VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:79
Behavior list
Basic Information
MD5:44758e818ccef85ed819778481676e88
file type:zip
Production company:
version:
Shell or compiler information:COMPILER:Borland Delphi 6.0 - 7.0 [Overlay]
Subfile information:easyhash.exedumpFile / 119b9a155cf0d4947744916a4eb52f24 / EXE
easyhash.exe / 119b9a155cf0d4947744916a4eb52f24 / EXE
setup.exedumpFile / 79c96fc7de5b945af82d8d80d41388e4 / EXE
setup.exe / 79c96fc7de5b945af82d8d80d41388e4 / EXE
Help.chmdumpFile / 21379e879f71f2bbd7fe98425a668195 / Chm
Help.chm / 21379e879f71f2bbd7fe98425a668195 / Chm
help.htmdumpFile / af129004181e641cb1b648a9f7c86fbb / Unknown
default.modumpFile / db0e675afd5ab3cf92cedaf61dd45534 / Unknown
default.mo / db0e675afd5ab3cf92cedaf61dd45534 / Unknown
default.podumpFile / 4b31a91a580d2a3afab129f1be16aa6b / Unknown
default.po / 4b31a91a580d2a3afab129f1be16aa6b / Unknown
default.modumpFile / 04f1f8c951c1326341e5100c2f26acb7 / Unknown
default.mo / 04f1f8c951c1326341e5100c2f26acb7 / Unknown
default.podumpFile / fcafc6f616596450938622148034a138 / Unknown
default.po / fcafc6f616596450938622148034a138 / Unknown
default.modumpFile / ff8808b8d8650236390de1d46abeee39 / Unknown
default.mo / ff8808b8d8650236390de1d46abeee39 / Unknown
default.podumpFile / 72c4fbc055c6c87f4d27cd2f0a2975a0 / Unknown
default.po / 72c4fbc055c6c87f4d27cd2f0a2975a0 / Unknown
File behavior
Behavior description:查找文件
details:FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\locale\zh_CN\LC_MESSAGES\default.mo
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\locale\zh\LC_MESSAGES\default.mo
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\conf.ini
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\locale\en\LC_MESSAGES\default.mo
Other behavior
Behavior description:创建互斥体
details:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.IMK
Behavior description:创建事件对象
details:EventName = MSCTF.SendReceive.Event.IMK.IC
EventName = MSCTF.SendReceiveConection.Event.IMK.IC
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
Behavior description:窗口信息
details:Pid = 2756, Hwnd=0x1902ce, Text = &No, ClassName = TButton.
Pid = 2756, Hwnd=0x403a2, Text = &Yes, ClassName = TButton.
Pid = 2756, Hwnd=0x50392, Text = Error, ClassName = TMessageForm.
Behavior description:打开事件
details:HookSwitchHookEnabledEvent
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000041
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000041
MSCTF.SendReceiveConection.Event.ELH.IC
MSCTF.SendReceive.Event.ELH.IC
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000042
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000042
Behavior description:枚举窗口
details:N/A
Behavior description:隐藏指定窗口
details:[Window,Class] = [,ComboLBox]
Behavior description:打开互斥体
details:ShimCacheMutex
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号