How to put new viruses that avast can`t detected into the avast?

Yesterday I download a virus ,but the avast didnt detected it ,and aonther protection (Cyberhawk)didnt work either… :cry:
So I want to updata this virus that avast can`t detected ,what should I do?
Could you please tell a easy way to me ,Thank you! :smiley:
And this is the first time I post,I hope you can post some picture for solving the problem :slight_smile:
(the virus link is here http://www.cpcfan.com/bbs/attachment.php?aid=11206)

well
u can add files to the chest and mail them to avast from there…
first go to avast virus chest and click on “user files option” and add it… once it is in the chest u can mail it to the awil team by right clicking on the file and selecting the option" mail to avast"

other wise zip it using winrar/7zip[freeware]
with the password as “virus” and send it to virus@avast.com
this is done to prevent mail routers from blocking the mail if other anti virus software detects it

and yes please live remove the link the last thing we need a antivirus forum were we can get infected with viruses so break the link
ie: www.google.com as www[dot]google[dot]com so no one cicks it even by mistake

and u can scan if any other anti virus detects the threat
go to www.virustotal.com and upload the file and check if any anti-vir detects it so that u can pinpoint the malware…ur file is scaned with almost all antivirus softs like norton,avg,f-secure
in case u need a zipping software use 7zip its free
http://www.7-zip.org/

Thank you my friend :),
and Can I just use ***@gmail.com to send it to virus@avast.com?
I think that “Email” can only sent “files.txt” before…

Hi xiaochugang,

The downloaded file is password protected. Have you got the password? I will then send it to VirusTotal for analysis.

Thanks.

OK The password is 123

Thanks.

Sent for analysis.

Results soon.

Hi friend
Could you please tell me the way that you send this samples to avast,OK?
Is it “with the password as “virus” and send it to virus@avast.com
Thank you! :slight_smile:

The RAR archive is already password protected, so you just need to tell them that the password is 123.

Complete scanning result of “SERVER.exe”, received in VirusTotal at 06.08.2007, 13:33:14 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.5.31.2 06.08.2007 no virus found
AntiVir 7.4.0.32 06.08.2007 BDS/Hupigon.Gen
Authentium 4.93.8 05.23.2007 no virus found
Avast 4.7.997.0 06.07.2007 no virus found
AVG 7.5.0.467 06.07.2007 BackDoor.Generic7.DTF
BitDefender 7.2 06.08.2007 DeepScan:Generic.Graybird.B2AC9FB3
CAT-QuickHeal 9.00 06.07.2007 no virus found
ClamAV devel-20070416 06.08.2007 Trojan.Delf-913
DrWeb 4.33 06.08.2007 DLOADER.Trojan
eSafe 7.0.15.0 06.06.2007 no virus found
eTrust-Vet 30.7.3703 06.08.2007 no virus found
Ewido 4.0 06.08.2007 Backdoor.Bifrose.kt
FileAdvisor 1 06.08.2007 no virus found
Fortinet 2.85.0.0 06.08.2007 W32/Hupigon.ENE!tr.bdr
F-Prot 4.3.2.48 06.07.2007 no virus found
F-Secure 6.70.13030.0 06.08.2007 Backdoor.Win32.Hupigon.ene
Ikarus T3.1.1.8 06.08.2007 no virus found
Kaspersky 4.0.2.24 06.08.2007 Backdoor.Win32.Hupigon.ene
McAfee 5048 06.07.2007 no virus found
Microsoft 1.2503 06.08.2007 no virus found
NOD32v2 2318 06.08.2007 no virus found
Norman 5.80.02 06.07.2007 W32/Malware.VZJ
Panda 9.0.0.4 06.08.2007 Bck/Hupigon.KIB
Prevx1 V2 06.08.2007 no virus found
Sophos 4.18.0 06.01.2007 Mal/Behav-001
Sunbelt 2.2.907.0 06.07.2007 no virus found
Symantec 10 06.08.2007 no virus found
TheHacker 6.1.6.130 06.06.2007 no virus found
VBA32 3.12.0 06.07.2007 Backdoor.Win32.Hupigon.ene
VirusBuster 4.3.23:9 06.07.2007 no virus found
Webwasher-Gateway 6.0.1 06.08.2007 Trojan.Hupigon.Gen

I have visit www.virustotal.com
And it said:
“AhnLab-V3 2007.5.31.2 06.08.2007 no virus found
AntiVir 7.4.0.32 06.08.2007 no virus found
Authentium 4.93.8 05.23.2007 Not scanned (encrypted)
Avast 4.7.997.0 06.07.2007 no virus found
AVG 7.5.0.467 06.07.2007 no virus found
BitDefender 7.2 06.08.2007 no virus found
CAT-QuickHeal 9.00 06.07.2007 no virus found
ClamAV devel-20070416 06.08.2007 no virus found
DrWeb 4.33 06.08.2007 no virus found
eSafe 7.0.15.0 06.06.2007 no virus found
eTrust-Vet 30.7.3703 06.08.2007 no virus found
Ewido 4.0 06.08.2007 no virus found
FileAdvisor 1 06.08.2007 no virus found
Fortinet 2.85.0.0 06.08.2007 W32/Hupigon.ENE!tr.bdr
F-Prot 4.3.2.48 06.07.2007 no virus found
F-Secure 6.70.13030.0 06.08.2007 no virus found
Ikarus T3.1.1.8 06.08.2007 no virus found
Kaspersky 4.0.2.24 06.08.2007 no virus found
McAfee 5048 06.07.2007 no virus found
Microsoft 1.2503 06.08.2007 password protected
NOD32v2 2318 06.08.2007 the file is probably password protected.
Norman 5.80.02 06.07.2007 no virus found
Panda 9.0.0.4 06.08.2007 no virus found
Prevx1 V2 06.08.2007 no virus found
Sophos 4.18.0 06.01.2007 no virus found
Sunbelt 2.2.907.0 06.07.2007 no virus found
Symantec 10 06.08.2007 no virus found
TheHacker 6.1.6.130 06.06.2007 no virus found
VBA32 3.12.0 06.07.2007 no virus found
VirusBuster 4.3.23:9 06.07.2007 no virus found
Webwasher-Gateway 6.0.1 06.08.2007 no virus found”

That’s the encrypted RAR archive: server.rar. I unpacked the file before sending to server.exe.

Server.exe is a live virus, so don’t try this at home, as they say on TV.

Fortinet seems to have some sort of decryption technology and can detect the virus even in the password protected RAR file.

Can I ask you a question?
Some body say that if I sent “rar" the people in avast lab will not accept it, but if I sent the samples as ".zip” the avast will accept it .
I don`t belive it ,because that sample is RAR,what should I do ?
Thank you ! :slight_smile:

na there is nothing like avast wont accept RAR… the thing is once u send a mail it is scaned at various levels
ie:it may be scanned at ur service provider ,router,and at various network levels.so if any of anti-virus software they u detect this threat it may block it… so when u archive a file with a password the contents of the files are encrypted.so the anti-virus softwares cant know the contents unless the password is supplied… so we send samples using archiving with winzip,winrar,7zip,tar etc and when AWIL recives them they’ll just unzip it and analyse it
and add it to their database…
u can send the virus in it sorginal format adding the password “123” in the body or u can unzip it and repack it giving it ur own password
“virus” is the standard one used i hope this helps :slight_smile:

Thank you very much :slight_smile: