VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Basic Information

MD5: 67921afe26d32145e741d09596b82901
file type: EXE
Production company:
version:
Shell or compiler information: COMPILER:不是有效的PE文件
{$lang.habo.subfile_info}>: WinRAR.exe / 775b5ab4b2904acdf02f8021fe0b5c90 / EXE
WinRAR.exe / 775b5ab4b2904acdf02f8021fe0b5c90 / EXE

Key behavior

Behavior description: 获取窗口截图信息
details: Foreground window Info: HWND = 0x00000000, DC = 0x2e010784.
Foreground window Info: HWND = 0x00000000, DC = 0x27010778.
Foreground window Info: HWND = 0x00000000, DC = 0x85010558.
Foreground window Info: HWND = 0x00000000, DC = 0x86010558.
Foreground window Info: HWND = 0x00000000, DC = 0x5401075a.
Foreground window Info: HWND = 0x00000000, DC = 0x2b010771.
Foreground window Info: HWND = 0x00000000, DC = 0x5501075a.

File behavior

Behavior description: 查找文件
details: FileName = C:\WINDOWS\FONTS\EUDC.TTE

Other behavior

Behavior description: 检测自身是否被调试
details: N/A
Behavior description: 创建互斥体
details: Local\SessionImmersiveColorMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
SmartScreen_AppRepSettings_Mutex
SmartScreen_ClientId_Mutex
CommunicationManager_Mutex
!IECompat!Mutex
Behavior description: 隐藏指定窗口
details: [Window,Class] = [,ComboLBox]
[Window,Class] = [,RichEdit20W]
[Window,Class] = [Если вы согласны с условиями Лицензионного соглашения, нажмите кнопку "Установить". Если не согласны, нажмите кнопку "Отмена".,Static]
[Window,Class] = [,Internet Explorer_Server]
Behavior description: 查找指定窗口
details: FindWindowExW: [Class,Window] = [EDIT,]
FindWindowW: [Class,Window] = [ApplicationManager_DesktopShellWindow,]
FindWindowW: [Class,Window] = [MS_AutodialMonitor,]
FindWindowW: [Class,Window] = [MS_WebCheckMonitor,]
FindWindowExW: [Class,Window] = [OleMainThreadWndClass,]
Behavior description: 打开事件
details: \KernelObjects\MaximumCommitCondition
MSFT.VSA.COM.DISABLE.3028
MSFT.VSA.IEC.STATUS.6c736db0
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Global\TabletHardwarePresent
Behavior description: 窗口信息
details: Pid = 3028, Hwnd=0x102a4, Text = TITLE_BMP, ClassName = Static.
Pid = 3028, Hwnd=0x102a6, Text = Copyright © 1993-2016, ClassName = Static.
Pid = 3028, Hwnd=0x102a8, Text = Александр Рошал, ClassName = Static.
Pid = 3028, Hwnd=0x102ac, Text = &Папка назначения, ClassName = Static.
Pid = 3028, Hwnd=0xb0282, Text = C:\Program Files\WinRAR, ClassName = ComboBox.
Pid = 3028, Hwnd=0x102b0, Text = C:\Program Files\WinRAR, ClassName = Edit.
Pid = 3028, Hwnd=0x102b2, Text = &Обзор..., ClassName = Button.
Pid = 3028, Hwnd=0x102ba, Text = Если вы согласны с условиями Лицензионного соглашения, нажмите кнопку "Установить". Если не согласны, нажмите кнопку "Отмена"., ClassName = Static.
Pid = 3028, Hwnd=0x102bc, Text = Установить, ClassName = Button.
Pid = 3028, Hwnd=0x102be, Text = Отмена, ClassName = Button.
Pid = 3028, Hwnd=0x1029c, Text = WinRAR 5.40 (русская 64-разрядная версия), ClassName = #32770.
Behavior description: 获取窗口截图信息
details: Foreground window Info: HWND = 0x00000000, DC = 0x2e010784.
Foreground window Info: HWND = 0x00000000, DC = 0x27010778.
Foreground window Info: HWND = 0x00000000, DC = 0x85010558.
Foreground window Info: HWND = 0x00000000, DC = 0x86010558.
Foreground window Info: HWND = 0x00000000, DC = 0x5401075a.
Foreground window Info: HWND = 0x00000000, DC = 0x2b010771.
Foreground window Info: HWND = 0x00000000, DC = 0x5501075a.
Behavior description: 打开互斥体
details: DefaultTabtip-MainUI
Local\MSCTF.Asm.MutexDefault1S-1-5-21-1170589654-2814428265-349930785-500
CicLoadWinStaWinSta0
Local\MSCTF.CtfMonitorInstMutexDefault1
Global\Windows.Machine.OOBE

Run screenshot

VirSCAN