VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, VirSCAN can scan compressed files with password 'infected' or 'virus'.

Language
Server load
Server Load

File information
Safety rating:85
Behavior list
Basic Information
MD5:b792ba6fc1b830aaf078e3dba672a419
file type:EXE
Production company:
version:
Shell or compiler information:
Key behavior
Behavior description:检测自身是否被调试
details:N/A
Behavior description:查找反病毒常用工具窗口
details:NtUserFindWindowEx: [Class,Window] = [OLLYDBG,]
File behavior
Behavior description:修改文件内容
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{13D923C6-9788-443E-95FC-F2EE426C0977}.sui---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\{7F20AD00-20C2-4BCE-B0C9-84DD5E48FDF3}---> Offset = 98304
Other behavior
Behavior description:检测自身是否被调试
details:N/A
Behavior description:窗口信息
details:Pid = 1460, Hwnd=0xb0184, Text = , ClassName = TsuiForm.
Pid = 1460, Hwnd=0xa01aa, Text = Panel1, ClassName = TPanel.
Pid = 1460, Hwnd=0xb01b0, Text = EASYLINE SOFTWARE LICENSE AGREEMENT FOR USBEject PLEASE READ THE TERM, ClassName = TMemo.
Pid = 1460, Hwnd=0xb01be, Text = I don"t accept it, ClassName = TsuiRadioButton.
Pid = 1460, Hwnd=0xc01e8, Text = I have read the license agreement and I accept it., ClassName = TsuiRadioButton.
Pid = 1460, Hwnd=0xa0198, Text = &Continue, ClassName = TsuiButton.
Pid = 1460, Hwnd=0xb01c6, Text = Request for acceptance of the "License Agreement" USBEject, ClassName = TCONTRATTO_01.
Behavior description:枚举窗口
details:N/A
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [WispWindowClass,]
NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
Behavior description:查找反病毒常用工具窗口
details:NtUserFindWindowEx: [Class,Window] = [OLLYDBG,]
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号