Webroot added to VirusTotal

  • 14 February 2017
  • 33 replies
  • 2195 views


Show first post

33 replies

Userlevel 7
Badge +55
@ wrote:
Thanks Paul for explaining the Webroot PE Scanner on Virus Total. One question though, what exactly does PE stand for?
 
The Portable Executable (PE) format is a file format for executables, object code, DLLs, FON Font files,[1] and others used in 32-bit and 64-bit versions of Windows operating systems. The PE format is a data structure that encapsulates the information necessary for the Windows OS loader to manage the wrapped executable code. This includes dynamic library references for linking, API export and import tables, resource management data and thread-local storage (TLS) data. On NT operating systems, the PE format is used for EXE, DLL, SYS (device driver), and other file types. The Extensible Firmware Interface (EFI) specification states that PE is the standard executable format in EFI environments.
 
https://en.wikipedia.org/wiki/Portable_Executable
 
http://blog.virustotal.com/2017/02/virustotal-webroot.html
Userlevel 7
Badge +34
Thanks TH. 😃
Userlevel 2
Pigs fly and miracles do happen!   Must have been a cold day there for this to finally happen.
/me is picking his jaw up from the floor.  :mansurprised:
 
 
 
 
Userlevel 7
Badge +55
@ wrote:
Pigs fly and miracles do happen!   Must have been a cold day there for this to finally happen.
/me is picking his jaw up from the floor.  :mansurprised:
 
 
 
 
That's how I feel.....I thought it would never happen by some Webroot Staff I have talked to over the years. But I guess Times change.....
Userlevel 7
Badge +32
@ wrote:
It's a commandline scanner which is not publicly available.  It's leverages our cloud in a similar way to our SecureAnywhere product, but is missing many efficacy components seen in our production agent, which could lead to samples being potentially missed via VT vs. the public SecureAnywhere agent. Hence we have named the VT Scanner, Webroot PE Scanner, to ensure differentiation.
 
If in doubt, use our agent.
 
Paul
To add to what Paul said, all of the scanners on VT are commandline scanners and the results from any of the scanners on VT may differ from publicly available products. 
 
I highly recommend reading the About page on VirusTotal, particularly the "Important notes and remarks" section.
 
-Dan
Userlevel 6
FINALLY it has happened for webroot too! nice for this company for getting this kind of recognition after all these years of hard labour!!! 😛
@ wrote:
The antivirus result displays a green circle with a white tick mark, what does this mean?



VirusTotal makes use of the symbol to indicate that the given file was not detected in any way by the antivirus under consideration. We do not use the word "clean" or "innocuous" because antivirus solutions do not tell you whether a file is goodware, they just flag maliciousness.
https://www.virustotal.com/en/faq/
The new VirusTotal website is available here. Google says the new interface is still under testing and it might change prior to its official launch.

Will we see BrightCloud URL determinations available on VT?

Reply