VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:77
Behavior list
Basic Information
MD5:48a2ec39df89a79d7e7afba9608f3d49
file type:Rar
Production company:
version:
Shell or compiler information:COMPILER:Borland C++ 1999 [Overlay]
Subfile information:破解百度云VIP无限制进入高速通道.exedumpFile / d0594a75a5a185dffa4ca79072fa5e27 / EXE
破解百度云VIP无限制进入高速通道.exe / d0594a75a5a185dffa4ca79072fa5e27 / EXE
upack0.32_786b901ddumpFile / bd2a6ac91f37bd076232f78c7cb6fc49 / EXE
upack0.32_207498badumpFile / bd2a6ac91f37bd076232f78c7cb6fc49 / EXE
百度云高速通道VIP破解工具.exedumpFile / ef776d3d0a1006317a564bc710ed8977 / EXE
百度云高速通道VIP破解工具.exe / ef776d3d0a1006317a564bc710ed8977 / EXE
教程.txtdumpFile / 41ac0629236962326fd12967a7978118 / Unknown
教程.txt / 41ac0629236962326fd12967a7978118 / Unknown
免费注册快乐赚领取Q币现金.urldumpFile / d15e0e670448a2d42c9952e2d2613ba2 / Unknown
免费注册快乐赚领取Q币现金.url / d15e0e670448a2d42c9952e2d2613ba2 / Unknown
推荐注册百分百领取各种永久钻.urldumpFile / 26f6de4218949ef00b114c2bc9ba0e60 / Unknown
推荐注册百分百领取各种永久钻.url / 26f6de4218949ef00b114c2bc9ba0e60 / Unknown
兴旺卡盟注册百分百送永久钻-名赞片.urldumpFile / 064f2937b457c28a2a7fb7528b3ba0c9 / Unknown
兴旺卡盟注册百分百送永久钻-名赞片.url / 064f2937b457c28a2a7fb7528b3ba0c9 / Unknown
前去寻找更多资源.urldumpFile / 0e1589cd950e81fc655d4d80678e88c4 / Unknown
前去寻找更多资源.url / 0e1589cd950e81fc655d4d80678e88c4 / Unknown
教程dumpFile / d41d8cd98f00b204e9800998ecf8427e / Unknown
Key behavior
Behavior description:屏蔽窗口关闭消息
details:hWnd = 0x0006034e, Text = 控制, ClassName = TControlForm.
Process behavior
Behavior description:创建本地线程
details:TargetProcess: 破解百度云VIP无限制进入高速通道.exe, InheritedFromPID = 1944, ProcessID = 1008, ThreadID = 888, StartAddress = 0046EFC8, Parameter = 00B072E8
TargetProcess: 破解百度云VIP无限制进入高速通道.exe, InheritedFromPID = 1944, ProcessID = 1008, ThreadID = 1772, StartAddress = 76B2AEAF, Parameter = 00000000
Other behavior
Behavior description:创建互斥体
details:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.EKD
Behavior description:隐藏指定窗口
details:[Window,Class] = [控制,TControlForm]
[Window,Class] = [0:29/7:17 Player,TPlayForm]
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
Behavior description:窗口信息
details:Pid = 1008, Hwnd=0x6035e, Text = 定位, ClassName = TButton.
Pid = 1008, Hwnd=0x29031a, Text = ToolBar1, ClassName = TToolBar.
Pid = 1008, Hwnd=0x6034e, Text = 控制, ClassName = TControlForm.
Pid = 1008, Hwnd=0xe031e, Text = 0:2/7:17 Player, ClassName = TPlayForm.
Pid = 1008, Hwnd=0xe031e, Text = 0:5/7:17 Player, ClassName = TPlayForm.
Pid = 1008, Hwnd=0xe031e, Text = 0:9/7:17 Player, ClassName = TPlayForm.
Pid = 1008, Hwnd=0xe031e, Text = 0:12/7:17 Player, ClassName = TPlayForm.
Pid = 1008, Hwnd=0xe031e, Text = 0:16/7:17 Player, ClassName = TPlayForm.
Pid = 1008, Hwnd=0x2c031a, Text = ToolBar1, ClassName = TToolBar.
Pid = 1008, Hwnd=0xe031e, Text = 0:19/7:17 Player, ClassName = TPlayForm.
Pid = 1008, Hwnd=0xe031e, Text = 0:22/7:17 Player, ClassName = TPlayForm.
Pid = 1008, Hwnd=0xe031e, Text = 0:25/7:17 Player, ClassName = TPlayForm.
Pid = 1008, Hwnd=0xe031e, Text = 0:29/7:17 Player, ClassName = TPlayForm.
Behavior description:屏蔽窗口关闭消息
details:hWnd = 0x0006034e, Text = 控制, ClassName = TControlForm.
Behavior description:枚举窗口
details:N/A
Behavior description:创建事件对象
details:EventName = DINPUTWINMM
EventName = MSCTF.SendReceiveConection.Event.EKD.IC
EventName = MSCTF.SendReceive.Event.EKD.IC
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号