VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:86
Behavior list
Basic Information
MD5:d4b8162592e5b5f6048fbd19922531ba
file type:Rar
Production company:
version:
Shell or compiler information:COMPILER:Wise Installer stub [Overlay]
Subfile information:automousekeyf.EXE / 8b87d47cb791bcad3067fd06d053a940 / EXE
jb51.net.txtdumpFile / 1a84430e677616c4c4af9d8c52a70e8a / Unknown
jb51.net.txt / 1a84430e677616c4c4af9d8c52a70e8a / Unknown
automousekeyf.EXEdumpFile / 8b87d47cb791bcad3067fd06d053a940 / EXE
去脚本之家看看.urldumpFile / e2d36aa02f91fe93707a77b977558d39 / Unknown
去脚本之家看看.url / e2d36aa02f91fe93707a77b977558d39 / Unknown
服务器软件.urldumpFile / db4aa2c6c4e0555b3968690756e24836 / Unknown
服务器软件.url / db4aa2c6c4e0555b3968690756e24836 / Unknown
jb51.netdumpFile / d41d8cd98f00b204e9800998ecf8427e / Unknown
Key behavior
Behavior description:在桌面创建快捷方式
details:C:\Documents and Settings\Administrator\桌面\鼠标键盘模拟大师 v6.2 免费版.lnk
C:\Documents and Settings\Administrator\桌面\鼠标键盘模拟大师 v6.2 免费版 使用说明.lnk
Behavior description:隐藏指定窗口
details:[Window,Class] = [,Static]
[Window,Class] = [鼠标键盘模拟大师 v6.2 免费版,#32770]
[Window,Class] = [,AnimateWindow]
Process behavior
Behavior description:创建新文件进程
details:ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GLJ5.tmp, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GLJ5.tmp" C:\Program Files\AutoMouseKey\XTP9601Lib.dll
ImagePath = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GLJ5.tmp, CmdLine = "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GLJ5.tmp" C:\Program Files\AutoMouseKey\keyhook.dll
File behavior
Behavior description:在系统敏感位置(如开始菜单等)释放链接或快捷方式
details:C:\Documents and Settings\Administrator\「开始」菜单\程序\鼠标键盘模拟大师 v6.2 免费版\鼠标键盘模拟大师 v6.2 免费版.lnk
C:\Documents and Settings\Administrator\「开始」菜单\程序\鼠标键盘模拟大师 v6.2 免费版\鼠标键盘模拟大师 v6.2 免费版 使用说明.lnk
C:\Documents and Settings\Administrator\「开始」菜单\程序\鼠标键盘模拟大师 v6.2 免费版\卸载鼠标键盘模拟大师 v6.2 免费版.lnk
Behavior description:重命名文件
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~GLH0000.TMP ---> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GLF9.tmp
C:\Program Files\AutoMouseKey\~GLH0001.TMP ---> C:\Program Files\AutoMouseKey\UNWISE.EXE
C:\Program Files\AutoMouseKey\~GLH0002.TMP ---> C:\Program Files\AutoMouseKey\XTP9601Lib.dll
C:\Program Files\AutoMouseKey\~GLH0003.TMP ---> C:\Program Files\AutoMouseKey\Winio.vxd
C:\Program Files\AutoMouseKey\~GLH0004.TMP ---> C:\Program Files\AutoMouseKey\WinIo.sys
C:\Program Files\AutoMouseKey\~GLH0005.TMP ---> C:\Program Files\AutoMouseKey\corona.smf
C:\Program Files\AutoMouseKey\~GLH0006.TMP ---> C:\Program Files\AutoMouseKey\keyhook.dll
C:\Program Files\AutoMouseKey\~GLH0007.TMP ---> C:\Program Files\AutoMouseKey\SkinMagicTrial.dll
C:\Program Files\AutoMouseKey\~GLH0008.TMP ---> C:\Program Files\AutoMouseKey\WinIo.dll
C:\Program Files\AutoMouseKey\~GLH0009.TMP ---> C:\Program Files\AutoMouseKey\automousekeyhelp.CHM
C:\Program Files\AutoMouseKey\~GLH000a.TMP ---> C:\Program Files\AutoMouseKey\automousekey.exe
C:\Program Files\AutoMouseKey\~GLH000b.TMP ---> C:\Program Files\AutoMouseKey\help.ico
Behavior description:在桌面创建快捷方式
details:C:\Documents and Settings\Administrator\桌面\鼠标键盘模拟大师 v6.2 免费版.lnk
C:\Documents and Settings\Administrator\桌面\鼠标键盘模拟大师 v6.2 免费版 使用说明.lnk
Behavior description:创建可执行文件
details:C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GLC4.tmp
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GLJ5.tmp
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GLK6.tmp
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~GLH0000.TMP
C:\Program Files\AutoMouseKey\~GLH0001.TMP
C:\Program Files\AutoMouseKey\~GLH0002.TMP
C:\Program Files\AutoMouseKey\~GLH0004.TMP
C:\Program Files\AutoMouseKey\~GLH0006.TMP
C:\Program Files\AutoMouseKey\~GLH0007.TMP
C:\Program Files\AutoMouseKey\~GLH0008.TMP
C:\Program Files\AutoMouseKey\~GLH000a.TMP
Behavior description:修改文件内容
details:C:\Program Files\AutoMouseKey\~GLH0003.TMP---> Offset = 0
C:\Program Files\AutoMouseKey\~GLH0005.TMP---> Offset = 65536
C:\Program Files\AutoMouseKey\~GLH0009.TMP---> Offset = 98304
C:\Program Files\AutoMouseKey\~GLH000b.TMP---> Offset = 0
C:\Documents and Settings\Administrator\「开始」菜单\程序\鼠标键盘模拟大师 v6.2 免费版\鼠标键盘模拟大师 v6.2 免费版.lnk---> Offset = 0
C:\Documents and Settings\Administrator\「开始」菜单\程序\鼠标键盘模拟大师 v6.2 免费版\鼠标键盘模拟大师 v6.2 免费版 使用说明.lnk---> Offset = 0
C:\Documents and Settings\Administrator\「开始」菜单\程序\鼠标键盘模拟大师 v6.2 免费版\卸载鼠标键盘模拟大师 v6.2 免费版.lnk---> Offset = 0
C:\Documents and Settings\Administrator\桌面\鼠标键盘模拟大师 v6.2 免费版.lnk---> Offset = 0
C:\Documents and Settings\Administrator\桌面\鼠标键盘模拟大师 v6.2 免费版 使用说明.lnk---> Offset = 0
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\GLG8.tmp---> Offset = 230
C:\PROGRA~1\AUTOMO~1\INSTALL.LOG---> Offset = 0
Registry behavior
Behavior description:修改注册表
details:\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\鼠标键盘模拟大师 v6.2 免费版\DisplayName
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\鼠标键盘模拟大师 v6.2 免费版\UninstallString
\REGISTRY\MACHINE\SOFTWARE\YabaSoft\automousekey\version
\REGISTRY\MACHINE\SOFTWARE\YabaSoft\automousekey\installpath
Other behavior
Behavior description:窗口信息
details:Pid = 1652, Hwnd=0xb016a, Text = 鼠标键盘模拟大师 v6.2 免费版 安装, ClassName = GLBSInstall.
Pid = 1652, Hwnd=0xd01ac, Text = 下一步(&N) >, ClassName = Button.
Pid = 1652, Hwnd=0xb0164, Text = 取消, ClassName = Button.
Pid = 1652, Hwnd=0xb016c, Text = 欢迎使用“鼠标键盘模拟大师 v6.2 免费版”安装程序。本程序将安装“鼠标键盘模拟大师 v6.2 免费版”到您的计算机中。, ClassName = Static.
Pid = 1652, Hwnd=0xb0174, Text = 强烈建议您在运行本安装程序前退出其他所有正在运行的程序。 单击“取消”按钮可以退出安装程序以关闭其他正在运行的程序,或者单击“, ClassName = Static.
Pid = 1652, Hwnd=0xb0170, Text = 鼠标键盘模拟大师 v6.2 免费版, ClassName = GLBSWizard.
Pid = 1652, Hwnd=0xe0190, Text = 下一步(&N) >, ClassName = Button.
Pid = 1652, Hwnd=0xc0174, Text = < 上一步(&B), ClassName = Button.
Pid = 1652, Hwnd=0xc016c, Text = 取消, ClassName = Button.
Pid = 1652, Hwnd=0xc0164, Text = 本安装程序将安装“鼠标键盘模拟大师 v6.2 免费版”到下边的目录中。 若想安装到不同的目录,请单击“浏览”按钮,并选择另外的目录。 , ClassName = Static.
Pid = 1652, Hwnd=0xe01ac, Text = 目标目录, ClassName = Button(GroupBox).
Pid = 1652, Hwnd=0xc01b6, Text = 浏览(&R)..., ClassName = Button.
Pid = 1652, Hwnd=0xe01b8, Text = C:\Program Files\AutoMouseKey, ClassName = Static.
Pid = 1652, Hwnd=0xb01e0, Text = 请选择目标目录, ClassName = Static.
Pid = 1652, Hwnd=0xb01a2, Text = Wise 安装向导 , ClassName = Static.
Behavior description:隐藏指定窗口
details:[Window,Class] = [,Static]
[Window,Class] = [鼠标键盘模拟大师 v6.2 免费版,#32770]
[Window,Class] = [,AnimateWindow]
Behavior description:获取系统权限
details:SE_LOAD_DRIVER_PRIVILEGE
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号