VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

File information
Safety rating:89
Behavior list
Basic Information
MD5:a7e68480d3acad5e8571124d4fc274b2
file type:Rar
Production company:
version:
Shell or compiler information:COMPILER:Borland Delphi 2.0 [Overlay]
Subfile information:HD_9.2.exe / e16867f88833fd5313a48dbaa5e45336 / EXE
HD_9.2.jpg / 89e7eeeea54a92de960ec9ade7fe0602 / Unknown
破解说明.txt / c028809340eff1314ef505a915db242d / Unknown
极速软件下载.url / 48195bcd2fcc73d4ed844ff646587232 / Unknown
使用说明.url / 59b9685cba5d2ac1b35f7eee4a17fa33 / Unknown
Key behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.EAI..PIKGH
MSCTF.MarshalInterface.FileMap.EAI.B.PIKGH
MSCTF.MarshalInterface.FileMap.EAI.C.PIKGH
MSCTF.MarshalInterface.FileMap.EAI.D.PIKGH
MSCTF.MarshalInterface.FileMap.EAI.E.PIKGH
MSCTF.MarshalInterface.FileMap.EAI.F.PIKGH
MSCTF.MarshalInterface.FileMap.EAI.G.PIKGH
MSCTF.Shared.SFM.EAI
MSCTF.MarshalInterface.FileMap.EAI.H.EHNKH
MSCTF.MarshalInterface.FileMap.EAI.I.DINKH
MSCTF.MarshalInterface.FileMap.EAI.J.DINKH
MSCTF.MarshalInterface.FileMap.EAI.K.DINKH
MSCTF.MarshalInterface.FileMap.EAI.L.DJNKH
MSCTF.MarshalInterface.FileMap.EAI.M.DJNKH
Behavior description:隐藏指定窗口
details:[Window,Class] = [,Auto-Suggest Dropdown]
[Window,Class] = [,ComboLBox]
Process behavior
Behavior description:创建新文件进程
details:ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-P0LQE.tmp\HD_9.2.tmp, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-P0LQE.tmp\HD_9.2.tmp" /SL5="$202A2,1955063,69632,C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1445424529.448019.exe_7zdump\HD_9.2.exe"
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:创建可执行文件
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-P0LQE.tmp\HD_9.2.tmp
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-V5AS2.tmp\_isetup\_shfoldr.dll
C:\Program Files\豪迪2015破解版\is-QNI22.tmp
C:\Program Files\豪迪2015破解版\is-EK0V9.tmp
C:\Program Files\豪迪2015破解版\is-2GADI.tmp
C:\Program Files\豪迪2015破解版\is-N7S28.tmp
C:\Program Files\豪迪2015破解版\is-E51CK.tmp
C:\Program Files\豪迪2015破解版\is-CS3IG.tmp
C:\Program Files\豪迪2015破解版\is-6P30D.tmp
Behavior description:查找文件
details:FileName = C:\DOCUME~1
FileName = C:\DOCUME~1\ADMINI~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-P0LQE.tmp
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-P0LQE.tmp\HD_9.2.tmp
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\「开始」菜单
FileName = C:\Documents and Settings\Administrator\「开始」菜单\程序
FileName = C:\*.*
FileName = C:\Program Files\豪迪2015破解版\unins???.*
FileName = C:\Program Files\豪迪2015破解版\Client.exe
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.EAI..PIKGH
MSCTF.MarshalInterface.FileMap.EAI.B.PIKGH
MSCTF.MarshalInterface.FileMap.EAI.C.PIKGH
MSCTF.MarshalInterface.FileMap.EAI.D.PIKGH
MSCTF.MarshalInterface.FileMap.EAI.E.PIKGH
MSCTF.MarshalInterface.FileMap.EAI.F.PIKGH
MSCTF.MarshalInterface.FileMap.EAI.G.PIKGH
MSCTF.Shared.SFM.EAI
MSCTF.MarshalInterface.FileMap.EAI.H.EHNKH
MSCTF.MarshalInterface.FileMap.EAI.I.DINKH
MSCTF.MarshalInterface.FileMap.EAI.J.DINKH
MSCTF.MarshalInterface.FileMap.EAI.K.DINKH
MSCTF.MarshalInterface.FileMap.EAI.L.DJNKH
MSCTF.MarshalInterface.FileMap.EAI.M.DJNKH
Behavior description:重命名文件
details:C:\Program Files\豪迪2015破解版\is-QNI22.tmp ---> C:\Program Files\豪迪2015破解版\unins000.exe
C:\Program Files\豪迪2015破解版\is-EK0V9.tmp ---> C:\Program Files\豪迪2015破解版\Client.exe
C:\Program Files\豪迪2015破解版\is-2GADI.tmp ---> C:\Program Files\豪迪2015破解版\CheckVer1.dll
C:\Program Files\豪迪2015破解版\is-N7S28.tmp ---> C:\Program Files\豪迪2015破解版\Client.exe
C:\Program Files\豪迪2015破解版\is-P58BT.tmp ---> C:\Program Files\豪迪2015破解版\Desklog.dll
C:\Program Files\豪迪2015破解版\is-08I7E.tmp ---> C:\Program Files\豪迪2015破解版\DingShi.txt
C:\Program Files\豪迪2015破解版\is-2U99E.tmp ---> C:\Program Files\豪迪2015破解版\DuoMsg-1.txt
C:\Program Files\豪迪2015破解版\is-E51CK.tmp ---> C:\Program Files\豪迪2015破解版\GetInfo.dll
C:\Program Files\豪迪2015破解版\is-DAPQO.tmp ---> C:\Program Files\豪迪2015破解版\Ico.ico
C:\Program Files\豪迪2015破解版\is-F1ROM.tmp ---> C:\Program Files\豪迪2015破解版\Icon_1.ico
C:\Program Files\豪迪2015破解版\is-7NK2M.tmp ---> C:\Program Files\豪迪2015破解版\JinFaList.txt
C:\Program Files\豪迪2015破解版\is-QCUPU.tmp ---> C:\Program Files\豪迪2015破解版\OneMsg-1.txt
C:\Program Files\豪迪2015破解版\is-MFI8C.tmp ---> C:\Program Files\豪迪2015破解版\option.ini
C:\Program Files\豪迪2015破解版\is-OMGJP.tmp ---> C:\Program Files\豪迪2015破解版\option_lb_PictureName
C:\Program Files\豪迪2015破解版\is-561T3.tmp ---> C:\Program Files\豪迪2015破解版\option_lb_RandTextFile
Behavior description:修改文件内容
details:C:\Program Files\豪迪2015破解版\is-P58BT.tmp---> Offset = 0
C:\Program Files\豪迪2015破解版\is-08I7E.tmp---> Offset = 0
C:\Program Files\豪迪2015破解版\is-2U99E.tmp---> Offset = 0
C:\Program Files\豪迪2015破解版\is-DAPQO.tmp---> Offset = 0
C:\Program Files\豪迪2015破解版\is-F1ROM.tmp---> Offset = 0
C:\Program Files\豪迪2015破解版\is-7NK2M.tmp---> Offset = 0
C:\Program Files\豪迪2015破解版\is-QCUPU.tmp---> Offset = 0
C:\Program Files\豪迪2015破解版\is-MFI8C.tmp---> Offset = 0
C:\Program Files\豪迪2015破解版\is-OMGJP.tmp---> Offset = 0
C:\Program Files\豪迪2015破解版\is-561T3.tmp---> Offset = 0
C:\Program Files\豪迪2015破解版\is-OBVSV.tmp---> Offset = 0
C:\Program Files\豪迪2015破解版\is-272DE.tmp---> Offset = 0
C:\Program Files\豪迪2015破解版\is-LFDSE.tmp---> Offset = 0
C:\Program Files\豪迪2015破解版\is-FHJQT.tmp---> Offset = 0
C:\Program Files\豪迪2015破解版\is-AJ7EE.tmp---> Offset = 0
Behavior description:修改新生成的可执行文件
details:C:\Program Files\豪迪2015破解版\is-QNI22.tmp---> Offset = 739553
Other behavior
Behavior description:创建互斥体
details:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.EAI
Behavior description:隐藏指定窗口
details:[Window,Class] = [,Auto-Suggest Dropdown]
[Window,Class] = [,ComboLBox]
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [OleMainThreadWndClass,]
Behavior description:窗口信息
details:Pid = 940, Hwnd=0x502ce, Text = 欢迎使用 豪迪2015破解版 安装向导 , ClassName = TNewStaticText.
Pid = 940, Hwnd=0x702c0, Text = 现在将安装 豪迪2015破解版 版本 2015 到您的电脑中。 推荐您在继续安装前关闭所有其它应用程序。 单击“下一步”继续,或单击“取消, ClassName = TNewStaticText.
Pid = 940, Hwnd=0x302c2, Text = C:\Program Files\豪迪2015破解版, ClassName = TEdit.
Pid = 940, Hwnd=0x202ac, Text = 下一步(&N) >, ClassName = TNewButton.
Pid = 940, Hwnd=0x202aa, Text = 取消, ClassName = TNewButton.
Pid = 940, Hwnd=0x402bc, Text = 安装 - 豪迪2015破解版, ClassName = TWizardForm.
Pid = 940, Hwnd=0x102e4, Text = 选择目标位置, ClassName = TNewStaticText.
Pid = 940, Hwnd=0x102e2, Text = 您想将 豪迪2015破解版 安装在什么地方?, ClassName = TNewStaticText.
Pid = 940, Hwnd=0x102de, Text = 安装程序将安装 豪迪2015破解版 到下列文件夹中。, ClassName = TNewStaticText.
Pid = 940, Hwnd=0x202d2, Text = 单击“下一步”继续。如果您想选择其它文件夹,单击“浏览”。, ClassName = TNewStaticText.
Pid = 940, Hwnd=0x202d0, Text = 浏览(&R)..., ClassName = TNewButton.
Pid = 940, Hwnd=0x302b6, Text = 至少需要有 8.0 MB 的可用磁盘空间。, ClassName = TNewStaticText.
Pid = 940, Hwnd=0x102e6, Text = < 上一步(&B), ClassName = TNewButton.
Pid = 940, Hwnd=0x102e4, Text = 选择开始菜单文件夹, ClassName = TNewStaticText.
Pid = 940, Hwnd=0x102e2, Text = 您想在哪里放置程序的快捷方式?, ClassName = TNewStaticText.
Behavior description:获取系统权限
details:SE_LOAD_DRIVER_PRIVILEGE
Behavior description:枚举窗口
details:N/A
Behavior description:打开图片文件
details:\Program Files\豪迪2015破解版\images\12.jpg
\Program Files\豪迪2015破解版\images\14.jpg
\Program Files\豪迪2015破解版\images\15.jpg
\Program Files\豪迪2015破解版\images\17.jpg
\Program Files\豪迪2015破解版\images\19.jpg
\Program Files\豪迪2015破解版\images\2.jpg
\Program Files\豪迪2015破解版\images\20.jpg
\Program Files\豪迪2015破解版\images\21.jpg
\Program Files\豪迪2015破解版\images\22.jpg
\Program Files\豪迪2015破解版\images\23.jpg
\Program Files\豪迪2015破解版\images\24.jpg
\Program Files\豪迪2015破解版\images\27.jpg
\Program Files\豪迪2015破解版\images\28.jpg
\Program Files\豪迪2015破解版\images\30.jpg
\Program Files\豪迪2015破解版\images\31.jpg
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号