1, Você pode enviar qualquer arquivo, porém com um limite de 20Mb por arquivo.
2, VirSCAN suporta arquivos Rar/Zip, porém ele deve conter menos que 20 arquivos.
3, VirSCAN consegue verificar arquivos compactados com senha 'infected' ou 'virus'.
4, Não FOI possível enviar, por favor use o upload VirSCAN
| Relatório de verificação multi-motor do Virscan.org |
| Relatório de análise de comportamento: Análise do arquivo Habo |
| MD5:a72e49ea73d7c41d3912d66cfba279c2 |
| 文件大小:5.58MB |
| 上传时间: 2014-09-22 10:36:30 (CST) |
| Nome do pacote: |
| Ambiente operacional mínimo: |
| Direitos autorais: |
| Descrição do comportamento: | 创建新文件进程 |
| Detalhes: | ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-D23A5.tmp\996E.tmp, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-D23A5.tmp\996E.tmp" /SL5="$202A2,3309171,119296,C:\Documents and Settings\Administrator\Local Settings\%temp%\1459673221.549368.exe" |
| ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-KTP3H.tmp\AntiLogger Free.exe, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-KTP3H.tmp\AntiLogger Free.exe" /CheckZALPro | |
| ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-KTP3H.tmp\AntiLogger Free.exe, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-KTP3H.tmp\AntiLogger Free.exe" /CheckSafeOnline | |
| Descrição do comportamento: | 进程退出 |
| Detalhes: | N/A |
| Descrição do comportamento: | 枚举进程 |
| Detalhes: | N/A |
| Descrição do comportamento: | 创建本地线程 |
| Detalhes: | C:\Documents and Settings\Administrator\Local Settings\%temp%\1459673221.590769.exe |
| C:\Documents and Settings\Administrator\Local Settings\%temp%\1459673221.591091.exe | |
| C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-D23A5.tmp\996E.tmp | |
| C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-KTP3H.tmp\AntiLogger Free.exe |
| Descrição do comportamento: | 创建文件 |
| Detalhes: | C:\Documents and Settings\Administrator\Local Settings\Temp\is-D23A5.tmp\996E.tmp |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-KTP3H.tmp\_isetup\_shfoldr.dll | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-KTP3H.tmp\AntiLogger Free.exe | |
| C:\Documents and Settings\Administrator\Local Settings\Application Data\Zemana\Tracer\AntiLogger Free.trace | |
| Descrição do comportamento: | 删除文件 |
| Detalhes: | C:\Documents and Settings\Administrator\Local Settings\Application Data\Zemana\Tracer\AntiLogger Free.trace |
| Descrição do comportamento: | 创建可执行文件 |
| Detalhes: | C:\Documents and Settings\Administrator\Local Settings\Temp\is-D23A5.tmp\996E.tmp |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-KTP3H.tmp\_isetup\_shfoldr.dll | |
| Descrição do comportamento: | 修改文件内容 |
| Detalhes: | C:\Documents and Settings\Administrator\Local Settings\Temp\is-D23A5.tmp\996E.tmp ---> Offset = 0 |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-D23A5.tmp\996E.tmp ---> Offset = 65536 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-D23A5.tmp\996E.tmp ---> Offset = 131072 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-D23A5.tmp\996E.tmp ---> Offset = 196608 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-D23A5.tmp\996E.tmp ---> Offset = 262144 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-KTP3H.tmp\_isetup\_shfoldr.dll ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-KTP3H.tmp\AntiLogger Free.exe ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-KTP3H.tmp\AntiLogger Free.exe ---> Offset = 65536 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-KTP3H.tmp\AntiLogger Free.exe ---> Offset = 131072 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-KTP3H.tmp\AntiLogger Free.exe ---> Offset = 196608 | |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-KTP3H.tmp\AntiLogger Free.exe ---> Offset = 262144 | |
| C:\Documents and Settings\Administrator\Local Settings\Application Data\Zemana\Tracer\AntiLogger Free.trace ---> Offset = 0 | |
| C:\Documents and Settings\Administrator\Local Settings\Application Data\Zemana\Tracer\AntiLogger Free.trace ---> Offset = 2 | |
| Descrição do comportamento: | 查找文件 |
| Detalhes: | FileName = C:\DOCUME~1 |
| FileName = C:\DOCUME~1\ADMINI~1 | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1 | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-D23A5.tmp | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-D23A5.tmp\996E.tmp | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-KTP3H.tmp | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-KTP3H.tmp\AntiLogger Free.zh-CN | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-KTP3H.tmp\AntiLogger Free.zh-Hans | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-KTP3H.tmp\AntiLogger Free.zh | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-KTP3H.tmp\AntiLogger Free.CHS | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-KTP3H.tmp\AntiLogger Free.CH | |
| FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\AntiLogger Free.madExcept\*.* | |
| FileName = C:\Documents and Settings | |
| FileName = C:\Documents and Settings\Administrator |
| Descrição do comportamento: | 创建互斥体 |
| Detalhes: | CTF.LBES.MutexDefaultS-* |
| CTF.Compart.MutexDefaultS-* | |
| CTF.Asm.MutexDefaultS-* | |
| CTF.Layouts.MutexDefaultS-* | |
| CTF.TMD.MutexDefaultS-* | |
| CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-* | |
| MSCTF.Shared.MUTEX.ELH | |
| madExceptSettingsMtx$98c | |
| Global\22C165814F8C258FE7BCFF6E38769A02 | |
| madExceptSettingsMtx$a94 | |
| MSCTF.Shared.MUTEX.AMI | |
| Descrição do comportamento: | 创建事件对象 |
| Detalhes: | EventName = Global\crypt32LogoffEvent |
| EventName = DINPUTWINMM | |
| EventName = Global\userenv: User Profile setup event | |
| EventName = MSCTF.SendReceive.Event.AMI.IC | |
| EventName = MSCTF.SendReceiveConection.Event.AMI.IC | |
| Descrição do comportamento: | 查找指定窗口 |
| Detalhes: | NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,] |
| NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,] | |
| Descrição do comportamento: | 枚举窗口 |
| Detalhes: | N/A |
| Descrição do comportamento: | 获取系统权限 |
| Detalhes: | SE_LOAD_DRIVER_PRIVILEGE |
| Descrição do comportamento: | 窗口信息 |
| Detalhes: | Pid = 2236, Hwnd=0x202d2, Text = Welcome to the AntiLogger Free Setup Wizard , ClassName = TNewStaticText. |
| Pid = 2236, Hwnd=0x202d0, Text = This will install AntiLogger Free version 1.8.2.320 on your computer. It is recommended that you close all other applications , ClassName = TNewStaticText. | |
| Pid = 2236, Hwnd=0x202aa, Text = END USER LICENSE AGREEMENT NOTICE: UPON THE LICENSE AGREEMENT OF THE AFORESAID SOFTWARE WHICH IS INTRODUCED BY ZEMANA LIM, ClassName = TRichEditViewer. | |
| Pid = 2236, Hwnd=0x502c4, Text = C:\Program Files\Zemana AntiLogger Free, ClassName = TEdit. | |
| Pid = 2236, Hwnd=0x502ce, Text = &Next >, ClassName = TNewButton. | |
| Pid = 2236, Hwnd=0x702c0, Text = Cancel, ClassName = TNewButton. | |
| Pid = 2236, Hwnd=0x502d4, Text = Setup - AntiLogger Free, ClassName = TWizardForm. | |
| Descrição do comportamento: | 可执行文件签名信息 |
| Detalhes: | C:\Documents and Settings\Administrator\Local Settings\Temp\is-D23A5.tmp\996E.tmp(签名验证: 未通过) |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-KTP3H.tmp\_isetup\_shfoldr.dll(签名验证: 未通过) | |
| Descrição do comportamento: | 隐藏指定窗口 |
| Detalhes: | [Window,Class] = [Setup,TApplication] |
| Descrição do comportamento: | 可执行文件MD5 |
| Detalhes: | C:\Documents and Settings\Administrator\Local Settings\Temp\is-D23A5.tmp\996E.tmp ---> 1daec469526857d2f6be0091f9ee7077 |
| C:\Documents and Settings\Administrator\Local Settings\Temp\is-KTP3H.tmp\_isetup\_shfoldr.dll ---> 92dc6ef532fbb4a5c3201469a5b5eb63 |
Casa
