VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

  Main Menu
VirSCAN  HOME VirSCAN  go Virscan.org VirSCAN  Report VirSCAN  Virus report VirSCAN  Behavior report VirSCAN  Help VirSCAN VirSCAN  Submit Bugs VirSCAN  Contact us VirSCAN  URL detection VirSCAN  API VirSCAN  uploader for windows(test)
  Powered By
a-squared
a-squared
a-squared
 
File information
Safety rating:89
Behavior list
Basic Information
MD5:dfc20910e75a2d3b16ee73052bdf4892
file type:zip
Production company:
version:
Shell or compiler information:
Subfile information:Reflector v7.2.0.143 Keygen.exe / 5851729906ead002029fec6a716b4466 / EXE
Process behavior
Behavior description:创建本地线程
details:N/A
Behavior description:进程退出
details:N/A
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:覆盖已有文件
details:C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
Behavior description:修改文件内容
details:C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT---> Offset = 0
Behavior description:查找文件
details:FileName = C:\WINDOWS
FileName = C:\WINDOWS\WinSxS
FileName = C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
FileName = C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.INI
FileName = C:\DOCUME~1
FileName = C:\DOCUME~1\ADMINI~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1446435667.503310.exe_7zdump
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1446435667.506809.exe_7zdump\Reflector v7.2.0.143 Keygen.exe
FileName = C:\Documents and Settings\ADMINI~1
FileName = C:\Documents and Settings\Administrator\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\1446435667.517350.exe_7zdump\Reflector v7.2.0.143 Keygen.INI
FileName = C:/DOCUME~1
Other behavior
Behavior description:创建事件对象
details:EventName = Global\CorDBIPCSetupSyncEvent_252
EventName = MSCTF.SendReceive.Event.MNF.IC
EventName = MSCTF.SendReceiveConection.Event.MNF.IC
Behavior description:窗口信息
details:Pid = 252, Hwnd=0x402bc, Text = VSPro, ClassName = WindowsForms10.COMBOBOX.app.0.378734a.
Pid = 252, Hwnd=0x302b2, Text = Edition :, ClassName = WindowsForms10.STATIC.app.0.378734a.
Pid = 252, Hwnd=0x302cc, Text = Generate, ClassName = WindowsForms10.BUTTON.app.0.378734a.
Pid = 252, Hwnd=0x402dc, Text = A3DF-83KY-AXWZ-F3X7-TEPK-J89F, ClassName = WindowsForms10.EDIT.app.0.378734a.
Pid = 252, Hwnd=0x202c4, Text = 1, ClassName = WindowsForms10.EDIT.app.0.378734a.
Pid = 252, Hwnd=0x202c8, Text = User Count :, ClassName = WindowsForms10.STATIC.app.0.378734a.
Pid = 252, Hwnd=0x302d4, Text = Reflector v7.2.0.143 Keygen [LineZer0], ClassName = WindowsForms10.Window.8.app.0.378734a.
Behavior description:隐藏指定窗口
details:[Window,Class] = [,ComboLBox]
Behavior description:创建互斥体
details:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.MNF
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

 pol

京公网安备 11010802020746号