Wuzzup from BugBopper: What do you think of it?

The silence from Bugbopper developers is deafening. Has development ceased or what?

 

There is lots of new, great code in a version we will ship soon -- next week or so. Much of our attention lately, though, has been focused on improving our malware collection processes, our automated malware analysis system, and pages with which we report info. All of these infrastructure improvements will allow us considerable growth, and now nearly every system we run here is very scalable.

I agree with your earlier comment that we need an on-access scanner.

 

Re: Wuzzup: Worst cloud ever

When will there be exclusions?

 

Re: Wuzzup: Worst cloud ever

Good question!

We have a release that allows you to exclude any unknown from upload. This code has been nearly ready for a month, is getting some tweaks now, and should ship in January.

 

Re: Wuzzup: Worst cloud ever

What about exclude from scan?

 

Re: Wuzzup: Worst cloud ever

We haven't had requests for that, or talked about that. Can you tell me why you'd like it, and what sorts of files you'd exclude?

Also: could you suggest a way that you would like to see this implemented? (I wouldn't want malware adding itself to our exclusions!)

 

Re: Wuzzup: Worst cloud ever

I think exclusion of some folders would be good, you can enable captcha protection to avoid malware from doing that.

 

Re: Wuzzup: Worst cloud ever

@BugBopperGuy: I want to exclude the folder that contains my malware collection.

 

Re: Wuzzup: Worst cloud ever

That's reasonable. We might have this soon.

 

What does a score of "*" mean? Does it mean that the score is between 0-10%? Does it mean that BugBopper doesn't consider the file to be malware, although some scanners indicate it is?

Example: http://bugbopper.com/md5lookup.asp?md5=20b5a8f02ec56ddbc230cc1ffef67d88. This file got a score of "*".

There are also some conflicting statements on that page.

 

As far as I can tell, development of Buggy is either agonizingly slow or altogether non-existent. It started out with great vigor then withered on the vine.

Am I wrong?

 

Yes, the "*" means a score under 10%, and while one or more scanners thought it malware, we did not. For this particular file, however, more scanners now detect it as malware -- about 25% of those we've used -- see http://bugbopper.com/md5lookup.asp?md5=20b5a8f02ec56ddbc230cc1ffef67d88 now. Such a score, I think, could convince us that this is malware. But a closer look indicates that this is a malware analyzer, and these other products seem to be false alarming on it. see http://labs.idefense.com/software/malcode.php#more_malcode+analysis+pack



Thanks for pointing out those inconsistencies on this page. I think I have this set of bugs fixed.

 

It surely looks slow, thanks to my marvelous marketing job . In fact, lots has been going on, some of which may interest you:

• We have added a fine command-line scanner. More info.
• We are now shipping a DLL that you can call from your own program. The DLL scans for malware, including viruses, trojans, spyware, and other unwanted software, was designed to fit into your automated scanning procedures, and has exactly the same detection rate as BugBopper and BBCL. It is included at no extra charge with BugBopper. More info.
• We added real-time monitoring of our back office processes. You can now see on our home page how many malicious web pages we've examined (nearly a million), how many different files we've analyzed (11 million), etc.
• About half of our recent efforts have been involved in improving the quality and throughput of file processing. For instance, we have run about 700,000 files through our Sandbox.
• Our malware naming system is now standardized on the naming convention used by Kaspersky, explained on pages like this.
• We have created a file info lookup page that helps find info on any of 13 million files by MD5, SHA1, SHA256, filename, or size.
• We revised our encyclopedia presentation approach. We can now produce a web page on some file within five seconds or so of receiving it from a user. We have pages for info on a file (example) and named malware (example).

Lots more is in development.

 

Thanks for informing about those improvements. That looks promising...

 

It's all words --- words on this forum and words on Bugbopper's website -- but no tangible/visible changes that I can find.

As far as I can tell there is NOTHING new in Bugbopper since the day I bought a license. No right-click scans. No real-time monitor. No BB.dll. No BBCL. Nothing new whatsoever. My file integrity monitor spots any & all file changes, no matter how big or how small. Per that monitor, NO changes have been made to Bugbop in ages & ages.

Or is the updater on my copy of Bugbop broken?

 

The current installer delivers BBCL and right-click scans. The updater IS broken, as you suggest. If you want right-click scans immediately, you can install a fresh copy on top of your old one. BB.DLL is brand new, and is not shipping with the installer yet. I will provide a copy to anyone that wants it.

 

Thanks.. The updater indeed is broken. I just updated to the latest build and currently using the CL Scanner. It seems better to me. As I can configure it more...

 

Right Click scan uses the CL scanner. As Far I see it is good for single file only. for more files it often hangs. Also for each file it launches different CL window. It should be revised to open only one window.

 

Its intention was to allow a right click to spot-check a file that you weren't sure about, not a bunch of files. I'll take a look at the options here. You want to highlight several files, then right-click?

 

Yes...

 

Wow, never knew that.

 

Hoping to see a working BBCL asap

 

It is already there in the latest installer...

 

A note about the right-click scan feature: BugBopper caches the hash of a given file upon the first occurrence of it, and will use the cached hash if the file is later scanned again, even if the file's contents have since changed.

A feature request: when doing a right-click scan, BugBopper should send the hash of the given file's current contents.

 

I know, but it's not work for me

--------------------------------------

I know the problem, BBCL.exe cannot use standalone. lol