VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

File information
Safety rating:46
Behavior list
Basic Information
MD5:f1f9c737b1e5228e383f64ea3d72938a
file type:Rar
Production company:
version:
Shell or compiler information:COMPILER:Elan
Subfile information:水淼·GIF动画录制精灵.exedumpFile / 1650e2fdf54be293968f5315f55073f8 / EXE
水淼·GIF动画录制精灵.exe / 1650e2fdf54be293968f5315f55073f8 / EXE
下载说明.htmdumpFile / 98ff68c0fdfcfda488faa60fbac6cc9b / Unknown
下载说明.htm / 98ff68c0fdfcfda488faa60fbac6cc9b / Unknown
水淼·GIF动画录制精灵dumpFile / d41d8cd98f00b204e9800998ecf8427e / Unknown
Key behavior
Behavior description:获取TickCount值
details:TickCount = 1074135, SleepMilliseconds = 10.
TickCount = 1074166, SleepMilliseconds = 10.
TickCount = 1074228, SleepMilliseconds = 10.
TickCount = 1074416, SleepMilliseconds = 10.
TickCount = 1084119, SleepMilliseconds = 10.
TickCount = 1084181, SleepMilliseconds = 10.
TickCount = 1084228, SleepMilliseconds = 10.
TickCount = 1084260, SleepMilliseconds = 10.
TickCount = 1086150, SleepMilliseconds = 10.
TickCount = 1086431, SleepMilliseconds = 10.
TickCount = 1091869, SleepMilliseconds = 10.
TickCount = 1091885, SleepMilliseconds = 10.
TickCount = 1092135, SleepMilliseconds = 10.
TickCount = 1102103, SleepMilliseconds = 10.
TickCount = 1102181, SleepMilliseconds = 10.
Process behavior
Behavior description:创建本地线程
details:TargetProcess: 水淼·GIF动画录制精灵.exe, InheritedFromPID = 1944, ProcessID = 1560, ThreadID = 896, StartAddress = 0040E96A, Parameter = 00000000
File behavior
Behavior description:删除文件
details:C:\Documents and Settings\Administrator\Local Settings\Temp\新位图操作类_载入位图.bmp
Behavior description:修改文件内容
details:C:\Documents and Settings\Administrator\Local Settings\Temp\新位图操作类_载入位图.bmp ---> Offset = 0
Other behavior
Behavior description:创建互斥体
details:CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
MSCTF.Shared.MUTEX.IOD
Behavior description:创建事件对象
details:EventName = DINPUTWINMM
EventName = MSCTF.SendReceive.Event.IOD.IC
EventName = MSCTF.SendReceiveConection.Event.IOD.IC
Behavior description:查找指定窗口
details:NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
Behavior description:获取TickCount值
details:TickCount = 1074135, SleepMilliseconds = 10.
TickCount = 1074166, SleepMilliseconds = 10.
TickCount = 1074228, SleepMilliseconds = 10.
TickCount = 1074416, SleepMilliseconds = 10.
TickCount = 1084119, SleepMilliseconds = 10.
TickCount = 1084181, SleepMilliseconds = 10.
TickCount = 1084228, SleepMilliseconds = 10.
TickCount = 1084260, SleepMilliseconds = 10.
TickCount = 1086150, SleepMilliseconds = 10.
TickCount = 1086431, SleepMilliseconds = 10.
TickCount = 1091869, SleepMilliseconds = 10.
TickCount = 1091885, SleepMilliseconds = 10.
TickCount = 1092135, SleepMilliseconds = 10.
TickCount = 1102103, SleepMilliseconds = 10.
TickCount = 1102181, SleepMilliseconds = 10.
Behavior description:窗口信息
details:Pid = 1560, Hwnd=0x103a4, Text = 软件主页, ClassName = _EL_HyperLinker.
Pid = 1560, Hwnd=0x103a2, Text = 软件说明, ClassName = _EL_HyperLinker.
Pid = 1560, Hwnd=0x103a0, Text = 高级设置>>, ClassName = _EL_HyperLinker.
Pid = 1560, Hwnd=0xd0308, Text = 保存动画, ClassName = _EL_HyperLinker.
Pid = 1560, Hwnd=0xc02f8, Text = 预览播放, ClassName = _EL_HyperLinker.
Pid = 1560, Hwnd=0xc0306, Text = 停止录制(F10), ClassName = _EL_HyperLinker.
Pid = 1560, Hwnd=0x902fc, Text = 开始录制(F9), ClassName = _EL_HyperLinker.
Pid = 1560, Hwnd=0xa0322, Text = 增强设置, ClassName = Button(GroupBox).
Pid = 1560, Hwnd=0x1402bc, Text = 缩到托盘, ClassName = Button(CheckBox).
Pid = 1560, Hwnd=0x70342, Text = 自动清空帧(避免储存空间占满,但这将不能保存动画), ClassName = Button(CheckBox).
Pid = 1560, Hwnd=0x80312, Text = PNG, ClassName = ComboBox.
Pid = 1560, Hwnd=0x60348, Text = .., ClassName = Button.
Pid = 1560, Hwnd=0x90350, Text = \帧文件夹, ClassName = Edit.
Pid = 1560, Hwnd=0xc030c, Text = 保存每帧图到, ClassName = Button(CheckBox).
Pid = 1560, Hwnd=0x7033a, Text = 3, ClassName = Edit.
Behavior description:隐藏指定窗口
details:[Window,Class] = [,ComboLBox]
[Window,Class] = [,tooltips_class32]
[Window,Class] = [,_EL_CommonDlg]
[Window,Class] = [,_EL_DrawPanel]
[Window,Class] = [,_EL_Timer]
[Window,Class] = [,WTWindow]
[Window,Class] = [水淼·GIF动画录制精灵 v1.1.0.0,WTWindow]
Run screenshot
VirSCAN

About VirSCAN | Privacy Policy | Contact us | Links | Help VirSCAN
中国反网络病毒联盟
Powered By CentOSpol

京ICP备11007605号-12

pol

京公网安备 11010802020746号