webpro 31 Posted November 18, 2014 Report Share Posted November 18, 2014 Is there a way to prevent this ? Ad-Aware Gen:Variant.Barys.2099 20141118 BitDefender Gen:Variant.Barys.2099 20141118 DrWeb Trojan.DownLoader11.39526 20141118 Emsisoft Gen:Variant.Barys.2099 ( 20141118 F-Secure Gen:Variant.Barys.2099 20141118 GData Gen:Variant.Barys.2099 20141118 Ikarus Win32.SuspectCrc 20141118 Kaspersky HEUR:Trojan.Win32.Generic 20141118 MicroWorld-eScan Gen:Variant.Barys.2099 20141118 Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threatSymantec reputation Suspicious.Insight Just a did a VIRUSTOTAL scan of a project of mine. Geee it has nothing to do with blackhat stuff !Looks like everything done with UB triggers a couple of warnings.How can we stop this ? Thanks EDITED:Just tried to download it from my web site. AVAST blocked it Win32 Evo-Gen crap !Just submitted a report to them to try to unblock the software. Anything else i could do ? Thanks Quote Link to post Share on other sites
Edward_2 85 Posted November 19, 2014 Report Share Posted November 19, 2014 Is this what your talking about, apparently its very easy. Lol http://null-byte.wonderhowto.com/how-to/hack-like-pro-bypass-antivirus-software-by-disguising-exploits-signature-0141122/ http://www.slideshare.net/neelpathak009/antivirus-mechanisms-and http://null-byte.wonderhowto.com/how-to/hack-like-pro-kill-and-disable-antivirus-software-remote-pc-0141906/ http://null-byte.wonderhowto.com/how-to/hack-like-pro-getting-started-with-metasploit-0134442/ "Just a different angle on things" Quote Link to post Share on other sites
webpro 31 Posted November 19, 2014 Author Report Share Posted November 19, 2014 Well i meant from bots created by UBOT. They all look like if it's something bad. You cannot download them nor try to run them. At least on my end and i use avast.Also the virustotal always give a bad report. Ain't good at all for the biz either. How do you guys prevent this ?Only by telling people that it's false positive ? Or with procedures on how to unblock them with Avast ? What shall i add to the bot to make it look OK in other words ?Trusted in way ? Quote Link to post Share on other sites
Code Docta (Nick C.) 638 Posted November 19, 2014 Report Share Posted November 19, 2014 Do you have an .ico file for it? it helps. It's for the application icon that shows in windows and the task bar. You can use gimp or many free online services to make one. 256x256 is the max size need dev edition I think I uploaded one for you to test. I can make you one If needed. CDtest.ico Quote Link to post Share on other sites
webpro 31 Posted November 20, 2014 Author Report Share Posted November 20, 2014 Odd as i do have an .icoI wonder if the one i'm using could be "burned" as weird as it seems ? Anymore ideas guys ? This is really a problem for me right now. Quote Link to post Share on other sites
mamica 10 Posted January 10, 2015 Report Share Posted January 10, 2015 https://www.virustotal.com/sv/file/08180f44df4713b468c650ec9c55c46603ab78c965749a901ff135d69c48ae1a/analysis/ Cant make this work on JVZoo because it gives me virus alert. How are we supposed to sell a bot to customer if they see it as possible infection? Can anyone give any solution? EDIT:https://www.virustotal.com/sv/file/56bdb175a43fd857ee57da8623f04c2a11cf9ca250b5dd9e583bfa3209d9ff78/analysis/1420891988/More alerts, looks like this ubot 5 is still in beta version!!! Ubot 4 have zero virus alerts. Quote Link to post Share on other sites
mamica 10 Posted January 11, 2015 Report Share Posted January 11, 2015 https://www.virustotal.com/sv/file/1cecae4cd9337a747039e43c986aee84e053c32e2267a4f6bbcf39c7ccf29bb8/analysis/1420976411/vshttps://www.virustotal.com/sv/file/08180f44df4713b468c650ec9c55c46603ab78c965749a901ff135d69c48ae1a/analysis/ Version 4 wins!!!First virustotal is from version 4, second from version 5. Same bot, just a different ubotstudio used for compiling. Looks like i m back to using version 4, because i dont see a single advantage of version 5 over version 4. Quote Link to post Share on other sites
Bot-Factory 602 Posted January 12, 2015 Report Share Posted January 12, 2015 Yeah, I have the same problem. I first thought it's related to plugins, but this also happens without any plugins enabled. Dan Quote Link to post Share on other sites
mamica 10 Posted January 29, 2015 Report Share Posted January 29, 2015 So what are we going to do? I mean can we do anything? Quote Link to post Share on other sites
Bot-Factory 602 Posted January 29, 2015 Report Share Posted January 29, 2015 Well.. to be fair I have to say that this isn't just a problem of Ubot studio. Many other development applications can cause similar issues. http://blog.nirsoft.net/2009/05/17/antivirus-companies-cause-a-big-headache-to-small-developers/ Dan Quote Link to post Share on other sites
malefic 48 Posted January 29, 2015 Report Share Posted January 29, 2015 If the AVs are detecting a core Ubot file or the way Ubot encrypts the exe files then yes, it is indeed Ubots problem and there is nothing we as users can do about it. Looking at what Dan has said, with no plugins its still being flagged thats pointing firmly at a Ubot problem. Quote Link to post Share on other sites
yonatankra 1 Posted June 16, 2015 Report Share Posted June 16, 2015 Bump... this happens for the browser.exe file in ubot 5...A major setback and I believe this should be a free patch for anyone - especially developers...Any intention of solving this? Quote Link to post Share on other sites
webpro 31 Posted September 3, 2015 Author Report Share Posted September 3, 2015 Any fresh news on this guys ? Upcoming stealth version will reduce the issue i suppose ? Thanks Quote Link to post Share on other sites
Tony H. 16 Posted December 3, 2015 Report Share Posted December 3, 2015 I am running the latest version of UBot. A client just reported he deleted all the compiled bot files, I send him because his anti-virus program flagged it as trojan.Guys ... this is not good for business! And i must say i am rellay pissed. Paid 1K for a dev version and the update fee to have a reliable awesome application.But the best bot ide is useless if the resulting files can NOT be used and trusted. I am better of creating bots the old fashioned way (in python) if this is not fixed soon. Seriously. Guys please focus on getting THIS MAJOR ISSUE resolved.CheersTonyP.S. No serious business or corporate policy (talking about rules in IT infrastructure) in the world will allow these bots to be executed in any environment when these false positives show up.Guys I do not want to trash ubot ... i love the IDE and all the passion you put in ... but this major false-positive issue makes the software NOT useable because IT is NOT accepted by clients in the professional biz. Quote Link to post Share on other sites
MiriamMB 63 Posted December 7, 2015 Report Share Posted December 7, 2015 I am running the latest version of UBot. A client just reported he deleted all the compiled bot files, I send him because his anti-virus program flagged it as trojan.Guys ... this is not good for business! And i must say i am rellay pissed. Paid 1K for a dev version and the update fee to have a reliable awesome application.But the best bot ide is useless if the resulting files can NOT be used and trusted. I am better of creating bots the old fashioned way (in python) if this is not fixed soon. Seriously. Guys please focus on getting THIS MAJOR ISSUE resolved. CheersTony P.S. No serious business or corporate policy (talking about rules in IT infrastructure) in the world will allow these bots to be executed in any environment when these false positives show up.Guys I do not want to trash ubot ... i love the IDE and all the passion you put in ... but this major false-positive issue makes the software NOT useable because IT is NOT accepted by clients in the professional biz. Open a ticket with support or place the issue on the tracker. We have contacted many anti virus companies over the years over false positives. If you give us specifics about your client's issue, we can contact the company. See you in support. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.