|
You last visited: Today at 12:43
Advertisement
Pixelbot Warning ! Virus detected ! [IMPORTANT]
Discussion on Pixelbot Warning ! Virus detected ! [IMPORTANT] within the DarkOrbit forum part of the Browsergames category.
07/08/2013, 13:26
|
#1
|
elite*gold: 0 
Join Date: Sep 2011
Posts: 47
Received Thanks: 9
|
Pixelbot Warning ! Virus detected ! [IMPORTANT]
I have downloaded FlutterShy's pixelbot 1-2 month ago. Since that date, my PC becomes slower. I was searching the reason of it then I remembered I have Pixelbot ( Flutter-bot ) on my desktop. I scanned that on Virustotal.com and got these results: (28/47)
I downloaded the bot again today from FlutterShy's website ( Cuz he deleted the download link from his topic: ) and scanned again. Got the same results...
If you want to download Pixelbot from his website scan that again, you can use this link
I scanned the bot with ESET Smart Security 5 and it said it is clean. But I sent the bot for scan to ESET and they said me it is a malware. Because of it is crypted, most of the Antiviruses cannot find it.
He has bended his bot with his RAT server(virus), and crypted 'em. He says he has crypted the bot for its source codes. But i think this isn't true, of course  . If you run his bot, your computer will be added to his RAT client list, and he can do everything to your computer; keylogging, stealing your accs, learning your stored passwords, watching your webcam and desktop etc. etc. He takes all the users for a fool. 
He always says "Trusted members checked my source codes and have found no problem.". Yeah, I'm agree with that. There may be no problem with source code. Bot works very fine. Cuz the RAT doesn't effect bot's functions.
I saw that other Trusted(!) members supporting him: The blind leading the blind
So, I want to warn e*pvp family not to use Pixelbot(Flutter-bot). Or use at your own risk.
|
|
|
|
07/08/2013, 13:27
|
#2
|
elite*gold: 3570
Join Date: Dec 2012
Posts: 13,044
Received Thanks: 8,252
|
FlutterShy is trusted. I know the source.
There is nothing awful in it. So stop telling **** and look what you download. Maybe you downloaded any fake crack.
|
|
|
|
|
07/08/2013, 13:33
|
#3
|
elite*gold: 0
Join Date: Sep 2011
Posts: 47
Received Thanks: 9
|
Quote:
Originally Posted by Requi
FlutterShy is trusted. I know the source.
There is nothing awful in it. So stop telling **** and look what you download. Maybe you downloaded any fake crack.
|
No I have downloaded the bot from his website, haven't downloaded anything else like fake crack etc. And we talked about it with him, I sent the Virustotal results to him he scanned that again and he says It's not a virus I have the source codes trusted members have checked that and there is no problem.
I don't say anything to his bot. The bot works fine, it's source code may have no problem, but when it is working, on the other hand you are setting up the RAT to your computer. Download that and scan that on Virustotal. Please see the results.
|
|
|
|
|
07/08/2013, 13:37
|
#4
|
elite*gold: 3570
Join Date: Dec 2012
Posts: 13,044
Received Thanks: 8,252
|
Quote:
|
but when it is working, on the other hand you are setting up the RAT to your computer.
|
The RAT doesn't come from the bot. I am 100% sure.
|
|
|
|
|
07/08/2013, 13:39
|
#5
|
elite*gold: 0
Join Date: Sep 2011
Posts: 47
Received Thanks: 9
|
Quote:
Originally Posted by Requi
The RAT doesn't come from the bot. I am 100% sure.
|
If you are sure, download Pixelbot from that Trusted member's website and scan that on Virustotal. RAT is binded with the bot. And they are crypted to be FUD.
|
|
|
|
|
07/08/2013, 13:42
|
#6
|
elite*gold: 3570
Join Date: Dec 2012
Posts: 13,044
Received Thanks: 8,252
|
.rar:
.exe bot:
.exe updater:
I am sure, it's from the packer. But I'll talk with him, if he is online.
Also, I googled the type of virus. It's seems to be like adware. Maybe he put something like a hidden adfly bot, to earn cash with ads.
If you would make a Bot, I think you want money too, or?
|
|
|
|
|
07/08/2013, 13:46
|
#7
|
elite*gold: 0
Join Date: Dec 2012
Posts: 25
Received Thanks: 15
|
same result
|
|
|
|
|
07/08/2013, 13:49
|
#8
|
elite*gold: 0
Join Date: Sep 2011
Posts: 47
Received Thanks: 9
|
Quote:
Originally Posted by Requi
.rar:
.exe bot:
.exe updater:
I am sure, it's from the packer. But I'll talk with him, if he is online.
Also, I googled the type of virus. It's seems to be like adware. Maybe he put something like a hidden adfly bot, to earn cash with ads.
If you would make a Bot, I think you want money too, or? |
But he must warn the users before download. Cuz an adware bot uses the bot user's internet without his permission. I am into Crypting, Decompiling and Remote Administrating and he has used "CryptMyFile" he thinked it was FUD but now it is not FUD anymore cuz someone has sent the file Virustotal before me and they analysed the file and solved the cryption. And when I uploaded my RAT server to Virustotal with the same cryption, it says the same virus type. So im 100% sure it is not an Adware bot. So, I'm just saying this:
Due to my scans it is binded with a RAT server that can easily harm your PC, so use it at your own risk !
|
|
|
|
|
07/08/2013, 13:51
|
#9
|
elite*gold: 3570
Join Date: Dec 2012
Posts: 13,044
Received Thanks: 8,252
|
It's not bound with a rat.
So stop lieng now! I talked with him.
It's just packed.
|
|
|
|
|
07/08/2013, 13:55
|
#10
|
elite*gold: 0
Join Date: Sep 2011
Posts: 47
Received Thanks: 9
|
Quote:
Originally Posted by Requi
It's not bound with a rat.
So stop lieng now! I talked with him.
It's just packed.
|
Do you think he will tell the truth ? I'm not lying, I just warn the e*pvp users for not being negatively effected from his RAT binded bot!
|
|
|
|
|
07/08/2013, 14:01
|
#11
|
elite*gold: 0
Join Date: Apr 2013
Posts: 2,622
Received Thanks: 653
|
Flutter,just don't turn on my webcam when i'm seeing p*rn and it's all okey 
|
|
|
|
|
07/08/2013, 14:14
|
#12
|
elite*gold: 10
Join Date: Feb 2011
Posts: 2,189
Received Thanks: 526
|
Quote:
Originally Posted by Requi
FlutterShy is trusted. I know the source.
There is nothing awful in it. So stop telling **** and look what you download. Maybe you downloaded any fake crack.
|
There also are a posibility that he gived you the source withouth virus and he have 2 versions, withouth and with virus so he'll give withouth to the security(admins-mods-other people) and with virus to us.
Think about it.
|
|
|
|
|
07/08/2013, 14:27
|
#13
|
elite*gold: 61
Join Date: Oct 2010
Posts: 1,188
Received Thanks: 2,403
|
Haha this thread looks like original poster, trying to shoot on someone else, just because the original poster got infected at the internet.
Sounds like OP has visited a site that had a java driveby,
Best Regards Zeta
|
|
|
|
|
07/08/2013, 14:53
|
#14
|
elite*gold: 50
Join Date: Sep 2012
Posts: 3,841
Received Thanks: 1,462
|
Quote:
Originally Posted by Requi
It's not bound with a rat.
So stop lieng now! I talked with him.
It's just packed.
|
it isnt even packed its a normal compiled .exe without any deobfuscating .
I dont use hidden adfly tool and if i do i wont say users anything because they dont get any issues from it .
Most antivir software will detect these code lines
Code:
Global $ver = "1.0"
Global $ver2 = "1.0"
Global $ver3 = "1.0"
Global $iniurl = "https://dl.dropbox.com/s/p43zl6b6p0oxazh/bot.ini?token_hash=AAFq3stld5RFXJ3DS3xd0fMQA821TkxVnhHkJXrd4bho4Q&dl=1"
Global $updaterurl = "https://dl.dropbox.com/s/185mgkhkfxspwtx/Flutter-Updater.exe?token_hash=AAFTJfuCdqQvz8jcOEl-l2bK1KFGmKLFQevu18ZSEYaMOQ&dl=1"
Global $boturl = "https://dl.dropbox.com/s/kmg5f0f0d2btfw9/Flutter-Bot.exe?token_hash=AAFKZ-eztSkSQSEbCrJ7raeXd4G2FY7pRCr7wkF0vshdGg&dl=1"
ProcessSetPriority("Flutter-Bot.exe", 4)
_check()
Func _check()
InetGet($iniurl, @ScriptDir & "\bot.ini", 1, 0)
$updater = IniRead(@ScriptDir & "\bot.ini", "update", "update", "")
$aktuell = IniRead(@ScriptDir & "\bot.ini", "version", "version", "")
$links = IniRead(@ScriptDir & "\bot.ini", "links", "link1", "")
If $updater <> $ver2 Then
MsgBox(1, "Updater", "Updater needs new version")
InetGet($updaterurl, @ScriptDir & "\Flutter-Updater.exe", 1, 0)
Else
FileDelete(@ScriptDir & "\bot.ini")
EndIf
If $aktuell <> $ver Then
FileDelete(@ScriptDir & "\bot.ini")
MsgBox(1, "Updater", "Bot update Available" & @CRLF & "Close Bot Now")
Run("Flutter-Updater.exe")
Sleep(100)
Exit
Else
FileDelete(@ScriptDir & "\bot.ini")
EndIf
EndFunc
its the source for the download from an Update
|
|
|
|
|
07/08/2013, 15:07
|
#15
|
elite*gold: 0
Join Date: Sep 2011
Posts: 47
Received Thanks: 9
|
Quote:
Originally Posted by »FlutterShy™
it isnt even packed its a normal compiled .exe without any deobfuscating .
I dont use hidden adfly tool and if i do i wont say users anything because they dont get any issues from it .
Most antivir software will detect these code lines
Code:
Global $ver = "1.0"
Global $ver2 = "1.0"
Global $ver3 = "1.0"
Global $iniurl = "https://dl.dropbox.com/s/p43zl6b6p0oxazh/bot.ini?token_hash=AAFq3stld5RFXJ3DS3xd0fMQA821TkxVnhHkJXrd4bho4Q&dl=1"
Global $updaterurl = "https://dl.dropbox.com/s/185mgkhkfxspwtx/Flutter-Updater.exe?token_hash=AAFTJfuCdqQvz8jcOEl-l2bK1KFGmKLFQevu18ZSEYaMOQ&dl=1"
Global $boturl = "https://dl.dropbox.com/s/kmg5f0f0d2btfw9/Flutter-Bot.exe?token_hash=AAFKZ-eztSkSQSEbCrJ7raeXd4G2FY7pRCr7wkF0vshdGg&dl=1"
ProcessSetPriority("Flutter-Bot.exe", 4)
_check()
Func _check()
InetGet($iniurl, @ScriptDir & "\bot.ini", 1, 0)
$updater = IniRead(@ScriptDir & "\bot.ini", "update", "update", "")
$aktuell = IniRead(@ScriptDir & "\bot.ini", "version", "version", "")
$links = IniRead(@ScriptDir & "\bot.ini", "links", "link1", "")
If $updater <> $ver2 Then
MsgBox(1, "Updater", "Updater needs new version")
InetGet($updaterurl, @ScriptDir & "\Flutter-Updater.exe", 1, 0)
Else
FileDelete(@ScriptDir & "\bot.ini")
EndIf
If $aktuell <> $ver Then
FileDelete(@ScriptDir & "\bot.ini")
MsgBox(1, "Updater", "Bot update Available" & @CRLF & "Close Bot Now")
Run("Flutter-Updater.exe")
Sleep(100)
Exit
Else
FileDelete(@ScriptDir & "\bot.ini")
EndIf
EndFunc
its the source for the download from an Update |
I don't say anything wrong about the source code. It's source is not our problem. Bot works fine, we all know this. Problem is you have binded your Bot with a RAT server...
|
|
|
|
 |
|
Similar Threads
|
Crossfire Virus detected
10/03/2010 - CrossFire - 5 Replies
Hallo "Liebe" Com,
Als ich Heute Morgen mal wieder ne Runde zocken wollte kam ne Meldung von meinem Virenscanner das im Verzeichnis von CrossFire ein Virus wäre.Jetzt würd ich gerne wissen warum und was ich jetzt machen soll.
Hier ein Screen:
http://img440.imageshack.us/img440/6775/virusl.pn g
|
MH by banjo1 detected as virus?
05/27/2010 - Metin2 Private Server - 12 Replies
(any verson of M2 MultiversionHack by banjo1 v3.XX is detected)
ok ok i'm using this hack for almost 1 year and the current version i'm using 3.91
i never had this problem ,i'm using the same antivirus(kaspersky internet security 9.0.0.736) again for almost 1 year
i know is not a virus but what can i do to stop getting that "Alarm"(in the pic i tried with an older version 3.90 and the same "Alarm" i get)
and yes i tried to press Yes,Perform and after reset copy again the hack on the desktop...
|
[Important]Outdated/Detected trainers!!!
03/23/2010 - General Gaming Discussion - 0 Replies
Hello,
as all of you know, after every update the old trainer doesn't work anymore and sometimes EA detects trainers!
So, if a trainer is outdated or detected by EA please tell me as fast as you can!(PrivateMail)
That would help the other users (and me) a lot and makes the game more fun again :)
Regards
Poly
_______________________
|
all cheats are detected and some has virus!!!!
09/03/2009 - Grand Chase - 8 Replies
all cheats are detected and some has virus!!!!
ouch, there's no available cheat :(:mad::mad::mad::mad::facepalm:
|
[MSN|VIRUS] READ!!!! IMPORTANT
09/01/2009 - 12Sky2 - 2 Replies
Ok, alot of you guys got a, blah blah blah is this really you msg from me and other, sadly i trusted this noob, who claimed he needed Help hacking, AIO, and sent me a "virus" i turned down my sandbox and All to recieve it, coem to find out it was a msn, virus / keylogger, to remove it go to MSN Virus Removal Software - Download - (Remove MSN and Windows Live Messenger Viruses using our free tool!)
How does this releate to ts2, well over 8/10 of you guys have me on your msn so yea IT WASENT...
|
All times are GMT +1. The time now is 12:45.
|
|
![Pixelbot Warning ! Virus detected ! [IMPORTANT]](https://www.elitepvpers.com/forum/iconimages/darkorbit/pixelbot-warning-virus-detected-important_ltr.gif){kind=tracking}
