VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:77
Behavior list
Basic Information
MD5:3e1586ae3a7a6a661f36768425bce4c3
file type:Rar
Production company:
version:
Shell or compiler information:
Subfile information:COMMON.JS / 92c7156674febae95e5a3d456c058e72 / Unknown
COMMON.JSdumpFile / 4b66a3398b24fcee6d200cf874615e4a / Unknown
COMMON.JSdumpFile / 92c7156674febae95e5a3d456c058e72 / Unknown
COMMON.JS / 4b66a3398b24fcee6d200cf874615e4a / Unknown
ACMBOOT.LSTdumpFile / 64ad49926719f4a884b8f3fc9f91afcd / Unknown
ACMBOOT.LST / 64ad49926719f4a884b8f3fc9f91afcd / Unknown
VS.MNUdumpFile / 9ef242388b3aa4b11145c9f97235fe5e / Unknown
VS.MNU / 9ef242388b3aa4b11145c9f97235fe5e / Unknown
VSS.MNUdumpFile / e73b07eeabd6a01acc2f292f922607bd / Unknown
VSS.MNU / e73b07eeabd6a01acc2f292f922607bd / Unknown
VER.JSdumpFile / 23904f4227fd76c3474922d7b345c387 / Unknown
VER.JS / 23904f4227fd76c3474922d7b345c387 / Unknown
VER.JS / 23904f4227fd76c3474922d7b345c387 / Unknown
VB.MNUdumpFile / 97917a6954f0faa735bb8314447d9fe6 / Unknown
VB.MNU / 97917a6954f0faa735bb8314447d9fe6 / Unknown
REPOS.MNUdumpFile / 5067e9e16cc6c679c9871881632c7a54 / Unknown
REPOS.MNU / 5067e9e16cc6c679c9871881632c7a54 / Unknown
VC.MNUdumpFile / 8c41ea7cdf6fdd879570371c6c84119a / Unknown
VC.MNU / 8c41ea7cdf6fdd879570371c6c84119a / Unknown
Process behavior
Behavior description:创建本地线程
details:TargetProcess: wscript.exe, InheritedFromPID = 1944, ProcessID = 972, ThreadID = 1844, StartAddress = 765E964D, Parameter = 001BEF40
TargetProcess: wscript.exe, InheritedFromPID = 1944, ProcessID = 972, ThreadID = 1568, StartAddress = 77E56C7D, Parameter = 001B9170
TargetProcess: wscript.exe, InheritedFromPID = 1944, ProcessID = 972, ThreadID = 824, StartAddress = 769AE43B, Parameter = 001C9FE8
File behavior
Behavior description:查找文件
details:FileName = C:\Documents and Settings\Administrator\Local Settings\Temp
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\COMMON
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\COMMON\TOOLS
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\COMMON\TOOLS\VB
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\COMMON\TOOLS\VB\UNSUPPRT
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\COMMON\TOOLS\VB\UNSUPPRT\DANIM
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\COMMON\TOOLS\VB\UNSUPPRT\DANIM\COMMON.js
Other behavior
Behavior description:打开事件
details:Global\crypt32LogoffEvent
MSFT.VSA.COM.DISABLE.972
MSFT.VSA.IEC.STATUS.6c736db0
Behavior description:创建事件对象
details:EventName = Global\crypt32LogoffEvent
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号