Jump to content


Photo

Virus Submission


  • This topic is locked This topic is locked
2 replies to this topic

#1 Florin Stiuca

Florin Stiuca

    Frequent Poster

  • Members
  • PipPipPip
  • 438 posts
  • Gender:Male
  • Location:Bucharest, Romania

Posted 11 April 2007 - 03:51 PM

As many of you encounter daily False Positives or even real threats like undetected trojans, viruses or any type of malware we thought that it would be better to just upload them here on the forums besides the classic way (e-mail).

You can all still send the files to virus_submission@bitdefender.com or to support@bitdefender.com. You put the files in an archive (*.zip, *.rar) and you password protect it (the password should be "infected").
But you can also attach the files (also compressed and password protected) to your post from the Malware Talk forum. The upload limit is at 2MB per POST and you can upload a total of 90MB from your account.

We decided to put this option for everybody because it's easier for the guys over at the labs to sort them out of thousands of samples they receive daily.

If you have some other ideas don't hesitate to post it here. wink.gif

#2 Cd-MaN

Cd-MaN

    Regular Poster

  • Members
  • PipPip
  • 291 posts
  • Location:Romania

Posted 23 April 2007 - 04:28 PM

How to create a password protected archive?
  • If you have IZArc (free) installed
    1. If you are reporting a file which is being detected (a false positive for example), you need to temporarily disable the real-time protection.
    2. Right-click on the file/folder you wish to add to the archive.
    3. Select IZArc -> Add to Archive File...
    4. Click on the Password button and enter the password twice. Remember to use a standard password like "infected", "malware" or "virus" (without the quotes)
    5. Press the Add button
    6. Now re-enable the real-time protection if you have disabled it in step one. Files inside of password protected archives are not scanned so you can manipulate (copy, move, attach, send) the archive without being blocked
  • If you have 7-zip (free and open-source) installed
    1. If you are reporting a file which is being detected (a false positive for example), you need to temporarily disable the real-time protection.
    2. Right-click on the file/folder you wish to add to the archive.
    3. Select 7-zip -> Add to archive...
    4. Select Zip for archive format
    5. Enter the password in the "Password" field. Remember to use a standard password like "infected", "malware" or "virus" (without the quotes)
    6. Press Ok
    7. Now re-enable the real-time protection if you have disabled it in step one. Files inside of password protected archives are not scanned so you can manipulate (copy, move, attach, send) the archive without being blocked
  • If you have WinRar installed
    1. If you are reporting a file which is being detected (a false positive for example), you need to temporarily disable the real-time protection.
    2. Right-click on the file/folder you wish to add to the archive.
    3. Select "Add to archive..."
    4. Select ZIP for the archive format
    5. Go to the Advanced tab and click the "Set password" button
    6. Enter the password twice. Remember to use a standard password like "infected", "malware" or "virus" (without the quotes). Press Ok
    7. Press Ok again to create the archive
    8. Now re-enable the real-time protection if you have disabled it in step one. Files inside of password protected archives are not scanned so you can manipulate (copy, move, attach, send) the archive without being blocked
  • If you have WinAce installed
    1. If you are reporting a file which is being detected (a false positive for example), you need to temporarily disable the real-time protection.
    2. Right-click on the file/folder you wish to add to the archive.
    3. Select "Add to..."
    4. Go to the Options tab
    5. Select ZIP for the archive type
    6. Enter password twice, one in the "Enter password" field and once in the "Re-enter password for verification" field. Remember to use a standard password like "infected", "malware" or "virus" (without the quotes)
    7. Press the Close button when the archiving process finishes.
    8. Now re-enable the real-time protection if you have disabled it in step one. Files inside of password protected archives are not scanned so you can manipulate (copy, move, attach, send) the archive without being blocked
  • If you have WinZip installed
    1. If you are reporting a file which is being detected (a false positive for example), you need to temporarily disable the real-time protection.
    2. Right-click on the file/folder you wish to add to the archive.
    3. Select WinZip -> Add to Zip file...
    4. Mark the checkbox which says "Encrypt added files" in the options area (in the lower part of the dialog box)
    5. Enter your password twice and press Ok. Remember to use a standard password like "infected", "malware" or "virus" (without the quotes)
    6. Now re-enable the real-time protection if you have disabled it in step one. Files inside of password protected archives are not scanned so you can manipulate (copy, move, attach, send) the archive without being blocked


#3 Cd-MaN

Cd-MaN

    Regular Poster

  • Members
  • PipPip
  • 291 posts
  • Location:Romania

Posted 23 April 2007 - 04:29 PM

How to upload big files?

As you know the attachment size for the forum is limited to 2MB / file which should be enough for 99% of the cases. However if you need to send a bigger file, you can do the following:
  1. Create a password protected ZIP archive (the files you might send can contain malware, so care should be taken to avoid accidental execution of it)
  2. Use any of the following services to send the file:
    • Yousendit - to "Recipient email(s)" enter virus_submission@bitdefender.com, to "Your email" enter your e-mail address, press the browse button and select the archive to upload. Press the "Send it button" and wait for the file to finish uploading. Copy the resulting link (which should have the form of "http://download.yousendit.com/39D912343A31EAE4").
    • ShareBig - click on the Upload button and select the archive to upload. Wait while the file gets uploaded. Copy the link from the bottom of the page (where it says "3. Receive your download links to share." - it should be a link like "http://www.sharebig.com/share.php?id=s12hmumkjtt2khLJn").
    • zUpload.com - press Browse and select the archive you wish to upload. Press the "UPLOAD FILE" button. Wait for the upload to finish. Copy the resulting link (which should the the of "http://z32.zupload.com/download.php?file=getfile&filepath=25413").
    • Depositfiles - Click on Browse and select the archive to upload. Mark the checkbox where it says "Accep user agreement" and click Upload. Wait for the upload to finish. Copy the resulting link (which should have the form of "http://depositfiles.com/files/793612").
  3. Send the resulting link in a PM (Private Message) to one of the virus researchers. As the files might contain active malware samples, please do not post them in the public forum to avoid contamination of visitors who may click on the link by mistake.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users