Precautions
When choosing a computer to use for these tests, we recommend opting for an old computer that you don’t care about much or a cheap, new computer that does not have any of your personal files on it yet. Warning: this guide involves downloading real malware – programs that are designed to cause real damage to your computer and data. If you take enough precautions, you should be safe. But be prepared for anything.
Install a Windows Virtual Machine
Since we are running a Windows virtual machine (VM), try to start with a computer that uses something other than the Windows operating system, such as macOS or Linux. By having the host run a different operating system than the VM, there is less chance that a virus infecting your VM can break through to infect your actual host system. We are using Parallels Desktop for Mac on macOS to run a Windows VM in this guide. Install Parallels with Windows 11; it’s very easy and takes just a few clicks to get set up.
Other Virtualization Options
If you have a different host OS or prefer to use another provider, you can choose another virtualization software instead of Parallels. There are many options, depending on your host operating system. A few good options follow:
Installing a legal Windows VM Installing a Windows VM on macOS with VMware Fusion Installing Windows with VirtualBox on Linux
Protect and Harden Windows
You can limit the possibility that malware will spread by preparing various programs and settings before downloading and testing the malware.
Install, Update, and Configure an Antivirus
At this point, you want to install the antivirus program of your choice on your VM. In this guide, we are using the default Windows Defender. Tip: Did you know that you can switch between Windows 10 and Windows 11 using a virtual machine?
Create a Non-Administrator User Account
The default account on a Windows VM is usually an administrator account. It is riskier to run malware with an admin account, as it can make changes to the operating system without requiring a password.
Prepare to Run the Malware
To prepare your VM to run the malware and test it, you’ll need the follow few items:
Install Python
You’ll have to install Python 2.7, a safe program, to run the malware repository that will be downloaded later.
Download and Install theZoo
Configure Parallels Settings for Maximum Security
Even if you aren’t using Parallels, you can apply similar settings to most other virtualization software. Tip: did you know that you can remove a virus from your PC without an antivirus? Learn how by following our guide.
Run the Malware
Success! This means you have good protection. While most good antivirus programs will just silently block any malware from being downloaded, you’ve verified it! During our testing, we sometimes found the antivirus to be a bit too strong. After running the get command, we occasionally received the below error message. We didn’t know what the problem was at first but soon realized that our antivirus had preemptively removed the zipped-up malware before we could run any commands. If you see this error message, consider giving your antivirus a passing grade. If you’re interested in protecting your Windows PC, check out this guide on identifying legitimate Windows processes. Image credit: Pexels. All screenshots by Brandon Li While using the EICAR test file is a safe and easy way to test whether your antivirus works, this approach has a few flaws. For instance, computer security developers have to specifically add the EICAR test file definition into their programs to detect it. Thus, some legitimate antivirus programs don’t bother to block the EICAR test file, as it poses no real threat to users. It also means that a fake antivirus could block the EICAR file to “pass” the test while offering no protection to your computer at all! Secondly, the test file contains no real malicious code, so you won’t be testing the full capabilities of your antivirus, which usually involves terminating programs with suspicious behaviors or blocking ransomware code from executing. Additionally, because malware is designed to target and exploit only a specific operating system like Windows, it is more secure to use different operating systems for the host and guest system.
