Wuzzup from BugBopper: What do you think of it?

Hi, just a point. As this is described as a malware remover - http://bugbopper.com - just wondered why it's not in - https://www.wilderssecurity.com/forumdisplay.php?f=35 -

Regards

 

Others started this thread, and it just happened to be here. I use the term "malware" to include computer viruses, worms, trojan horses, spyware, dishonest adware, crimeware, most rootkits, and other malicious and unwanted software, as Wikipedia does. (BugBopper is interested in ALL malicious, unwanted software.) But I think our language is imprecise, and some, such as McAfee, call everything "Virus".

I think that the distinctions between kinds of malware have grown less important in the last years. Viruses (narrow definition) were always rare, despite vendor hype, but now account for a very small fraction of all unwanted software. We've got some definitions and examples of kinds of malware that we detect here.

 

@ BugBopperGuy

Hi

Yeah i know, just thought it would have been moved

Malware is THE word, and has been for over five years now. Amazing how even "some" vendors still stick with Virus I think they are frightened that average users won't understand, and think if it's not called an AntiVirus app they might ignore it ?

Yours isn't, theirs is

I think the distinctions are important actually, in Reality, as far as detections/removal etc, due to the fact that there are so many different types of malware. Plus identifying them under different headings instead of just one, makes things clearer.

 

We likely agree on this. I think that some hair-splitting helps in seeing the world of trouble that we face.

But with the rate at which new malware is now being created -- about 17,000 different executables a day (see here) -- there is not much time to get too philosophical about things. One new malware executable every five seconds has reduced the ability of malware labs to name nicely. One vendor gives the name "W32/Malware" to 15,000 distinctly different executables. I see no objection to this. I believe that it is by the file's MD5 that we can best refer to a file, not by some ascribed malware name.

 

Sorry if this was already mentioned but how do we report false positives?

 

Send us info on a false positive by emailing the MD5 of the file to Support@BugBopper.com. If the file has a Confidence Score much higher than about 10% in BugBopper's log, please include a note on why you think this is a false positive.
You may use the Confidence Score to help you decide whether a file is a false positive or not. We thought it would be better to show you files with low Confidence scores than to hide them altogether. You can easily choose to kill only those files with Confidence Scores that are higher than 50% (or some other percentage, if you wish).

 

Great. Thank you David.

 

Bought Bughumper & like it so far.

WISH LIST- Right click scan so I can scan one specific file (such as a recent download) for nasties.

 

lol

Is there a trial for this product?

 

You can download Wuzzup -- it's free & 99.99% the same as da Bugger.

 

This is on our wish list, too. I hope we'll have the feature soon.

 

Thanks, I'm gonna take a snapshot and give wuzzy a try.

BTW: Enjoy you copy of Bugwump!

 

Well having bought this a couple of weeks ago,run it a few times and followed the developers responses on here I have to say I'm liking how they work.

This project could evolve into a highly impressive piece of kit if this early promise is continued.

 

@David, what about my wishlist, that I told few posts back..??
https://www.wilderssecurity.com/showpost.php?p=1717492&postcount=105

 

In its first scan on a new machine, Wuzzup/BugBopper may upload hundreds or even thousands of files, most of them very small; temporary internet files and scripts, and DLLs of the less-common consumer software that may be installed. Offering a choice of these to upload would be messy and counterproductive; the more of these we have analyzed, and the larger our user base grows, the fewer uploads the next new user will do (no file is ever uploaded twice, unless by two users all but simultaneously).

Purely for efficiency and throughput, WZ and BB hold very large files in a separate upload queue, and send those only after all smaller files have been sent. It would be possible in principle to display this queue, and allow case-by-case user decisions, but this is a degree of interface complexity that we hope to avoid. In any case, we have found some very nasty malware in very large installer files (350MB-750MB), particularly for games, but also for video players, free authoring software and the like. We think that it's important to examine these files, as indeed, user suspicion of them tends to be low.

Users having a slower connection – for example, most DSL connections have relatively slow upload speeds – may be understandably impatient. The program can of course be minimized until it finishes, and the burden on download speeds is very small, so interference with most kinds of web use is minimal. In the end, it is always possible to cancel all remaining uploads and leave the burden to somebody else. We would hope to view that charitably, but it does somewhat defeat Wuzzup and BugBopper's purpose.

Two items in our development plan, though of uncertain date, are (a) no-fly zones, or the ability to designate folders and/or files as "don't scan here" (perhaps you have self-written software that nobody else will ever see, and that you know cannot be malware); and (b) right-click scanning of directories or files from Explorer, for when suspicion points to a new download or similar.

 

Approx how many MB's were uploaded to WZ or BB cloud sever when a clean system was scanned with them? Secondly as you said that you have saw many nasty malwares in very large installers/container files (Even i have saw that) then can you please let us know how BB or WZ deal with that situation? Do they upload the whole file or attached file? And if they upload the whole file then it will take ages for slow broadband users to upload the file... And if it upload the malware only, then how can you please let me know how you de-attach the malware from that embedded installer?

Secondly i would like to suggest you that there should be an option in WZ or BB, so that user able to see what BB or WZ is uploading to their server, so that they can be assure that nothing wrong is going to cloud server, which can affect their privacy... You can use the way Hitman Pro is doing...

This would be really nice feature i must say... Its really a must have feature in any anti-malware software... Waiting for the same to be implemented very soon.

 

Thanks David for the explanations and waiting for the features to be included.

About uploading there is another limitations for some users who have a fixed limit for download+upload. So, I think showing up items indeed is necessary mainly because of the size and about privacy concerns as Avinash said. You may include this view it as an advanced option.

And as Avinash pointed you may implement an unpacker in the software which will unpack the installer in a virtual environment and scan it so that only malware part of the installer will be uploaded...

 

Good questions. The amount uploaded varies considerably from one user to another. For some users, one Mb or less might be uploaded on the first scan; for others, it can be several Mb. We never upload the same file twice from your machine, and if it was ever uploaded from any machine, it will not be uploaded from yours. So the total number of uploads is minimized.

Uploads always go to our own secure server, and no where else. When information is added to our database, it is detached from the source of that information, so things are completely confidential.

We're on the case. I hope to have some pleasant news soon.

 

Thanks David.

Looking forward to these two features.

 

@BugBopperGuy
The compromises I can think of for the big uploads are:

-Option to set limit size for file uploads; say only upload files <10 mb. Files >10 mb will be ignored and listed for future upload with user's approval.

-When uploading (large) files use P2P service so that the burden will not be of one but of all; as you say there are sometimes simultaneous uploads of the same file.

 

Hi David,

As you said that for some users upload would be 1 MB and for some users it would be several MB...But still i am not able to understand how you conclude that X file is to uploaded and Y not? Secondly do you also check digital signatures of file, i mean does WZ or BB scan Digital Signature files also or do they scan only non-digi signature files?
** As you said, that BB or WZ never upload same file twice..So how did you achieve this? Any log-File created at local PC? And if YES, then where we can see that log file? And if the log-file is created in another or encrypted format, then why don't you make it in a plain notepad format?
** As far as uploading is concerned you haven't told us that how you de-attach a malware or un-pack a malware which is embedded or attached to a large file? Say if the malware is inside a large container/.exe file of 300 MB then how you get that malware? Do you unpack the malware and upload the file or do you upload the whole archive/container file?

We can understand this and really appreciate that you guys keep our information in completely confidential environment...But don't you think that its users right to know what has been uploaded to your server? I guess everybody would appreciate that if you add log file where user can see that what files has been uploaded to your cloud severs.. This will increase their trust on your product.

Eagerly waiting ..

 

You've asked good questions. We have lots of proprietary technology at work in our two products, and I'm reluctant to say very much here.

We make the decision about whether something has ever been uploaded by creating a signature for it, and then simply checking our database for that signature.

We do have a sort of log that we use to track what we've uploaded, so that we only need to upload it once. Much malware will place 2 or more copies of a file on a drive, using different names. If we know one of these, we can detect both.

Of course, we could show the upload log to users, but I don't know what it would gain them. Most users are not as curious as you, I think, and most seem to argue for fewer controls, fewer decisions to make. In contrast, the gang here at Wilders is as clever as users get, and always wants more control. But we want to start with a product that has mass appeal, and I don't know if we'll ever have an option to review the log.

I don't think my answers here will be very satisfying, but I do want to protect some of our trade secrets.

 

this is called good customer service, i also try to purchase on aug 4 bugbopper license for the entire house for 5.00 and the site kept on telling me 29 dollars so sat i email Jim Hetland and told him my problem and that i was a member of wilders security forums on sunday morning i receive a email from jim and this is what it said Sorry about the price mixup, it was not intentional but the
introductory price has indeed ended. The Wilders forum feedback has been
very helpful to us, so I've gone ahead and issued you a license, no charge.
So i also agree with Securon also Kudos to Jim Hetland. mrgigabyte

 

Good Morning! Anyone aware of the updated features of BugBopper 1.1.0.8131? as too what enhancements have been introduced...and how it varies from the original product ?...Sincerely...Securon

 

What's new in BugBopper v1.1.0.8131

Smaller size -- about 550 Kb smaller than previous version, and smaller than any other malware scanner.
Ability to easily move licensed BugBopper to another machine
Notification if the registered email is found to be undeliverable
Ability to correct registration misspellings, etc.
Minor bug fixes and UI enhancements