VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:84
Behavior list
Basic Information
MD5:ce4a0acd8bf985a4f69a027c75f7ed5d
file type:Rar
Production company:
version:
Shell or compiler information:COMPILER:Microsoft Visual C++ 7.0 [调试]
Subfile information:ddosmonitor.exe / d45095646b144100f0699642fb71092d / EXE
npptools.dlldumpFile / 38e7f4e56118d91df929dba40035c017 / DLL
npptools.dll / 38e7f4e56118d91df929dba40035c017 / DLL
0106dumpFile / 6265c4e2300701e309336f34a9412a3d / SYS
0106dumpFile / 6265c4e2300701e309336f34a9412a3d / SYS
ddosmonitor.exedumpFile / d45095646b144100f0699642fb71092d / EXE
0107dumpFile / ee4481bad2304431127180cff841e22f / SYS
0107dumpFile / ee4481bad2304431127180cff841e22f / SYS
0105dumpFile / 505490462ba3fc7132cbe218e8abf68e / SYS
0105dumpFile / 505490462ba3fc7132cbe218e8abf68e / SYS
使用说明.txtdumpFile / faf32289b495207d9e8889be288b893b / Unknown
使用说明.txt / faf32289b495207d9e8889be288b893b / Unknown
FortGuard DDoS Attack Monitor ver 1.3.txtdumpFile / daed5a629edeb40aa1c1fc08f1d22999 / Unknown
FortGuard DDoS Attack Monitor ver 1.3.txt / daed5a629edeb40aa1c1fc08f1d22999 / Unknown
help.htmdumpFile / a53d2b9cc872a8faacc0afee26f30887 / Unknown
help.htm / a53d2b9cc872a8faacc0afee26f30887 / Unknown
ddosmonitordumpFile / d41d8cd98f00b204e9800998ecf8427e / Unknown
Key behavior
Behavior description:常规加载驱动
details:system32\drivers\npf.sys
Behavior description:创建系统服务
details:[服务创建成功]: NPF, system32\drivers\npf.sys
File behavior
Behavior description:创建可执行文件
details:C:\WINDOWS\system32\drivers\npf.sys
Other behavior
Behavior description:创建驱动文件镜像
details:C:\WINDOWS\system32\drivers\npf.sys
Behavior description:常规加载驱动
details:system32\drivers\npf.sys
Behavior description:窗口信息
details:Pid = 1100, Hwnd=0xb016a, Text = SYN Packets/s:, ClassName = Static.
Pid = 1100, Hwnd=0xb01de, Text = ACK Packets/s:, ClassName = Static.
Pid = 1100, Hwnd=0xc01d6, Text = UDP Packets/s:, ClassName = Static.
Pid = 1100, Hwnd=0xd01c8, Text = ICMP Packets/s:, ClassName = Static.
Pid = 1100, Hwnd=0xc01c2, Text = 0, ClassName = Static.
Pid = 1100, Hwnd=0xb01c6, Text = 0, ClassName = Static.
Pid = 1100, Hwnd=0xb0184, Text = 0, ClassName = Static.
Pid = 1100, Hwnd=0xa01aa, Text = 0, ClassName = Static.
Pid = 1100, Hwnd=0xb01b0, Text = Receive:, ClassName = Static.
Pid = 1100, Hwnd=0xa018c, Text = 0.00, ClassName = Static.
Pid = 1100, Hwnd=0xe016e, Text = Mbps, ClassName = Static.
Pid = 1100, Hwnd=0xd01a4, Text = 9%, ClassName = Static.
Pid = 1100, Hwnd=0xc01e8, Text = TCP Connections:, ClassName = Static.
Pid = 1100, Hwnd=0xa0196, Text = 0, ClassName = Static.
Pid = 1100, Hwnd=0xb0170, Text = DDoS Attack Status, ClassName = Button(GroupBox).
Behavior description:启动系统服务
details:[服务启动成功]: , Netgroup Packet Filter, system32\drivers\npf.sys
Behavior description:创建系统服务
details:[服务创建成功]: NPF, system32\drivers\npf.sys
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号