VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

File information
Safety rating:85
Behavior list
Basic Information
MD5:7e422f99e1162aeb6a4f5b441785b61f
file type:Rar
Production company:
version:
Shell or compiler information:COMPILER:Elan
Subfile information:user.dll / 87f8ea1def5f002568d81a24635f8931 / EXE
QQ陌生群营销推广助手35.exe / eb31a0247c000d731f4507fecc1f5b27 / EXE
JZupdate.exe / 8c18cba1806ea6400226e881c130c81c / EXE
注册机.exe / fa22af4e923226431763b07a7e69bace / EXE
hisQQ.edb / 5db0f68d9c62c347806611d81eda5ff8 / Unknown
UUWiseHelper.dll / 934ce6a7b8df0003bb7e7a6fb54c8387 / DLL
Quest.dll / 6a631d8686aadb527b199fbe8b65b212 / DLL
FastVerCode.dll / afbd7ce0444d74992c3a7ba2c6856819 / DLL
jzRouter.ini / 9c1c168600ee51ab69c898c7c451c5c8 / Unknown
使用文字说明.txt / 974964f2e01ff69754a87aee80254d68 / Unknown
使用文字说明.txt / 974964f2e01ff69754a87aee80254d68 / Unknown
tmp.ini / 3a60a06e3dd06f60d359a089912d80d6 / Unknown
tmp.jpg / fd22e8d9f4994c2663a1346040d2e857 / Unknown
更新日志.txt / c2a992b2f8a34451afedf46dc5d5f43b / Unknown
myQQ.edb / 21cccbd3c6de8d352573d3fc50454a8c / Unknown
faInfo.EDT / 7668d354d4624666b32f4a4f44398bce / Unknown
LZConfig.ini / 5a5db0f48aae5df2565eeea677d51c7b / Unknown
faInfo.edb / 0e045bf1af4022faaff3362b59bfaa31 / Unknown
jzShareConfig.ini / ac540fce8b54aa809cccdf7d19553b36 / Unknown
Key behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.EDC..OGCHH
MSCTF.MarshalInterface.FileMap.EDC.B.OGCHH
MSCTF.MarshalInterface.FileMap.EDC.C.OGCHH
MSCTF.MarshalInterface.FileMap.EDC.D.OGCHH
MSCTF.MarshalInterface.FileMap.EDC.E.OGCHH
MSCTF.MarshalInterface.FileMap.EDC.F.OGCHH
MSCTF.MarshalInterface.FileMap.EDC.G.OGCHH
MSCTF.Shared.SFM.EDC
MSCTF.MarshalInterface.FileMap.EDC.H.KGJLH
MSCTF.MarshalInterface.FileMap.EDC.I.KGJLH
MSCTF.MarshalInterface.FileMap.EDC.J.KGJLH
MSCTF.MarshalInterface.FileMap.EDC.K.KGJLH
MSCTF.MarshalInterface.FileMap.EDC.L.KGJLH
MSCTF.MarshalInterface.FileMap.EDC.M.KGJLH
Behavior description:屏蔽窗口关闭消息
details:hWnd = 0x000302a2, Text = 吾爱破解站 52PjZ.Com 联系QQ:317005222, ClassName = #32770.
Process behavior
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.EDC..OGCHH
MSCTF.MarshalInterface.FileMap.EDC.B.OGCHH
MSCTF.MarshalInterface.FileMap.EDC.C.OGCHH
MSCTF.MarshalInterface.FileMap.EDC.D.OGCHH
MSCTF.MarshalInterface.FileMap.EDC.E.OGCHH
MSCTF.MarshalInterface.FileMap.EDC.F.OGCHH
MSCTF.MarshalInterface.FileMap.EDC.G.OGCHH
MSCTF.Shared.SFM.EDC
MSCTF.MarshalInterface.FileMap.EDC.H.KGJLH
MSCTF.MarshalInterface.FileMap.EDC.I.KGJLH
MSCTF.MarshalInterface.FileMap.EDC.J.KGJLH
MSCTF.MarshalInterface.FileMap.EDC.K.KGJLH
MSCTF.MarshalInterface.FileMap.EDC.L.KGJLH
MSCTF.MarshalInterface.FileMap.EDC.M.KGJLH
Other behavior
Behavior description:创建互斥体
details:RasPbFile
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.EDC
Behavior description:屏蔽窗口关闭消息
details:hWnd = 0x000302a2, Text = 吾爱破解站 52PjZ.Com 联系QQ:317005222, ClassName = #32770.
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
Behavior description:窗口信息
details:Pid = 1772, Hwnd=0x202a2, Text = ZProtect, ClassName = ZProtect_LogoClass.
Pid = 1772, Hwnd=0x1031e, Text = 继续试用, ClassName = Button.
Pid = 1772, Hwnd=0x10320, Text = 更多精品资源下载, ClassName = Button.
Pid = 1772, Hwnd=0x10322, Text = 注册, ClassName = Button.
Pid = 1772, Hwnd=0x10324, Text = 4A61-DDB5-72B9-E8B1, ClassName = Edit.
Pid = 1772, Hwnd=0x10328, Text = 您当前使用的软件需要注册才能无限制的使用软件的所有功能, ClassName = Static.
Pid = 1772, Hwnd=0x1032a, Text = 机器码:, ClassName = Static.
Pid = 1772, Hwnd=0x1032c, Text = 注册码:, ClassName = Static.
Pid = 1772, Hwnd=0x1032e, Text = 用户名:, ClassName = Static.
Pid = 1772, Hwnd=0x302a2, Text = 吾爱破解站 52PjZ.Com 联系QQ:317005222, ClassName = #32770.
Behavior description:直接操作物理设备
details:\??\PhysicalDrive0
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号