More mentions of UBot… Bot.exe
Application
UBotCompiled
system
42
You are talking nonsense and again not reading and just writing plain stupid things.
So one more time(if you didn’t’ understood last time)
I don’t need any help from non AVAST staff especially not from ignorant people.
Please “don’t help me”, especially with same questions and assumptions repeating over and over again, pleaseeee, Thanks!!!
And once again:
To conclude, we came here initially to speed up the process of FP removal, which happened already and if you paid attention FP was removed for V1.0
So we are not hiding or running away from it, on contrary we are encouraging it from day 1, asking AVAS to scan/examine our exe as son as possible.
We just wanted to speed up the process, instead you are attacking us showing online scans that we are aware of and which are the reason why we are asking AVAST to speed things up.
So what is the problem here??? Why all the negativity, attacking I asked for God know how many times?
system
43
I already wrote about Ubot and I’m writing it again for 3rd or 4th time again, I don’t know why I’m explaining this now, because it feels like I’m talking to the wall, soon as I write something you find something else(mostly irrelevant things and stupid assumptions), always this negativity:
“We purchased Developer UBot license (we have all the documents of course)… so we don’t know what UBot is “adding” in their code, but they swear that they don’t get any virus alerts for apps created by UBot when we ask them for advice on this.”
Basically it is point and click software/bot creator, with the ability to edit some code… But it it puts their own stuff in the exe file when you compile it. And each time you compile it it put these functions/libraries, and all other different stuff to that exe, so this is for ubot users “black box”.
Our “internal” version is currently v1.1 but what ubot puts there(the thing you see(you posted) we can’t control), every bot/exe created with this ubot version will have all that same info in it… So our first “internal” version was v1.0, which was also recognized as virus then we requested FP and I opened this thread to speed things up, then avast removed FP.
Then after few days, we changed version(our internal) to v1.1, compiled exe and avast and others pick it up as virus(again), then we filed it again as FP and I updated this thread again to speed things up again.
That is it, then you all came here with your assumptions and repeating all the same things over and over again.
About that scan you posted link for in last post…so what is the reason you posted that, what you want to achieve?
I already show you the newest scan, so you will be showing me scans from few weeks? WTF? Really??
This is from a minute ago,
https://www.virustotal.com/en/file/e4441465e61d7be99f97266c0a03274ca4a80f48ffb5b7c85355e003695d7be9/analysis/1398475124/
do you have some from last month maybe?
What assumption or smart conclusion you will find next?
Why you are even doing this? Why the negativity? Are you really think and stick to your theory that we are scammers/spammers, working our asses of for few moths to create our business in order to scam people for few days and then ask publicly on ati vir forum about our virus/malware?
Do you really think people who are creating this shit really do post on anti vir forums asking why their virus is deleted? Really man???
I will not respond from now on to any of such stupid responses or assumptions or what ever…
Waiting on AVST staff to publish scans and conclusions on our exe file, thanks!!
Eddy
44
So what is the problem here?
You are the problem.
You are talking nonsense and again not reading and just writing plain stupid things.
The only one who is doing so is you.
so we don't know what UBot is "adding" in their code
Decompile the code, look at it and you will know.
If you think we are just trying to bash you and/or your software, you got it all wrong.
We try to help you by pointing out where and what the problems are with your software as well as with your website so you can solve them.
If you only want people from avast to respond, you should not post on a public webboard but contact avast directly.
http://www.avast.com/contact-form.php
We do not just show you old scans.
Hence why I noticed the md5 was changed as well as the detection by many av’s when you released version 1.1.
If you don’t understand the problems/what we are saying, just say so.
It is not a shame if you don’t.
Your job is marketing, not programming/analyzing programs/websites.
Milos
45
Hello,
thank you for reporting the sample. False positive is fixed now.
Sorry for any inconvenience.
Milos
Milos,
Can I question that? Why did you remove the block when more AV’s are blocking it? The exception to that is, he changed the MD5
system
47
First Milos thanks for your response and help in this matter!
For the rest of you, I would write something which I know will be deleted, but I know you can guess what!
I bet you don’t feel so smart now, ha? But, these kind of people with “thick skin” they don’t feel any shame, I know for a fact that you have something smart to say even now!
As a matter of fact, after the man from the Avast confirms FP, you are still smart, who knew?
So you just proved what I was talking all the time, that mostly all of you are very ignorant, hostile and negative bunch of people(again I would write you a word what you are but it is not allowed), from whom I dont’ need and didn’t asked for any help in the first place, above all as I said your are nor reading, because everything is explained, but I’m afraid that if you do actually read what I wrote you wouldn’t understand it, because non of you actually did understood so far, except for two guys here(maybe) and Avast staff of course. But as I said I will not explained it anymore, smart people will find it, read it, understand it, for the rest of you, I don’t give a …
And BTW I’m developer for more then a 10 years know, so I would say I know thing or two about coding.
Avast thanks again for your help in removing FP!
Nemanja
Yet, by your OWN words, you don’t know why uBot is being added into your code?
By the way. They have an anti-swear filter (fk st).
And before you pull the bull*, My app is only detected by 1 “Unknown AV”. Check the scans from the firsy post. You just changed the MD5
Unblocked as you have seen - targets matched ;D, the DrWeb scan redirect still seems weird. I cannot find a direct explanation for the scanner behaviour, must be the coincidence of the wXw.ma shortening, that DrWeb should exclude to execute that way.
polonus
Pondus
50
see my reply #16
and the file name shown in VT scan (bot.exe) does not mean much …
if i still had that sample i could have uploaded it again and called it Michael