Reverse logic - a repository of viruses?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

bubiTutor

Thread Starter
Joined
May 16, 2004
Messages
17
Hello.

Ok, hopefully I'm not breaking any rules here - but what I'm about to say sounds incredulously stupid.

Here is my problem: I need test viruses, to put on my "secondary" computer, so that I can test removal procedures. Sounds like a simple request, no?

But here is the real problem. I'm not very good at FINDING viruses - just good at REMOVING them (and maybe not all that good, thus I want to practice).

Is there a web site - a repository if you will - of viruses? [ Purpose of list: To show that I am trying. The list is not meant to be all inclusive and may contain files listed as viruses in error ].... Things like may17_loader.exe, dhupdt.exe, msbb.exe, minigolf_affiliate.exe, wildapp.dll, scrambler.sys, wdmjfd.dll, wtools*.*, istbar*.*, incredifind.exe, whistlehelper.dll, sidesearch1311.dll, midaddle.*, OVERPRO323.exe, saveinst*.*, clrsch*.exe, systb.dll, nhlsrv.exe, rapapp.exe, ezsp_px.exe, gysxdqa.exe, twain_tech*.*, alchem.exe, sahagent.exe, belt.exe, msbe.dll, omniband.dll....

These files can be found in: c:\ (root directory), c:\documents and settings\user\local settings\temp and temporary internet, c:\windows(\system32) (prefech, temp, downloaded program files), and even in c:\program files as well as blatant places like c:\program files\internet optimizer etc.
 
Joined
Feb 23, 2003
Messages
16,274
Good luck but they are available. Most people refuse to pass them along cause you never know who is on the recieving end and no telling what they can/will do with em..I did manage to get some on google so try that.
 
Joined
Feb 23, 2003
Messages
16,274
Really, thanks for the info. I ll check it out on a spare system..
 
Joined
Feb 23, 2003
Messages
16,274
There are deffinitly things lurking there like websearch, gain and clock sync all popping up in under one minute. I didnt get hijacked however on 98 without any security software running.
 
Joined
Feb 15, 2004
Messages
826
Yeah. Google has a lot. If u get a clean XP box, wipe all the security updates, and start looking for porn or game hacks, VOILA. Just so you know, you dont need the actual file to remove it. Most of what you listed isn't a virus - its spy/malware. You need generic removal instructions.

For example, you could make a program that would automate the removal of something, but it would read all the info from a .def[inition] file. So just think of what you might need in that file. Some ideas:
If you have the file:
-Checksums
-Identifying strings
-File info
If you dont have the file [generic]
-File location
-file name
-registry info
-process info
-etc

It's very easy, yet very hard :). Then once you make your .def file, remember to encrypt it with something hard so jackasses don't steal your hard work :).

PS: If you did get a real virus - sasser for ex - it wouldn't really do you much good to have the actual file unless you could manage to disassemble it and understand what it was doing. And even then it'd be only good if you were making a "norton antivirus" type of program.

*Forgive any typos I have above*
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top