VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:88
Behavior list
Basic Information
MD5:ece5dca87d315ada4404d82be660c934
file type:Rar
Production company:
version:
Shell or compiler information:
Subfile information:WinRAR.exe / 0da572ea67b4c3bc74a0e304e7b0b888 / EXE
Rar.exe / 4ac87e6f490142215ec0a658b1b374be / EXE
RarExt.dll / 741881c94f0b15e58d5e72a5e55d727e / DLL
WinRAR.chm / 83169ab0b22de62351313b9963acae0e / Chm
UnRAR.exe / d01f0c2a61157e9c8fe0b9e6f2676632 / EXE
RarExt32.dll / 4016a94f7abf57cc52f4f80c14614e76 / DLL
WinCon64.SFX / 00a1f996a568ff0f2ae5f50c79793e63 / EXE
Default64.SFX / 09c56317b0ce35b7040b9b1ac35dfe00 / EXE
WinCon.SFX / af42a7901d9b3e4bc3564a34b8abd1cc / EXE
Default.SFX / 5c08c8de77196064bf06ed7dc7c6702e / EXE
Zip64.SFX / 1482a84232943b79bed918b6322c8aa3 / EXE
Uninstall.exe / 12ea31a5d692326c5b00fb4767206be5 / EXE
Zip.SFX / b515e6298bdb1849ad2f55d31ed1ccaa / EXE
7zxa.dll / adc9753553e0b2cbe70e6d7451bd941e / DLL
Ace32Loader.exe / 5a6579be0569b03666ec8dc373c08ce6 / EXE
UNACEV2.DLL / de02c4d04088b69e64ecc30a3d9e22e5 / DLL
Rar.txt / 03c50f817b09050c9eb3fdc19d7e3a98 / Unknown
WhatsNew.txt / 3230ad93eb5492782538a56901f79800 / Unknown
License.txt / 8076981c43db92ee06a7f64676a2b495 / Unknown
Process behavior
Behavior description:创建新文件进程
details:ImagePath = C:\Program Files\WinRAR\uninstall.exe, CmdLine = "C:\Program Files\WinRAR\uninstall.exe" /setup
Behavior description:创建本地线程
details:ProcessId = 800, ThreadId = 976.
ProcessId = 800, ThreadId = 2020.
ProcessId = 800, ThreadId = 568.
ProcessId = 800, ThreadId = 1796.
ProcessId = 800, ThreadId = 2036.
ProcessId = 800, ThreadId = 2352.
ProcessId = 1772, ThreadId = 2820.
ProcessId = 1772, ThreadId = 1412.
ProcessId = 1772, ThreadId = 1912.
Behavior description:进程退出
details:N/A
File behavior
Behavior description:创建文件
details:C:\Program Files\WinRAR\__tmp_rar_sfx_access_check_293703
C:\Program Files\WinRAR\Descript.ion
C:\Program Files\WinRAR\ReadMe.txt
C:\Program Files\WinRAR\License.txt
C:\Program Files\WinRAR\Rar.txt
C:\Program Files\WinRAR\WhatsNew.txt
C:\Program Files\WinRAR\Order.htm
C:\Program Files\WinRAR\RarFiles.lst
C:\Program Files\WinRAR\Uninstall.lst
C:\Program Files\WinRAR\Ace32Loader.exe
C:\Program Files\WinRAR\Rar.exe
C:\Program Files\WinRAR\Uninstall.exe
C:\Program Files\WinRAR\UnRAR.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\WinRAR\7zxa.dll
Behavior description:在系统敏感位置(如开始菜单等)释放链接或快捷方式
details:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR 中文帮助.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\控制台 RAR 中文手册.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\最新版本的更新.lnk
Behavior description:删除文件
details:C:\Program Files\WinRAR\__tmp_rar_sfx_access_check_293703
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR 中文帮助.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\控制台 RAR 中文手册.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\最新版本里有哪些新功能.lnk
Behavior description:修改文件内容
details:C:\Program Files\WinRAR\Descript.ion---> Offset = 0
C:\Program Files\WinRAR\ReadMe.txt---> Offset = 0
C:\Program Files\WinRAR\License.txt---> Offset = 0
C:\Program Files\WinRAR\Rar.txt---> Offset = 0
C:\Program Files\WinRAR\WhatsNew.txt---> Offset = 0
C:\Program Files\WinRAR\Order.htm---> Offset = 0
C:\Program Files\WinRAR\RarFiles.lst---> Offset = 0
C:\Program Files\WinRAR\Uninstall.lst---> Offset = 0
C:\Program Files\WinRAR\rarreg.key---> Offset = 0
C:\Program Files\WinRAR\WinRAR.chm---> Offset = 0
C:\Program Files\WinRAR\rarnew.dat---> Offset = 0
C:\Program Files\WinRAR\zipnew.dat---> Offset = 0
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk---> Offset = 0
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR 中文帮助.lnk---> Offset = 0
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\控制台 RAR 中文手册.lnk---> Offset = 0
Behavior description:创建可执行文件
details:C:\Program Files\WinRAR\Ace32Loader.exe
C:\Program Files\WinRAR\Rar.exe
C:\Program Files\WinRAR\Uninstall.exe
C:\Program Files\WinRAR\UnRAR.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\WinRAR\7zxa.dll
C:\Program Files\WinRAR\RarExt.dll
C:\Program Files\WinRAR\RarExt32.dll
C:\Program Files\WinRAR\UNACEV2.DLL
C:\Program Files\WinRAR\Default.SFX
C:\Program Files\WinRAR\Default64.SFX
C:\Program Files\WinRAR\WinCon.SFX
C:\Program Files\WinRAR\WinCon64.SFX
C:\Program Files\WinRAR\Zip.SFX
C:\Program Files\WinRAR\Zip64.SFX
Registry behavior
Behavior description:删除注册表键
details:\REGISTRY\MACHINE\SOFTWARE\Classes\.rar\ShellNew
\REGISTRY\MACHINE\SOFTWARE\Classes\.zip\ShellNew
Behavior description:修改注册表
details:\REGISTRY\USER\S-*\Software\WinRAR SFX\C%%Program Files%WinRAR
\REGISTRY\USER\S-*\Software\WinRAR\Setup\.rar\Set
\REGISTRY\USER\S-*\Software\WinRAR\Setup\.zip\Set
\REGISTRY\USER\S-*\Software\WinRAR\Setup\.cab\Set
\REGISTRY\USER\S-*\Software\WinRAR\Setup\.arj\Set
\REGISTRY\USER\S-*\Software\WinRAR\Setup\.lzh\Set
\REGISTRY\USER\S-*\Software\WinRAR\Setup\.ace\Set
\REGISTRY\USER\S-*\Software\WinRAR\Setup\.7z\Set
\REGISTRY\USER\S-*\Software\WinRAR\Setup\.tar\Set
\REGISTRY\USER\S-*\Software\WinRAR\Setup\.gz\Set
\REGISTRY\USER\S-*\Software\WinRAR\Setup\.uue\Set
\REGISTRY\USER\S-*\Software\WinRAR\Setup\.bz2\Set
\REGISTRY\USER\S-*\Software\WinRAR\Setup\.jar\Set
\REGISTRY\USER\S-*\Software\WinRAR\Setup\.iso\Set
\REGISTRY\USER\S-*\Software\WinRAR\Setup\.z\Set
Behavior description:删除注册表键值
details:\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
\REGISTRY\MACHINE\SOFTWARE\Classes\.rar\Content Type
\REGISTRY\MACHINE\SOFTWARE\Classes\.r00\Content Type
\REGISTRY\MACHINE\SOFTWARE\Classes\.r01\Content Type
\REGISTRY\MACHINE\SOFTWARE\Classes\.r02\Content Type
\REGISTRY\MACHINE\SOFTWARE\Classes\.r03\Content Type
\REGISTRY\MACHINE\SOFTWARE\Classes\.r04\Content Type
\REGISTRY\MACHINE\SOFTWARE\Classes\.r05\Content Type
\REGISTRY\MACHINE\SOFTWARE\Classes\.r06\Content Type
\REGISTRY\MACHINE\SOFTWARE\Classes\.r07\Content Type
\REGISTRY\MACHINE\SOFTWARE\Classes\.r08\Content Type
\REGISTRY\MACHINE\SOFTWARE\Classes\.r09\Content Type
Other behavior
Behavior description:窗口信息
details:Pid = 800, Hwnd=0xa0228, Text = TITLE_BMP, ClassName = Static.
Pid = 800, Hwnd=0x60152, Text = 版权所有 ? 1993-2015, ClassName = Static.
Pid = 800, Hwnd=0x90290, Text = by Alexander Roshal, ClassName = Static.
Pid = 800, Hwnd=0x701ba, Text = 目标文件夹(&D), ClassName = Static.
Pid = 800, Hwnd=0x701aa, Text = C:\Program Files\WinRAR, ClassName = ComboBox.
Pid = 800, Hwnd=0x801e0, Text = C:\Program Files\WinRAR, ClassName = Edit.
Pid = 800, Hwnd=0xc0252, Text = 浏览(&W)..., ClassName = Button.
Pid = 800, Hwnd=0x701a8, Text = 如果您同意最终用户许可协议(EULA),请点击“安装”。如果您不同意,请点击“取消”。, ClassName = Static.
Pid = 800, Hwnd=0x701a2, Text = 安装, ClassName = Button.
Pid = 800, Hwnd=0x701a4, Text = 取消, ClassName = Button.
Pid = 800, Hwnd=0x90250, Text = WinRAR 5.40 简体中文版 (64位), ClassName = #32770.
Pid = 1772, Hwnd=0xf01fa, Text = WinRAR 关联文件, ClassName = Button(GroupBox).
Pid = 1772, Hwnd=0xc01be, Text = RAR(&R), ClassName = Button(CheckBox).
Pid = 1772, Hwnd=0xf023e, Text = ZIP(&Z), ClassName = Button(CheckBox).
Pid = 1772, Hwnd=0x901e2, Text = 7-Zip, ClassName = Button(CheckBox).
Behavior description:可执行文件MD5
details:C:\Program Files\WinRAR\Ace32Loader.exe ---> 5a6579be0569b03666ec8dc373c08ce6
C:\Program Files\WinRAR\Rar.exe ---> 4ac87e6f490142215ec0a658b1b374be
C:\Program Files\WinRAR\Uninstall.exe ---> 12ea31a5d692326c5b00fb4767206be5
C:\Program Files\WinRAR\UnRAR.exe ---> d01f0c2a61157e9c8fe0b9e6f2676632
C:\Program Files\WinRAR\WinRAR.exe ---> 0da572ea67b4c3bc74a0e304e7b0b888
C:\Program Files\WinRAR\7zxa.dll ---> adc9753553e0b2cbe70e6d7451bd941e
C:\Program Files\WinRAR\RarExt.dll ---> 741881c94f0b15e58d5e72a5e55d727e
C:\Program Files\WinRAR\RarExt32.dll ---> 4016a94f7abf57cc52f4f80c14614e76
C:\Program Files\WinRAR\UNACEV2.DLL ---> de02c4d04088b69e64ecc30a3d9e22e5
C:\Program Files\WinRAR\Default.SFX ---> 5c08c8de77196064bf06ed7dc7c6702e
C:\Program Files\WinRAR\Default64.SFX ---> 09c56317b0ce35b7040b9b1ac35dfe00
C:\Program Files\WinRAR\WinCon.SFX ---> af42a7901d9b3e4bc3564a34b8abd1cc
C:\Program Files\WinRAR\WinCon64.SFX ---> 00a1f996a568ff0f2ae5f50c79793e63
C:\Program Files\WinRAR\Zip.SFX ---> b515e6298bdb1849ad2f55d31ed1ccaa
C:\Program Files\WinRAR\Zip64.SFX ---> 1482a84232943b79bed918b6322c8aa3
Behavior description:可执行文件签名信息
details:C:\Program Files\WinRAR\Uninstall.exe(签名验证: 未通过)
C:\Program Files\WinRAR\WinRAR.exe(签名验证: 未通过)
C:\Program Files\WinRAR\UNACEV2.DLL(签名验证: 未通过)
C:\Program Files\WinRAR\7zxa.dll(签名验证: 未通过)
C:\Program Files\WinRAR\RarExt.dll(签名验证: 未通过)
C:\Program Files\WinRAR\RarExt32.dll(签名验证: 未通过)
C:\Program Files\WinRAR\Default.SFX(签名验证: 未通过)
C:\Program Files\WinRAR\Default64.SFX(签名验证: 未通过)
C:\Program Files\WinRAR\WinCon.SFX(签名验证: 未通过)
C:\Program Files\WinRAR\WinCon64.SFX(签名验证: 未通过)
C:\Program Files\WinRAR\Zip.SFX(签名验证: 未通过)
C:\Program Files\WinRAR\Zip64.SFX(签名验证: 未通过)
C:\Program Files\WinRAR\UnRAR.exe(签名验证: 未通过)
C:\Program Files\WinRAR\Rar.exe(签名验证: 未通过)
C:\Program Files\WinRAR\Ace32Loader.exe(签名验证: 通过)
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号