hello,
I do not use avast but i want to submit new virus.
what i can do this url to upload virus or e-mail.
thank you.
How do you know avast doesn’t detect it already ?
What information do you have on this ‘new’ virus ?
Send the sample to virus@avast.com zipped and password protected with the password in email body (virus will be fine), a link to this topic might help and undetected malware in the subject.
Help! DavidR
How I can send files or archives to virus@avast by email? because I try several times through gmail, and can’t send, it’s tell me that I cant send executable files through email for security or prevent possible infection. Also i send the file through avast chest and the TrojanDownloader:Win32/Renos.JS still undetectable.
Help please!!!
My answer was for someone ‘not using avast’ you can send the file from the chest, having first added it to the user files section of the chest.
Add the file to the User Files (File, Add) section of the avast chest (if it isn’t already in the chest) where it can do no harm and send it from there. A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that.
Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page.
Only 4/41 antivirus detected it! (Authentium,F-Prot,Kaspersky,Panda)
detected as:
Authentium: W32/FakeAlert.CO.gen!Eldorado
Kaspersky: Packed.Win32.Krap.ag
here the results:
File size: 91648 bytes
MD5…: f9bf3364697768efb04678017f214fdc
SHA1…: c1e2b77b4e32a8bccbaae8ac42049f073772e954
SHA256: 4cf40af157e093d3ef018c826d18e8eca0534c84fab7d76b6c13d3702c42c912
ssdeep: 1536:OltTwsWdf06bJMykbrMgBU/E6G7GVNEN63y1lst0DD8xQS1iW:OltTtWdoy
k/XIE9s/C1g1
PEiD…: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1810
timedatestamp…: 0x463c76e3 (Sat May 05 12:21:55 2007)
machinetype…: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.g7d9 0x1000 0x7c2f 0x7e00 6.63 92d4ec3a28dd826f9baf31957959b8f1
.4f75a 0x9000 0x2238 0x2400 6.75 5a661ef53a5639419cafa5d086004cef
.3860 0xc000 0x66ba0 0xac00 6.20 c21ddedf963ce78093e8935e2179f987
.96adh 0x73000 0xcc4 0xe00 2.30 f67f439cc92262f3ab2ffedab35bbfce
.rsrc 0x74000 0x4b7 0x600 4.01 b9d4c8d38b4d6a94218f46eddb225a68
( 2 imports )
KERNEL32.DLL: GetLocalTime, ExitProcess, DeleteAtom, DeleteFileA, CopyFileExA, AddAtomA, WriteFile, ExitThread, GetFileTime, GetStdHandle, FindAtomW, FindClose, OpenFile, OpenFileMappingA, DeleteFileW, FreeResource, GetFileType, GetLastError, CopyFileA, ReadFile, FlushFileBuffers, FatalExit, GetCPInfo, AddAtomW, CopyFileExW, GlobalFree, CreateDirectoryA, FindAtomA, GetPriorityClass
KERNEL32.DLL: ExitProcess, OpenFileMappingA, GetCPInfo, DeleteFileA, GetLocalTime, GetFileType, AddAtomW, CreateDirectoryA, AddAtomA, GetStdHandle, FatalExit, DeleteFileW, GetPriorityClass, FindAtomA, FlushFileBuffers, OpenFile, CopyFileExA, GetFileTime, ReadFile, ExitThread, FindClose, WriteFile
( 0 exports )
RDS…: NSRL Reference Data Set
pdfid.: -
trid…: Win32 Executable Generic (35.2%)
Win32 Dynamic Link Library (generic) (31.3%)
Win16/32 Executable Delphi generic (8.5%)
Clipper DOS Executable (8.3%)
Generic Win/DOS Executable (8.2%)
sigcheck:
publisher…: n/a
copyright…: n/a
product…: n/a
description…: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments…: n/a
signers…: -
signing date.: -
verified…: Unsigned
Still worth submitting even with a low hit rate at virustotal.
These fake alerts/rogue security applications are generally well covered, unfortunately there are just so many variants trying to avoid detection.
Try this tool (if you haven’t already got it) as it was originally designed to hunt our rogue programs and has developed from that.
MalwareBytes Anti-Malware, On-Demand only in free version http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe, right click on the link and select Save As or Save File (As depending on your browser), save it to a location where you can find it easily later. Download, update and run periodically as part of a multi application approach to security and that should improve your overall security.