Jump to content


Photo

Malwarebytes on VirusTotal or another online virus scanning service?


  • This topic is locked This topic is locked
5 replies to this topic

#1 trojkilla

trojkilla

    Malware Hunter

  • Malware Hunters
  • PipPipPipPip
  • 369 posts
  • Gender:Male

Posted 16 April 2012 - 06:17 PM

Hey,

I was wondering if for the sake of malware research and detection that MBAM could perhaps join the vendors that are included in online virus-scanning services such as VirusTotal, Jotti, and MetaScan.

I think this would greatly increase your ability to collect new samples and threat intelligence.

#2 CarrotFlowers

CarrotFlowers

    Staff

  • Members
  • Pip
  • 27 posts
  • Gender:Female

Posted 23 April 2012 - 01:27 PM

Hey Trojkilla, thanks for the suggestion. Our teams have weekly meetings about general improvements to the program. I will definetely add this one to the list.

Thanks!

#3 noknojon

noknojon

    you know why ---

  • Honorary Members
  • PipPipPipPipPipPip
  • 6,090 posts
  • Gender:Male

Posted 24 April 2012 - 06:10 PM

Hi -
VirusTotal, Jotti, and MetaScan usually are just "reporting back" if the item has been already found by xxx virus and malware programs as an infection, or they have already rated them as dangerous. It is not actually (from what I understand) a research facility, but a collection / reporting facility -
I will be corrected if I am a bit out with this, but programs like SystemLookup are similar, in that they report back on details submitted and found by A/virus and A/malware companies, and maintained by great people such as, TonyKlein, miekiemoes, random/random, nasdaq, Vino Rosso, Zupe, Rorschach112, myrti, Gammo and several others -

Regards -
As an extra, this has already been put up several times, in several other ways, but is usually rejected -
Just another private helper .......................... The answer is always 42, or Reboot
If you are waiting for an answer Press F5 ................. you may have one waiting for you ........

#4 DarkSnakeKobra

DarkSnakeKobra

    May the penguin be with you!

  • Honorary Members
  • PipPipPipPipPipPip
  • 5,262 posts
  • Gender:Male
  • Location:~
  • Interests:Scripting, GNU/Linux, photography

Posted 24 April 2012 - 06:46 PM

Hi -
VirusTotal, Jotti, and MetaScan usually are just "reporting back" if the item has been already found by xxx virus and malware programs as an infection, or they have already rated them as dangerous. It is not actually (from what I understand) a research facility, but a collection / reporting facility -
I will be corrected if I am a bit out with this, but programs like SystemLookup are similar, in that they report back on details submitted and found by A/virus and A/malware companies, and maintained by great people such as, TonyKlein, miekiemoes, random/random, nasdaq, Vino Rosso, Zupe, Rorschach112, myrti, Gammo and several others -
Regards -


Virus Total is just a service that scans the file against multiple antimalware scanners to give you an idea if it's a false positive or actual malware. Each month they send all the samples to the vendors that did not detect it.

That's not correct. Virus Total is owned by Hispasec Sistemas and System Lookup is owned by Javacool. People can register and contribute to the projects.

I'm not a staff member just another Malwarebytes' user.

Advice: Hug your dog, cat etc everyday! :)


#5 noknojon

noknojon

    you know why ---

  • Honorary Members
  • PipPipPipPipPipPip
  • 6,090 posts
  • Gender:Male

Posted 24 April 2012 - 09:44 PM

Virus Total is just a service that scans the file against multiple antimalware scanners to give you an idea if it's a false positive or actual malware. Each month they send all the samples to the vendors that did not detect it.

I believe that is basically what I said Here >> already found by xxx virus and malware programs as an infection<< If it is never detected by anyone you usually get a Negative or a False/Pos reply -

That's not correct. Virus Total is owned by Hispasec Sistemas and System Lookup is owned by Javacool. People can register and contribute to the projects.

And, yes I did make note of many of the people who started and contribute to areas of that program, but not owners -
Please read the drop-down links on SystemLookup and you will find people who contribute to and maintain each section -
Examples - - - -
- CLSID LIST Started by: Tony Klein - Maintained by: TonyKlein, miekiemoes -
- O4 Startups Started by: Paul Collins - Maintained by: random/random, nasdaq, Vino Rosso
- O10 LSPs Started by: Zupe - Maintained by: Zupe
Etc / Etc - I often use / read this list, so I do know of the starters and contributors "in general", as stated -

Please fully read, or check, the full details of a post prior to totally condemming it - :angry2:
Just another private helper .......................... The answer is always 42, or Reboot
If you are waiting for an answer Press F5 ................. you may have one waiting for you ........

#6 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,183 posts
  • Gender:Male
  • Location:US

Posted 24 April 2012 - 10:00 PM

Let's all please remember to try to remain courteous with each other.

I will go ahead and close this topic now as the question has been answered and commented on.

Thank you everyone

Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users