You can then test several different setups simultaneously.

andy.