VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:89
Behavior list
Basic Information
MD5:c875bf0b1c4df686c929344af229b31b
file type:EXE
Production company:一世明眼镜店软件开发工作室
version:1.0.2.5---1.0.2.5
Shell or compiler information:PACKER:UPX 0.89.6 - 1.02 / 1.05 - 1.24 -> Markus & Laszlo
Subfile information:upx_c_52d023cddumpFile / 11dcb3eccd41190b6cb40297b5523e6c / EXE
Key behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
VIDEOMEMORY
MSCTF.MarshalInterface.FileMap.IBE..ILIHH
MSCTF.MarshalInterface.FileMap.IBE.B.ABJHH
MSCTF.MarshalInterface.FileMap.IBE.C.ABJHH
MSCTF.MarshalInterface.FileMap.IBE.D.ABJHH
MSCTF.MarshalInterface.FileMap.IBE.E.ABJHH
MSCTF.MarshalInterface.FileMap.IBE.F.ABJHH
MSCTF.MarshalInterface.FileMap.IBE.G.ABJHH
MSCTF.MarshalInterface.FileMap.MJI..PDJHH
MSCTF.MarshalInterface.FileMap.MJI.B.PDJHH
MSCTF.MarshalInterface.FileMap.MJI.C.PDJHH
MSCTF.MarshalInterface.FileMap.MJI.D.PDJHH
MSCTF.MarshalInterface.FileMap.MJI.E.PDJHH
MSCTF.MarshalInterface.FileMap.MJI.F.PDJHH
Behavior description:隐藏指定窗口
details:[Window,Class] = [<,AfxWnd42s]
[Window,Class] = [>,AfxWnd42s]
[Window,Class] = [,ComboLBox]
[Window,Class] = [,_EL_CommonDlg]
[Window,Class] = [,_EL_PicBox]
[Window,Class] = [,RichEdit20A]
[Window,Class] = [!!选择杂乱图片 会降低识别率 ,Button]
[Window,Class] = [问题提交,Button]
[Window,Class] = [,Afx:400000:b:10011:1900010:0]
[Window,Class] = [标签,_EL_Label]
[Window,Class] = [,ListBox]
[Window,Class] = [,Afx:400000:8]
[Window,Class] = [,Button]
[Window,Class] = [文字识别无法使用修复,Button]
[Window,Class] = [语音无法使用修复,Button]
Behavior description:获取窗口截图信息
details:Foreground window Info: HWND = 0x050104ee, DC = 0x050104ee.
Foreground window Info: HWND = 0x0a0104ef, DC = 0x0a0104ef.
Process behavior
Behavior description:枚举进程
details:N/A
File behavior
Behavior description:写权限映射文件
details:CiceroSharedMemDefaultS-*
VIDEOMEMORY
MSCTF.MarshalInterface.FileMap.IBE..ILIHH
MSCTF.MarshalInterface.FileMap.IBE.B.ABJHH
MSCTF.MarshalInterface.FileMap.IBE.C.ABJHH
MSCTF.MarshalInterface.FileMap.IBE.D.ABJHH
MSCTF.MarshalInterface.FileMap.IBE.E.ABJHH
MSCTF.MarshalInterface.FileMap.IBE.F.ABJHH
MSCTF.MarshalInterface.FileMap.IBE.G.ABJHH
MSCTF.MarshalInterface.FileMap.MJI..PDJHH
MSCTF.MarshalInterface.FileMap.MJI.B.PDJHH
MSCTF.MarshalInterface.FileMap.MJI.C.PDJHH
MSCTF.MarshalInterface.FileMap.MJI.D.PDJHH
MSCTF.MarshalInterface.FileMap.MJI.E.PDJHH
MSCTF.MarshalInterface.FileMap.MJI.F.PDJHH
Behavior description:查找文件
details:FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\%temp%\软件自检.dat
Registry behavior
Behavior description:修改注册表
details:\REGISTRY\USER\S-*\Software\Microsoft\Speech\Voices\DefaultTokenId
\REGISTRY\USER\S-*\Software\Microsoft\ActiveMovie\devenum\Version
\REGISTRY\USER\S-*\Software\Microsoft\ActiveMovie\devenum\{33D9A761-90C8-11D0-BD43-00A0C911CE86}\1PCM\FriendlyName
\REGISTRY\USER\S-*\Software\Microsoft\ActiveMovie\devenum\{33D9A761-90C8-11D0-BD43-00A0C911CE86}\1PCM\CLSID
\REGISTRY\USER\S-*\Software\Microsoft\ActiveMovie\devenum\{33D9A761-90C8-11D0-BD43-00A0C911CE86}\1PCM\FilterData
\REGISTRY\USER\S-*\Software\Microsoft\ActiveMovie\devenum\{33D9A761-90C8-11D0-BD43-00A0C911CE86}\1PCM\AcmId
\REGISTRY\USER\S-*\Software\Microsoft\ActiveMovie\devenum\{33D9A761-90C8-11D0-BD43-00A0C911CE86}\17IMA ADPCM\FriendlyName
\REGISTRY\USER\S-*\Software\Microsoft\ActiveMovie\devenum\{33D9A761-90C8-11D0-BD43-00A0C911CE86}\17IMA ADPCM\CLSID
\REGISTRY\USER\S-*\Software\Microsoft\ActiveMovie\devenum\{33D9A761-90C8-11D0-BD43-00A0C911CE86}\17IMA ADPCM\FilterData
\REGISTRY\USER\S-*\Software\Microsoft\ActiveMovie\devenum\{33D9A761-90C8-11D0-BD43-00A0C911CE86}\17IMA ADPCM\AcmId
\REGISTRY\USER\S-*\Software\Microsoft\ActiveMovie\devenum\{33D9A761-90C8-11D0-BD43-00A0C911CE86}\2Microsoft ADPCM\FriendlyName
\REGISTRY\USER\S-*\Software\Microsoft\ActiveMovie\devenum\{33D9A761-90C8-11D0-BD43-00A0C911CE86}\2Microsoft ADPCM\CLSID
\REGISTRY\USER\S-*\Software\Microsoft\ActiveMovie\devenum\{33D9A761-90C8-11D0-BD43-00A0C911CE86}\2Microsoft ADPCM\FilterData
\REGISTRY\USER\S-*\Software\Microsoft\ActiveMovie\devenum\{33D9A761-90C8-11D0-BD43-00A0C911CE86}\2Microsoft ADPCM\AcmId
\REGISTRY\USER\S-*\Software\Microsoft\ActiveMovie\devenum\{33D9A761-90C8-11D0-BD43-00A0C911CE86}\6CCITT A-Law\FriendlyName
Other behavior
Behavior description:创建互斥体
details:RasPbFile
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
HKEY_LOCAL_MACHINE_SOFTWARE_Microsoft_Speech_Voices_Tokens_MSSam_Mutex
eed3bd3a-a1ad-4e99-987b-d7cb3fcfa7f0 - S-*
AMResourceMutex2
VideoRenderer
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.IBE
Behavior description:隐藏指定窗口
details:[Window,Class] = [<,AfxWnd42s]
[Window,Class] = [>,AfxWnd42s]
[Window,Class] = [,ComboLBox]
[Window,Class] = [,_EL_CommonDlg]
[Window,Class] = [,_EL_PicBox]
[Window,Class] = [,RichEdit20A]
[Window,Class] = [!!选择杂乱图片 会降低识别率 ,Button]
[Window,Class] = [问题提交,Button]
[Window,Class] = [,Afx:400000:b:10011:1900010:0]
[Window,Class] = [标签,_EL_Label]
[Window,Class] = [,ListBox]
[Window,Class] = [,Afx:400000:8]
[Window,Class] = [,Button]
[Window,Class] = [文字识别无法使用修复,Button]
[Window,Class] = [语音无法使用修复,Button]
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [,文字智能朗读转语音v2.5]
NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
Behavior description:获取系统权限
details:SE_LOAD_DRIVER_PRIVILEGE
Behavior description:获取TickCount值
details:TickCount = 489681, SleepMilliseconds = 10.
TickCount = 489697, SleepMilliseconds = 10.
TickCount = 489713, SleepMilliseconds = 10.
TickCount = 489728, SleepMilliseconds = 10.
TickCount = 489744, SleepMilliseconds = 10.
TickCount = 489760, SleepMilliseconds = 10.
TickCount = 489775, SleepMilliseconds = 10.
TickCount = 489791, SleepMilliseconds = 10.
TickCount = 489806, SleepMilliseconds = 10.
TickCount = 489822, SleepMilliseconds = 10.
TickCount = 489838, SleepMilliseconds = 10.
TickCount = 489853, SleepMilliseconds = 10.
TickCount = 489869, SleepMilliseconds = 10.
TickCount = 489885, SleepMilliseconds = 10.
TickCount = 489900, SleepMilliseconds = 10.
Behavior description:获取光标位置
details:CursorPos = (106,18467), SleepMilliseconds = 10.
CursorPos = (6399,26500), SleepMilliseconds = 10.
CursorPos = (19234,15724), SleepMilliseconds = 10.
CursorPos = (11543,29358), SleepMilliseconds = 10.
CursorPos = (27027,24464), SleepMilliseconds = 10.
CursorPos = (5770,28145), SleepMilliseconds = 10.
CursorPos = (23346,16827), SleepMilliseconds = 10.
CursorPos = (10026,491), SleepMilliseconds = 10.
CursorPos = (3060,11942), SleepMilliseconds = 10.
CursorPos = (4892,5436), SleepMilliseconds = 10.
CursorPos = (32456,14604), SleepMilliseconds = 10.
CursorPos = (3967,153), SleepMilliseconds = 10.
CursorPos = (357,12382), SleepMilliseconds = 10.
CursorPos = (17486,18716), SleepMilliseconds = 10.
CursorPos = (19783,19895), SleepMilliseconds = 10.
Behavior description:窗口信息
details:Pid = 872, Hwnd=0x10358, Text = 确定, ClassName = Button.
Pid = 872, Hwnd=0x1035c, Text = 软件自检模块不存在, ClassName = Static.
Pid = 872, Hwnd=0x10354, Text = 信息:, ClassName = #32770.
Pid = 872, Hwnd=0x1034e, Text = 试听时语句不宜过多 阅读文字不宜超过2千个汗字, ClassName = _EL_Label.
Pid = 872, Hwnd=0x10348, Text = 开始试听, ClassName = Button.
Pid = 872, Hwnd=0x10346, Text = 试听并输出, ClassName = Button(CheckBox).
Pid = 872, Hwnd=0x10344, Text = >>>+, ClassName = Button.
Pid = 872, Hwnd=0x10342, Text = -<<<, ClassName = Button.
Pid = 872, Hwnd=0x10340, Text = 语速, ClassName = Afx:400000:b:10011:1900015:0.
Pid = 872, Hwnd=0x1033e, Text = 阅读调速, ClassName = _EL_Label.
Pid = 872, Hwnd=0x1033c, Text = 超级女声, ClassName = Edit.
Pid = 872, Hwnd=0x10336, Text = 清空文本, ClassName = Button.
Pid = 872, Hwnd=0x10334, Text = 选择语音库, ClassName = _EL_Label.
Pid = 872, Hwnd=0x10308, Text = 标签, ClassName = _EL_Label.
Pid = 872, Hwnd=0x10330, Text = >>>+, ClassName = Button.
Behavior description:获取窗口截图信息
details:Foreground window Info: HWND = 0x050104ee, DC = 0x050104ee.
Foreground window Info: HWND = 0x0a0104ef, DC = 0x0a0104ef.
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
Translated by Keith Miller, United States
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号