Author Topic: Why don't you have added a virus to the database?  (Read 3252 times)

0 Members and 1 Guest are viewing this topic.

antrox

  • Guest
Why don't you have added a virus to the database?
« on: August 28, 2011, 12:56:38 PM »
Hi!
Why don't you have added a virus to the database?

A few days ago i am send you a virus (file name: GUESTS_IH.exe) that steals passwords to the Russian social network (www.vkontakte.ru).
The virus modifies the HOSTS file, then loaded the pirate page instead of original, you enter the password and send it to hackers!
I have attached a description, but the virus has not been added! Why? Perhaps because the sites at which to redirect not working now?
Virustotal report:
http://www.virustotal.com/file-scan/report.html?id=9989f97eda5701283d4bb1bbaa19599b20ede44430f2d5abf7b81536c23c62b8-1314527827

Question №2 (the main):
Why Avast not responds to changes in HOSTS file?

Thx.
« Last Edit: August 28, 2011, 01:07:43 PM by antrox »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: Why don't you have added a virus to the database?
« Reply #1 on: August 28, 2011, 01:15:52 PM »
how to send samples

In mail

send to  virus @ avast.com  in a password protected zip.file  ( recomended 7zip or rar )
Mail subject: undetected sample
zip.file password: infected


sending from avast chest

Moving files to avast! chest
http://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=501#idt_03

Submitting files from the Virus Chest to avast! Virus Lab
http://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=501#idt_07


from website - see dropp down menu ( report of undetected malware )

http://www.avast.com/en-no/contact-form.php?loadStyles&subject=SALES

« Last Edit: August 28, 2011, 01:20:20 PM by Pondus »

antrox

  • Guest
Re: Why don't you have added a virus to the database?
« Reply #2 on: August 28, 2011, 01:39:38 PM »
1.
send to  virus@avast.com  in a password protected zip.file  ( recomended 7zip or rar )
Mail subject: undetected sample
zip.file password: infected

2.
sending from avast chest

I have used both of these methods + short discription of virus.
Screenshot of mail:
« Last Edit: August 28, 2011, 01:50:45 PM by antrox »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: Why don't you have added a virus to the database?
« Reply #3 on: August 28, 2011, 02:17:29 PM »
detected by Malwarebytes as Trojan.Qhost
not detected by SAS - have submited


ThreatExpert
http://www.threatexpert.com/report.aspx?md5=0e41f2a500a22d02a16d49bafd9f5cf4
« Last Edit: August 30, 2011, 09:57:29 PM by Pondus »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user