VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:74
Behavior list
Basic Information
MD5:74979a1ef13a969a29d6b68007d5bd7d
file type:zip
Production company:
version:
Shell or compiler information:COMPILER:Elan
Subfile information:半夏40.exe / 208344bb3e7d71f34b1f0cf5cce5aa86 / EXE
破解补丁.exe / d94229d98fc830ad295713d9390675d3 / EXE
Key behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
Local\UrlZonesSM_Administrator
Behavior description:设置特殊文件夹属性
details:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
Behavior description:隐藏指定窗口
details:[Window,Class] = [,Button]
[Window,Class] = [,_EL_Timer]
Process behavior
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
Local\UrlZonesSM_Administrator
Behavior description:设置特殊文件夹属性
details:C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
Behavior description:修改文件内容
details:C:\kss.ini---> Offset = 0
Behavior description:查找文件
details:FileName = c:\windows\system32\drivers\etc\hosts
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
FileName = C:\WINDOWS\system32\Ras\*.pbk
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
Network behavior
Behavior description:连接指定站点
details:InternetConnectA: ServerName = vv9.hphu.com, PORT = 8081
Behavior description:建立到一个指定的套接字连接
details:127.0.0.1:1031
Behavior description:打开HTTP请求
details:HttpOpenRequestA: vv9.hphu.com:8081/kss_api/io.php?a=uplog&apiver=905&c=0&gdata=1&softcode=1002501&&lgid=0&f=&x=51122486171, hConnect = 0x0000056c
Registry behavior
Behavior description:修改注册表
details:\REGISTRY\MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
\REGISTRY\MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\ID
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
Behavior description:删除注册表键
details:\REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW
Behavior description:删除注册表键值_IE连接设置
details:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
Behavior description:删除注册表键值
details:\REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\DWFileTreeRoot
Other behavior
Behavior description:创建互斥体
details:RasPbFile
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
DDrawWindowListMutex
DDrawDriverObjectListMutex
__DDrawExclMode__
__DDrawCheckExclMode__
ini_read_write
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Behavior description:隐藏指定窗口
details:[Window,Class] = [,Button]
[Window,Class] = [,_EL_Timer]
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号