搜索
楼主: Jerry.Lin
收起左侧

[原创工具] 【更新1.09】VirusTotal Smart Scanner

  [复制链接]
Jerry.Lin
 楼主| 发表于 2018-9-28 19:38:36 | 显示全部楼层

sorry emmm... I can't see the pictures

could you use image hosting?.. cos this forum's server has some trouble
petr0vic
发表于 2018-9-28 20:55:22 | 显示全部楼层
191196846 发表于 2018-9-28 19:38
sorry emmm... I can't see the pictures

could you use image hosting?.. cos this forum's server h ...

edited
Jerry.Lin
 楼主| 发表于 2018-9-28 21:20:03 | 显示全部楼层
本帖最后由 191196846 于 2018-9-28 21:32 编辑
petr0vic 发表于 2018-9-28 19:07
1-scan&upload
2-close (upload in progress)

1&2

If you choose to "auto upload files", the files would be uploaded immediately if the query result is "unknown" (scan buttom status "scanning.."), and after querying all files, the scanner would query again these previous unknown files to get the lastest result ( scan buttom status "updating..").


The reason why the process still exsits after closing main window is that it is still uploading files and does not get any feedback,including successes or errors like "fail", and I do not set timeout ( because of difference of uploading speed or file size ) . Once it has the result and sends message to the non existing main window, the thread would automatically exit because of errors.  Python's child thread function is not affected even if main thread is terminated...

Stop Scan Buttom will be added in the next update.


3.

Detection has two part:

first: by trusted vendors whose verdicts are very accurate and used to give the direct threat name.
second: if numbers of engines report malicous exceed the threshold (in settings), the threat name would be "malware"

===
It seems the result does not have any trusted vendors' malicious verdict , so ...

if engines threshold in Settings is 80% , then 66*(1-0.8) = 13 -> It means if there are more than 13 engines on VT reports "malicious", then result would be "malware". The picture shows only 12, so...

You can change the engines threshold to higher value if you want higher detection rate (like 90, but must not be 100 because you know..)

评分

参与人数 1人气 +1 收起 理由
petr0vic + 1 thanks

查看全部评分

a7878330
发表于 2018-9-28 22:56:25 | 显示全部楼层
你做的作品不錯喔可用於病毒識別
真的太厲害了
caojp
发表于 2018-9-29 09:30:12 | 显示全部楼层
你好,这个工具挺好用的,非常感谢!但是我有一个情况不太明白:是要扫描结束了才能在 log/ 下看到吗?
Jerry.Lin
 楼主| 发表于 2018-9-29 09:32:36 | 显示全部楼层
caojp 发表于 2018-9-29 09:30
你好,这个工具挺好用的,非常感谢!但是我有一个情况不太明白:是要扫描结束了才能在 log/ 下看到吗?

是的,扫描完成后才会有日志生成
carf
发表于 2018-9-29 09:48:35 | 显示全部楼层
收个试试,谢谢了。
现在访问下virustotal网页都得挂梯子,真是操蛋得很。
gugames
发表于 2018-9-29 13:50:04 | 显示全部楼层
很早就想要了,谢谢
caojp
发表于 2018-9-29 14:10:37 | 显示全部楼层
191196846 发表于 2018-9-29 09:32
是的,扫描完成后才会有日志生成

谢谢✿  请问有工具可以测试样本适用的操作系统和类型吗?如果可以测试出使用的硬件设备就更好了
Jerry.Lin
 楼主| 发表于 2018-9-29 16:00:02 | 显示全部楼层
caojp 发表于 2018-9-29 14:10
谢谢✿  请问有工具可以测试样本适用的操作系统和类型吗?如果可以测试出使用的硬件设备就更好了

什么意思?
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛|卡饭乐购| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 苏ICP备07004770号 ) GMT+8, 2019-12-8 23:40 , Processed in 0.074432 second(s), 17 queries .

快速回复 返回顶部 返回列表