VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:75
Behavior list
Basic Information
MD5:1104f8db88b4c7978d294b297eb0112c
file type:Rar
Production company:
version:
Shell or compiler information:
Subfile information:avcodec-54.dll / big file / DLL
Hdrw.dll / ece682e45aed76241d256836e7583c4b / DLL
OfflineReg.exe / 5e52ea4ecf9ba7f325cce236bb441de5 / EXE
LangCRes.dll / 74ac643faec91548d1a4de16ab54c656 / DLL
Letarm.dll / bd8a77bb63a6af1392410a5a885cb08d / DLL
swscale-2.dll / 5b55992f2aa712535473e4de93196cd3 / DLL
SDL.dll / d31da530714c74efeb262ccddbdae7aa / DLL
IniCfg.dll / 942e848877e3557ccd1295c00cf562ad / DLL
update.dll / fe75f61ce9376244ae0ec49437bba11b / DLL
VPreview.dll / 79259621476fc045c3139a7feca49cfb / DLL
Hdrwvm.dll / 9b28c03e25fe78e0baa988c487ad4eae / DLL
HdrwLDM.dll / 6391ce09f75bca8dd87871aa1dc406bb / DLL
HdrwVhd.dll / 328dd6f97508d42fe6a82a1ff7b4f36d / DLL
HdrwVhdx.dll / 4e78802aa557e883eee77a500bc50abb / DLL
HdrwRD.dll / e230e4938fa8fe7aa7f7a477c8a0ffaa / DLL
HdrwVdi.dll / 493171ba694f1288d7fa501a92a110cc / DLL
swresample-0.dll / 46eb923d7a7ab4687ad32d9f4383c69f / DLL
releasenote.txt / 20011e9cf8f1651cd4386fdd361941a3 / Unknown
Key behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.IHE..PJHHH
MSCTF.MarshalInterface.FileMap.IHE.B.PJHHH
MSCTF.MarshalInterface.FileMap.IHE.C.PJHHH
MSCTF.MarshalInterface.FileMap.IHE.D.PJHHH
MSCTF.MarshalInterface.FileMap.IHE.E.PJHHH
MSCTF.MarshalInterface.FileMap.IHE.F.PJHHH
MSCTF.MarshalInterface.FileMap.IHE.G.PJHHH
MSCTF.Shared.SFM.IHE
MSCTF.MarshalInterface.FileMap.IHE.H.BINLH
MSCTF.MarshalInterface.FileMap.IHE.I.BINLH
MSCTF.MarshalInterface.FileMap.IHE.J.BINLH
MSCTF.MarshalInterface.FileMap.IHE.K.BINLH
MSCTF.MarshalInterface.FileMap.IHE.L.BINLH
MSCTF.MarshalInterface.FileMap.IHE.M.BINLH
Behavior description:屏蔽窗口关闭消息
details:hWnd = 0x000202a2, Text = 离线激活工具, ClassName = #32770.
Behavior description:隐藏指定窗口
details:[Window,Class] = [,Static]
Process behavior
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
MSCTF.MarshalInterface.FileMap.IHE..PJHHH
MSCTF.MarshalInterface.FileMap.IHE.B.PJHHH
MSCTF.MarshalInterface.FileMap.IHE.C.PJHHH
MSCTF.MarshalInterface.FileMap.IHE.D.PJHHH
MSCTF.MarshalInterface.FileMap.IHE.E.PJHHH
MSCTF.MarshalInterface.FileMap.IHE.F.PJHHH
MSCTF.MarshalInterface.FileMap.IHE.G.PJHHH
MSCTF.Shared.SFM.IHE
MSCTF.MarshalInterface.FileMap.IHE.H.BINLH
MSCTF.MarshalInterface.FileMap.IHE.I.BINLH
MSCTF.MarshalInterface.FileMap.IHE.J.BINLH
MSCTF.MarshalInterface.FileMap.IHE.K.BINLH
MSCTF.MarshalInterface.FileMap.IHE.L.BINLH
MSCTF.MarshalInterface.FileMap.IHE.M.BINLH
Other behavior
Behavior description:创建互斥体
details:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.IHE
Behavior description:屏蔽窗口关闭消息
details:hWnd = 0x000202a2, Text = 离线激活工具, ClassName = #32770.
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
Behavior description:隐藏指定窗口
details:[Window,Class] = [,Static]
Behavior description:窗口信息
details:Pid = 1552, Hwnd=0x202a6, Text = 注册用户名:, ClassName = Static.
Pid = 1552, Hwnd=0x202cc, Text = 注册邮箱:, ClassName = Static.
Pid = 1552, Hwnd=0x202b2, Text = 注册码:, ClassName = Static.
Pid = 1552, Hwnd=0x202d4, Text = 立即激活, ClassName = Button.
Pid = 1552, Hwnd=0x302dc, Text = 以后激活, ClassName = Button.
Pid = 1552, Hwnd=0x202d6, Text = 请首先在要激活的软件中打开注册对话框,输入注册信息,然后点击“离线激活”。最后将离线激活文件“OfflineReg.dat”及离线激活工具复制到, ClassName = Static.
Pid = 1552, Hwnd=0x202a2, Text = 离线激活工具, ClassName = #32770.
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号