1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Repository of viruses - for testing purposes?

Discussion in 'Spyware, Adware, Viruses and Malware Removal' started by bubitutor, Sep 6, 2004.

  1. bubitutor

    bubitutor Techie7 New Member

    Hello.

    Ok, hopefully I'm not breaking any rules here - but what I'm about to say sounds incredulously stupid.

    Here is my problem: I need test viruses, to put on my "secondary" computer, so that I can test removal procedures. Sounds like a simple request, no?

    But here is the real problem. I'm NOT very good at FINDING viruses - just good at REMOVING them (and maybe not all that good, thus I want to practice).

    Is there a web site - a repository if you will - of viruses? [ Purpose of list: To show that I am trying. The list is not meant to be all inclusive and may contain files listed as viruses in error ].... Things like may17_loader.exe, dhupdt.exe, msbb.exe, minigolf_affiliate.exe, wildapp.dll, scrambler.sys, wdmjfd.dll, wtools*.*, istbar*.*, incredifind.exe, whistlehelper.dll, sidesearch1311.dll, midaddle.*, OVERPRO323.exe, saveinst*.*, clrsch*.exe, systb.dll, nhlsrv.exe, rapapp.exe, ezsp_px.exe, gysxdqa.exe, twain_tech*.*, alchem.exe, sahagent.exe, belt.exe, msbe.dll, omniband.dll....

    These files can be found in: c:\ (root directory), c:\documents and settings\user\local settings\temp and temporary internet, c:\windows(\system32) (prefech, temp, downloaded program files), and even in c:\program files as well as blatant places like c:\program files\internet optimizer etc.
     
  2. owen

    owen D-A-L Team Member (UK)

    Sorry, I don't understand your request. You will not receive help here to infect your computer with viruses and the files you mentioned were related to spyware not viruses.
     
  3. bubitutor

    bubitutor Techie7 New Member

    Reverse logic is difficult to understand. And that's why the need to apologize BEFORE stating my "problem". Whether it be spyware, adware, viruses, trojans, blended threats - whatever you'd like to call them, the problem remains the same - and thus the misunderstanding that follows.

    Here is the exact problem of reverse logic: My clients will always say "How did I get this virus?" - Now, you and I know that getting a virus is easy if "the shields are down" - Shields being Anti-virus software, going to non-secure web sites, questionable web sites, heck, anything to do with porn or "shopping" web sites. Having a poor ISP - most seem to be able to block at least a good 10% of "bad emails" from even reaching you. And the obvious way to get a virus - using the preview panel - thus reading html - where emails are preloaded with viruses (etc!) and thus hit you before you even read the email!

    Ok, so thats the "incoming" scenario. But where is the "simulator" screnario? You've heard of "test runs" and "disaster planning" - true, you don't go around implanting dangerous viruses in human beings, but you can test, in laboratory conditions, on rats etc.

    Do you want to know the real reason most people can't understand a request for a virus repository? Try this analogy: To catch a shoplifter, the best person to understand the criminal mind WAS a shoplifter. So, when I've asked people "Do you know a web site or ftp site that has viruses for downloading and testing?" - the NORMAL response is "why the hell would you WANT a virus".... Anyhow, if you have been able to understand this twisted logic, and if you can think one over x - then if you can think "where would one LOOK for bad stuff on the net", please write.

    Thank you for your patience.
     
  4. owen

    owen D-A-L Team Member (UK)

    I can understand the logic behind that and it does seem like a good idea. Nobody would keep a repository of virus unless they owned their own server and kept it at their own house and kept it hidden, virus writers get arrested for writing them, so offering them for download is just as bad.

    What you are asking for is fair enough, but you will find that most people will refuse to give you information, I know very well myself, but I don't like telling people because:

    1. I don't know how qualified you are for this and whether you know the risk. If you are going to do this and find the info yourself, then you need to ensure your test machine is isolated (in other words not connected to the internet or a network)

    2. I don't know whether or not you are telling the truth and I don't know that you won't use these files for malicious reasons.

    I don't think you need a virus to test removal, you should just learn about viruses and you will pick up the idea without actually doing this.

    Perhaps you could simulate a virus on your system, I could aid you with this. The Eicar antivirus test file is a harmless file used to test antivirus programs and this could be used to simulate an infection.