Jump to content
UBot Underground

uBot v5 Virus Alert


Recommended Posts

I just start my uBot v5.06 and i got a popup "downloading support files blablabla" and immediately my antivirus and malwarebytes blocked everything.

See screenshots.

 

http://i.imgur.com/izlVvia.png

 

 

http://i.imgur.com/heMVPVi.png

Link to post
Share on other sites

I just checked the latest (5.0.7) version of that file with Virustotal:

 

https://www.virustotal.com/de/file/52d294391553b1c45d917d0ec7bea0087d06919206fe1bdb6082b6448b34a246/analysis/1392594694/

 

The three alerts are false positives in my opinion.

Ubot Studio has a lot of copy protection mechanisms built in. They can be detected as spyware / Trojans from time to time.

Because the stuff is encrypted and is using other decompile protection routines. 

 

But if you want an official answer, I would open a support ticket with the ubot guys.

Cheers

Dan

Link to post
Share on other sites

We are investigating the issue and we will update this tracker once a viable solution is found for this anti-virus: http://tracker.ubotstudio.com/issues/315

 

For now, please make an exception for the flagged file within your anti-virus.

 

Let us know at support.ubotstudio.com if you have any other questions about the process of investigating the issue.

Link to post
Share on other sites

We are investigating the issue and we will update this tracker once a viable solution is found for this anti-virus: http://tracker.ubotstudio.com/issues/315

 

For now, please make an exception for the flagged file within your anti-virus.

 

Let us know at support.ubotstudio.com if you have any other questions about the process of investigating the issue.

 

In your issue you only mentioned Malwarebytes, but in my first post i also mentioned my anti virus ESET NOD32 that detected a trojan.

Link to post
Share on other sites
  • 8 months later...

I also lost one customer for this false positives. Really dont like it. Now every time i send someone bot i need to explain them and they look at me as i m some kind of hacker or scammer...

 

 

EDIT: and at moment i use  5.5.1 version

  • Like 1
Link to post
Share on other sites

I also lost one customer for this false positives. Really dont like it. Now every time i send someone bot i need to explain them and they look at me as i m some kind of hacker or scammer...

 

 

EDIT: and at moment i use  5.5.1 version

 

Seth mentioned that he is contacting all major antivirus software to whitelist UBot 5.5 as well.

 

With great communication you shouldn't lose clients because of that though. You need to explain to them that this is actually pretty common with bots (not just Ubot). You could even show them tutorials (for their specific antivirus software) or even videos that explain how they can add exceptions to their antivirus/firewall system.

 

Communication with your customers and good customer support is probably the most important thing when you go commercial. With great communication you can even prevent refunds based on crashes (like our favorite browser.exe crash etc.).

 

Good luck!

 

Marton

 

p.s.: I'm not saying that it wouldn't be great to not have to deal with stuff like this, but you will always face similar problems when you sell your software to the public.

  • Like 1
Link to post
Share on other sites

I'm having to turn my antivirus off just to compile and launch my bots :(

 

I'm glad I'm not the only one so thanks for advising this.

 

Seems to have happened since the recent update. Before that it was fine.

 

Progress Huh :(

Link to post
Share on other sites
  • 1 year later...

Well,  I can tell you that these are not all false positives.  The backdoor bot which is a ubot file is legit and it got me big time.  Files from my pc have been uploaded to the internet and all kinds of other things.  The ubot files ARE harmful whether they want to admit it or not.

 

I submitted all of the ubot files to ESET and they confirmed that most of the infected files or malicious files are legit and are harmful.

 

Obviously I can't tell my customers that it's alright and they are just false positives when they are not.  I've removed every ubot file from my pc.

 

I read the article about virus software being obsolete and not needed and couldn't believe it.

Link to post
Share on other sites

Well,  I can tell you that these are not all false positives.  The backdoor bot which is a ubot file is legit and it got me big time.  Files from my pc have been uploaded to the internet and all kinds of other things.  The ubot files ARE harmful whether they want to admit it or not.

 

I submitted all of the ubot files to ESET and they confirmed that most of the infected files or malicious files are legit and are harmful.

 

Obviously I can't tell my customers that it's alright and they are just false positives when they are not.  I've removed every ubot file from my pc.

 

I read the article about virus software being obsolete and not needed and couldn't believe it.

 

 

UBot files are absolutely not capable of uploading any files to the internet or any other "stuff". They are simply files that exist to help UBot run.

 

It sounds like your system contracted a virus. Please run a system wide scan to find out where else the virus might have infiltrated.

 

 UBot files cannot turn into something else and upload your items to the internet, unless someone actually opened UBot and created a script in UBot on your system to do so.

 

There is nothing to fix unless there is a false positive involved.

 

Please check your entire system for other culprits in order to prevent this in the future.

 

To get back on track, we have been contacting Malwarebytes, AVG, and many more and having them scan everything that comes with UBot Studio in order to remove false positives. 

 

All files are scanned and safe. If you encounter any more false positives, please feel free to add it to the tracker

Link to post
Share on other sites
  • 4 weeks later...

Yup everything is perfectly fine... however my system wont let me install either of the latest updates and daily I receive complaints from customers, spend minimum 20 min (each sub) allowing files through their av and firewalls... but everything is fine.. its their systems and mine..

.

Link to post
Share on other sites

Yup everything is perfectly fine... however my system wont let me install either of the latest updates and daily I receive complaints from customers, spend minimum 20 min (each sub) allowing files through their av and firewalls... but everything is fine.. its their systems and mine..

.

Rich, 

 

If you're encountering Specific false positives with UBot Studio, submit a ticket to the tracker as instructed and we'll contact the anti virus creator.

 

Be sure to include the name of the Specific companies you're seeing this issue with.

 

If you are encountering false positives with your bot, you can contact the Anti virus creator to get your bot white listed. You can bundle your files in an installer as well.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
×
×
  • Create New...