VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Basic Information

MD5: 45a6c02de5ab2821f3146a9c9d25fae8
file type: Rar
Production company:
version:
Shell or compiler information: COMPILER:Microsoft Visual Basic 5.0 / 6.0
{$lang.habo.subfile_info}>: 勇芳_多开补丁.exedumpFile / 3c5113a2e795897624e909eadba42edb / EXE
勇芳_多开补丁.exedumpFile / 3c5113a2e795897624e909eadba42edb / EXE

Key behavior

Behavior description: 设置特殊文件夹属性
details: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies

File behavior

Behavior description: 写权限映射文件
details: DfSharedHeapBCD75
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DFCD78.tmp
DfRoot0000BCD75
Local\UrlZonesSM_Administrator
Behavior description: 设置特殊文件夹属性
details: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies

Network behavior

Behavior description: 连接指定站点
details: InternetConnectA: ServerName = www.yfvb.com, PORT = 80
InternetConnectA: ServerName = www.yfvb.net, PORT = 80
Behavior description: 建立到一个指定的套接字连接
details: 127.0.0.1:1040
Behavior description: 读取网络文件
details: hFile = 0x00000604, BytesToRead =2048, BytesRead = 2048.
Behavior description: 打开HTTP请求
details: HttpOpenRequestA: www.yfvb.com:80/cu.txt, hConnect = 0x00000600
HttpOpenRequestA: www.yfvb.net:80/cu.txt, hConnect = 0x00000600

Registry behavior

Behavior description: 修改注册表
details: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
Behavior description: 删除注册表键值_IE连接设置
details: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL

Other behavior

Behavior description: 创建互斥体
details: Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
RasPbFile
Behavior description: 窗口信息
details: Pid = 1020, Hwnd=0xb01c6, Text = 关于, ClassName = ThunderRT6CommandButton.
Pid = 1020, Hwnd=0xb0184, Text = 浏览, ClassName = ThunderRT6CommandButton.
Pid = 1020, Hwnd=0xa01aa, Text = 更新, ClassName = ThunderRT6CommandButton.
Pid = 1020, Hwnd=0xb01b0, Text = 帮助, ClassName = ThunderRT6CommandButton.
Pid = 1020, Hwnd=0xa018c, Text = 退出, ClassName = ThunderRT6CommandButton.
Pid = 1020, Hwnd=0xe016e, Text = 开始打补丁, ClassName = ThunderRT6CommandButton.
Pid = 1020, Hwnd=0xd01a4, Text = 追加文字, ClassName = ThunderRT6CheckBox.
Pid = 1020, Hwnd=0xc01e8, Text = .勇芳., ClassName = ThunderRT6TextBox.
Pid = 1020, Hwnd=0xc01b4, Text = 进大厅后能立即发言, ClassName = ThunderRT6CheckBox.
Pid = 1020, Hwnd=0xb0170, Text = Command7, ClassName = ThunderRT6CommandButton.
Pid = 1020, Hwnd=0xb0164, Text = 检查是否有更新, ClassName = ThunderRT6Frame.
Pid = 1020, Hwnd=0xd0190, Text = 非蓝钻找人, ClassName = ThunderRT6CheckBox.
Pid = 1020, Hwnd=0xc01b6, Text = 显示隐身Q号, ClassName = ThunderRT6CheckBox.
Pid = 1020, Hwnd=0xe01b8, Text = 禁止广告下载, ClassName = ThunderRT6CheckBox.
Pid = 1020, Hwnd=0xb01e0, Text = 禁止自动更新, ClassName = ThunderRT6CheckBox.

Run screenshot

VirSCAN