两个在线扫描差距太大了
不知道这个帖子应该发到哪个地方,看到这里版规的写了两个在线扫描,于是就发这了
前面下了个MD5检测器,结果被科摩多报毒了。觉得科摩多是误报,所以直接就点“忽略”了。
突然有点好奇,看看别的软件有啥反应,索性分别提交到两个在线扫描网。结果却让我大吃一惊。
virscan.org有31%报毒,virustotal.com却高达70%。扫描报告如下:
[quote]
Antivirus Version Last Update Result
a-squared 5.0.0.26 2010.06.10 Worm.Win32.Nuj!IK
AhnLab-V3 2010.06.10.00 2010.06.10 Win-Trojan/Agent.901662
AntiVir 8.2.2.6 2010.06.09 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2010.06.08 -
Authentium 5.2.0.5 2010.06.10 W32/Nuj.A.gen!Eldorado
Avast 4.8.1351.0 2010.06.09 Win32:Trojan-gen
Avast5 5.0.332.0 2010.06.09 Win32:Trojan-gen
AVG 9.0.0.787 2010.06.09 Generic_c.CCWW
BitDefender 7.2 2010.06.10 -
CAT-QuickHeal 10.00 2010.06.10 Worm.Nuj.a
ClamAV 0.96.0.3-git 2010.06.10 Trojan.Dropper-2514
Comodo 5048 2010.06.10 ApplicUnsaf.Win32.HackTool.FlySky.AC
DrWeb 5.0.2.03300 2010.06.10 -
eSafe 7.0.17.0 2010.06.09 Win32.Downloader.age
eTrust-Vet 36.1.7624 2010.06.10 Win32/Nuj.A
F-Prot 4.6.0.103 2010.06.09 W32/Nuj.A.gen!Eldorado
F-Secure 9.0.15370.0 2010.06.10 Trojan-Downloader:W32/VB.BUE
Fortinet 4.1.133.0 2010.06.09 -
GData 21 2010.06.10 Win32:Trojan-gen
Ikarus T3.1.1.84.0 2010.06.10 Worm.Win32.Nuj
Jiangmin 13.0.900 2010.06.09 -
Kaspersky 7.0.0.125 2010.06.10 -
McAfee 5.400.0.1158 2010.06.10 Generic.dx
McAfee-GW-Edition 2010.1 2010.06.10 Generic.dx
Microsoft 1.5802 2010.06.09 Worm:Win32/Nuj.A
NOD32 5185 2010.06.09 a variant of Win32/Packed.FlyStudio
Norman 6.04.12 2010.06.09 W32/Lineage.BQNF
nProtect 2010-06-09.02 2010.06.09 -
Panda 10.0.2.7 2010.06.08 Generic Malware
PCTools 7.0.3.5 2010.06.10 -
Prevx 3.0 2010.06.10 High Risk Worm
Rising 22.51.02.03 2010.06.09 -
Sophos 4.54.0 2010.06.10 Troj/Dropr-K
Sunbelt 6428 2010.06.10 Trojan.Win32.Generic!BT
Symantec 20101.1.0.89 2010.06.10 Suspicious.AD
TheHacker 6.5.2.0.296 2010.06.10 -
TrendMicro 9.120.0.1004 2010.06.10 TROJ_ZEROML.CV
TrendMicro-HouseCall 9.120.0.1004 2010.06.10 TROJ_ZEROML.CV
VBA32 3.12.12.5 2010.06.09 -
ViRobot 2010.6.10.2347 2010.06.10 -
VirusBuster 5.0.27.0 2010.06.09 Worm.Nuj.AVA
Additional information
File size: 803807 bytes
MD5 : 8e47c5e0b2634aa514338997cb7064ee
SHA1 : 6a705485787e6049acc1573b256ac5c2ab335775
SHA256: f3989116f92d6688304e07863cac54892ccbe1db0a30fc3016a35a74a0422bd6
TrID : File type identification<BR>100.0% (.ZIP) ZIP compressed archive (4000/1)
ssdeep: 24576:5v9uFjNAv+t+znVNxrKb3BGfNK2FYeQiMy:5vcFj4nNUxGfBQC
sigcheck: publisher....: n/a<BR>copyright....: n/a<BR>product......: n/a<BR>description..: n/a<BR>original name: n/a<BR>internal name: n/a<BR>file version.: n/a<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR>
Prevx Info: <A href="http://info.prevx.com/aboutprogramtext.asp?PX5=78AC762E1EC0422BC2A30D19D0FB10001BDB44B1" target=_blank>[url=http://info.prevx.com/aboutprogramtext.asp?PX5=78AC762E1EC0422BC2A30D19D0FB10001BDB44B1<]http://info.prevx.com/aboutprogr ... D0FB10001BDB44B1<[/url];/A>
PEiD : -
RDS : NSRL Reference Data Set<BR>-
[/quote]
[quote]
VirSCAN.org Scanned Report :
Scanned time : 2010/07/31 13:56:36 (CST)
Scanner results: 31%的杀软(11/36)报告发现病毒
File Name : MD5filejiaoy.zip
File Size : 803807 byte
File Type : Zip archive data, at least v2.0 to extract
MD5 : 8e47c5e0b2634aa514338997cb7064ee
SHA1 : 6a705485787e6049acc1573b256ac5c2ab335775
Online report : [url=http://virscan.org/report/4d687bf395e91947cf2b138bd21cf52d.html]http://virscan.org/report/4d687bf395e91947cf2b138bd21cf52d.html[/url]
Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 5.0.0.13 20100731081343 2010-07-31 5.67 -
安博士V3 2010.07.14.00 2010.07.14 2010-07-14 1.29 -
AntiVir 8.2.4.32 7.10.10.25 2010-07-30 0.28 TR/Dropper.Gen
安天 2.0.18 20100731.4889791 2010-07-31 0.23 -
Arcavir 2009 201006281601 2010-06-28 0.00 -
Authentium 5.1.1 201007302103 2010-07-30 1.38 -
AVAST! 4.7.4 100730-1 2010-07-30 0.00 -
AVG 8.5.793 271.1.1/3040 2010-07-31 0.23 Generic_c.CCWW
BitDefender 7.90123.6195763 7.33105 2010-07-31 4.73 -
ClamAV 0.96.1 11464 2010-07-30 0.02 Trojan.Dropper-2514
Comodo 4.0 5593 2010-07-30 1.11 -
CP Secure 1.3.0.5 2010.07.31 2010-07-31 0.06 Troj.Downloader.W32.VB.iyl
Dr.Web 5.0.2.3300 2010.07.31 2010-07-31 9.50 -
F-Prot 4.4.4.56 20100730 2010-07-30 1.29 W32/Nuj.A.gen!Eldorado (generic, not disinfectable)
F-Secure 7.02.73807 2010.07.30.07 2010-07-30 0.14 Trojan-Downloader:W32/VB.BUE [FSE]
飞塔 4.1.143 12.198 2010-07-30 0.10 -
GData 21.598/21.223 20100731 2010-07-31 7.18 -
ViRobot 20100729 2010.07.29 2010-07-29 0.38 -
Ikarus T3.1.01.84 2010.07.30.76372 2010-07-30 7.31 Worm.Win32.Nuj
江民杀毒 13.0.900 2010.07.30 2010-07-30 1.28 -
卡巴斯基 5.5.10 2010.07.30 2010-07-30 0.83 -
金山毒霸 2009.2.5.15 2010.7.30.18 2010-07-30 0.66 -
迈克菲 5400.1158 6059 2010-07-30 17.43 Generic.dx
Microsoft 1.6004 2010.07.30 2010-07-30 5.61 -
Norman 6.05.11 6.05.00 2010-07-30 6.01 W32/Lineage.BQNF
熊猫卫士 9.05.01 2010.07.25 2010-07-25 0.54 -
趋势科技 9.120-1004 7.352.02 2010-07-30 0.03 TROJ_ZEROML.CV
Quick Heal 11.00 2010.07.30 2010-07-30 2.12 -
瑞星 20.0 22.58.05.01 2010-07-31 0.21 -
Sophos 3.10.0 4.56 2010-07-31 3.66 Troj/Dropr-K
Sunbelt 3.9.2432.2 6666 2010-07-30 11.84 -
赛门铁克 1.3.0.24 20100730.002 2010-07-30 0.10 -
nProtect 20100728.02 8808013 2010-07-28 9.43 -
The Hacker 6.5.2.1 v00328 2010-07-29 0.32 -
VBA32 3.12.12.7 20100730.0843 2010-07-30 5.98 -
VirusBuster 4.5.11.10 10.127.34/2010884 2010-07-31 2.60 -
[/quote]
同样都是多引擎扫描网,40%的差距着实有些让我不解。
即使是同一个引擎,在两个地方有的报毒有的不报毒。比如avast,4.7没报毒,4.8反而报了毒。
难道两网站采取的检测方式不同?大家有没有这种问题。
[size=7][color=navy]20.00000000000 words[/color][/size]
[[i] 本帖最后由 wangxuan8331800 于 2010-7-31 14:10 编辑 [/i]]