VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:88
Behavior list
Basic Information
MD5:fa8d8ff83ceaea035fac58aaf241d026
file type:Cab
Production company:
version:1.0.0.6615---1, 0, 0, 6615
Shell or compiler information:
Subfile information:6000.txt / 671da4c386f2f569cd820ae074343d32 / Unknown
201.dat_DoABC_82_500 / ff9eabf8dbd9265ddf5ac9471162e65e / Unknown
AdClean.exe / f050e0279822761ab64bed8c13696b9b / EXE
AcRedirect64.dll / 05fcce01e8db28c93663df00a7461b0a / DLL
201.dat / c8559f2926c13b8af9f3334a7fb2ac05 / SWFc
AcFilter.dll / 3a818995239863129e362a3a48a0f815 / DLL
AcBrowser.dll / fe8a7532779d3d21e7b560e0ba215dfe / DLL
libcurl.dll / eb26cdc51567d11e6db129d196989e43 / DLL
AcRedirect32.dll / c813047bb44d71defbf493232ef2d738 / DLL
AcUpdate.exe / 463300beb0ab546c445343a3a7c98ac0 / EXE
AcBho.dll / f6c982c970af116efa3b45dbcd165b4d / DLL
AcService.exe / 75c67a2cb30d7d4aa5407ce5f5b540d0 / EXE
Uninstaller.exe / 3e6823507683bcf246b0bb343627aeee / EXE
AcProxy.dll / f0a11fa7edf3b570d355da6aa361033b / DLL
3.swf_DoABC_82_619 / 1a1d16b743dd44832002e33ace640bc0 / Unknown
InstallLSP64.exe / b2eb91876750974a0dcabb433e7b3e91 / EXE
AcNet.dll / ef73de56fcf58a30cece1895a6103391 / DLL
3.swf / 82f490b2f4a2c9b23c4b13ea7221bfd2 / SWFc
AcMenu64.dll / 50d1698a89cdb8779c1d7c9d93f96ee7 / DLL
Key behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
DfSharedHeap3DC5EB
DFMap0-4048391
DfRoot0003DC5EB
MSCTF.MarshalInterface.FileMap.MEM..DIDJH
MSCTF.MarshalInterface.FileMap.MEM.B.DIDJH
MSCTF.MarshalInterface.FileMap.MEM.C.DIDJH
MSCTF.MarshalInterface.FileMap.MEM.D.DIDJH
MSCTF.MarshalInterface.FileMap.MEM.E.DJDJH
MSCTF.MarshalInterface.FileMap.MEM.F.DJDJH
MSCTF.MarshalInterface.FileMap.MEM.G.DJDJH
MSCTF.Shared.SFM.MEM
Behavior description:隐藏指定窗口
details:[Window,Class] = [正在安装广告助手...,Static]
[Window,Class] = [,PICTUREEXWND]
[Window,Class] = [返回,Button]
Process behavior
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
DfSharedHeap3DC5EB
DFMap0-4048391
DfRoot0003DC5EB
MSCTF.MarshalInterface.FileMap.MEM..DIDJH
MSCTF.MarshalInterface.FileMap.MEM.B.DIDJH
MSCTF.MarshalInterface.FileMap.MEM.C.DIDJH
MSCTF.MarshalInterface.FileMap.MEM.D.DIDJH
MSCTF.MarshalInterface.FileMap.MEM.E.DJDJH
MSCTF.MarshalInterface.FileMap.MEM.F.DJDJH
MSCTF.MarshalInterface.FileMap.MEM.G.DJDJH
MSCTF.Shared.SFM.MEM
Behavior description:修改文件内容
details:C:\Program Files\AdClean\496437.tmp---> Offset = 0
Registry behavior
Behavior description:修改注册表
details:\REGISTRY\MACHINE\SOFTWARE\AdClean\cloud
Other behavior
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
Behavior description:窗口信息
details:Pid = 3144, Hwnd=0x202a6, Text = 立即安装, ClassName = Button.
Pid = 3144, Hwnd=0x202cc, Text = 安装程序准备中,请稍侯..., ClassName = Static.
Pid = 3144, Hwnd=0x202b4, Text = 安装到:, ClassName = Static.
Pid = 3144, Hwnd=0x202b2, Text = C:\Program Files\AdClean, ClassName = Edit.
Pid = 3144, Hwnd=0x302ba, Text = 更换目录..., ClassName = Button.
Pid = 3144, Hwnd=0x202d4, Text = 已经阅读并同意许可协议, ClassName = Button(CheckBox).
Pid = 3144, Hwnd=0x302dc, Text = 欢迎使用 广告助手, ClassName = Static.
Pid = 3144, Hwnd=0x202d8, Text = 继续安装, ClassName = Static.
Pid = 3144, Hwnd=0x202c2, Text = 返回, ClassName = Button.
Pid = 3144, Hwnd=0x202c4, Text = 正在安装广告助手..., ClassName = Static.
Pid = 3144, Hwnd=0x202b0, Text = 设置为开机启动, ClassName = Button(CheckBox).
Pid = 3144, Hwnd=0x202ae, Text = 创建2345导航, ClassName = Button(CheckBox).
Pid = 3144, Hwnd=0x202a2, Text = 欢迎使用 广告助手, ClassName = #32770.
Behavior description:隐藏指定窗口
details:[Window,Class] = [正在安装广告助手...,Static]
[Window,Class] = [,PICTUREEXWND]
[Window,Class] = [返回,Button]
Behavior description:创建互斥体
details:欢迎使用 广告助手
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.MEM
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号