VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:81
Behavior list
Basic Information
MD5:bb1e5e9857f6c5f6d82882da728ec137
file type:Nsis
Production company:Softjie
version:1.0.0.0
Shell or compiler information:
Subfile information:top.bmp / 6d219029cc0acb9de86a714a1e0ca5aa / Unknown
IsShortcut.icodumpFile / df38961cab652af0ea98f218a9ba042b / Unknown
IsShortcut.ico / df38961cab652af0ea98f218a9ba042b / Unknown
InstallOptions.dlldumpFile / 0dc0cc7a6d9db685bf05a7e5f3ea4781 / DLL
InstallOptions.dll / 0dc0cc7a6d9db685bf05a7e5f3ea4781 / DLL
KillProcDLL.dlldumpFile / 99f345cf51b6c3c317d20a81acb11012 / DLL
top.bmpdumpFile / 6d219029cc0acb9de86a714a1e0ca5aa / Unknown
KillProcDLL.dll / 99f345cf51b6c3c317d20a81acb11012 / DLL
[NSIS].nsidumpFile / c3ab0642643986c037661f393ce35119 / Unknown
[NSIS].nsi / 61c143e3f1a35e5f5f6795dd9e4710eb / Unknown
io.inidumpFile / cd39890d4da1b12632ebd6da6f8aab09 / Unknown
io.ini / cd39890d4da1b12632ebd6da6f8aab09 / Unknown
Key behavior
Behavior description:隐藏指定窗口
details:[Window,Class] = [,Button]
File behavior
Behavior description:创建可执行文件
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsp5.tmp\InstallOptions.dll
Behavior description:修改文件内容
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsp5.tmp\io.ini---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsp5.tmp\top.bmp---> Offset = 49152
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsp5.tmp\io.ini---> Offset = 119
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsp5.tmp\io.ini---> Offset = 225
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsp5.tmp\io.ini---> Offset = 333
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsp5.tmp\io.ini---> Offset = 456
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsp5.tmp\io.ini---> Offset = 546
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsp5.tmp\io.ini---> Offset = 692
Registry behavior
Behavior description:修改注册表
details:\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\X\BaseClass
Other behavior
Behavior description:窗口信息
details:Pid = 1924, Hwnd=0xe016e, Text = 去除Win7快捷方式箭头, ClassName = Button(GroupBox).
Pid = 1924, Hwnd=0xa0198, Text = 去除箭头, ClassName = Button.
Pid = 1924, Hwnd=0xd01a4, Text = 恢复箭头, ClassName = Button.
Pid = 1924, Hwnd=0xc01e8, Text = 还能解决图标或程序无法添加到任务栏问题, ClassName = Static.
Pid = 1924, Hwnd=0xb01be, Text = 点击访问软件街 www.softjie.cn, ClassName = Button.
Pid = 1924, Hwnd=0xd0166, Text = 去除win7快捷方式箭头, ClassName = #32770.
Behavior description:隐藏指定窗口
details:[Window,Class] = [,Button]
Behavior description:打开图片文件
details:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\nsp5.tmp\top.bmp
Behavior description:获取系统权限
details:SE_LOAD_DRIVER_PRIVILEGE
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号