VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2016-08-21 12:09:36 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 2
avast 150725-1 4.7.4 2015-07-25 Found nothing 60
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 15
baidusd 1.0 1.0 2014-04-02 Found nothing 2
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
clamav 19861 0.97.5 2014-12-31 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
gdata 25.7956 25.7956 2016-08-20 Found nothing 10
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 46
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2013-09-22 Found nothing 12
mcafee 7638 5400.1158 2014-11-30 Found nothing 60
nod32 0920 3.0.21 2014-12-23 Found nothing 60
panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 8
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
quickheal 14.00 14.00 2015-07-25 Found nothing 3
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 6
sophos 5.08 3.55.0 2014-12-01 Found nothing 60
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 9
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 3
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 16
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.VIBRATE 允许设备震动
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
org.openintents.ssh.permission.ACCESS_SSH_AGENT
android.permission.GET_ACCOUNTS 访问账户列表
android.permission.MANAGE_ACCOUNTS 管理账户
android.permission.AUTHENTICATE_ACCOUNTS 验证账户
android.permission.READ_SYNC_SETTINGS 读取同步设置
android.permission.READ_SYNC_STATS 读取同步状态
android.permission.WRITE_SYNC_SETTINGS 写入同步设置
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:a28d44c9e773369ee841e85bd0a49336
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.madgag.agit
最低运行环境:Android 2.1.x
版权:Android
关键行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
C:\Documents and Settings\Administrator\IECompatCache
行为描述: 获取TickCount值
详情信息: TickCount = 5362671, SleepMilliseconds = 250.
进程行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
C:\Documents and Settings\Administrator\IECompatCache
行为描述: 获取TickCount值
详情信息: TickCount = 5362671, SleepMilliseconds = 250.
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E27BF0A2-6709-11E6-91BE-7B****28}.dat
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE0B.tmp
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\wpad[1].dat
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E27BF0A3-6709-11E6-91BE-7B****28}.dat
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF402B.tmp
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E619010A-6709-11E6-91BE-7B****28}.dat
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF5EED.tmp
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{ECE575AA-6709-11E6-91BE-7B****28}.dat
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF9486.tmp
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\fwlink[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\favicon[1].ico
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\dnserrordiagoff[1]
行为描述: 创建可执行文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
行为描述: 覆盖已有文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\dnserrordiagoff[1]
行为描述: 查找文件
详情信息: FileName = C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
FileName = C:\WINDOWS\Microsoft.NET\Framework\\*
FileName = C:\Program Files\Internet Explorer\iexplore.exe
FileName = C:\Program Files\Common Files\Adobe
FileName = C:\Program Files\Common Files\Adobe\Acrobat
FileName = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX
FileName = C:\Program Files\Java
FileName = C:\Program Files\Java\jre7
FileName = C:\Program Files\Java\jre7\bin
FileName = C:\Program Files\Java\jre7\bin\jp2ssv.dll
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
FileName = C:\WINDOWS\system32\Ras\*.pbk
行为描述: 删除文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE0B.tmp
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\wpad[1].dat
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF402B.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF5EED.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF9486.tmp
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\fwlink[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\favicon[1].ico
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\dnserrordiagoff[2]
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
C:\Documents and Settings\Administrator\IECompatCache
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E27BF0A2-6709-11E6-91BE-7B****28}.dat ---> Offset = 512
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E27BF0A2-6709-11E6-91BE-7B****28}.dat ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE0B.tmp ---> Offset = 16383
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE0B.tmp ---> Offset = 12288
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E27BF0A2-6709-11E6-91BE-7B****28}.dat ---> Offset = 3072
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E27BF0A2-6709-11E6-91BE-7B****28}.dat ---> Offset = 1536
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E27BF0A3-6709-11E6-91BE-7B****28}.dat ---> Offset = 512
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E27BF0A3-6709-11E6-91BE-7B****28}.dat ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF402B.tmp ---> Offset = 16383
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF402B.tmp ---> Offset = 12288
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E27BF0A3-6709-11E6-91BE-7B****28}.dat ---> Offset = 3072
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{E27BF0A3-6709-11E6-91BE-7B****28}.dat ---> Offset = 1536
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E619010A-6709-11E6-91BE-7B****28}.dat ---> Offset = 512
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{E619010A-6709-11E6-91BE-7B****28}.dat ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\~DF5EED.tmp ---> Offset = 16383
网络行为
VirSCANVirSCAN
行为描述: 联网打开网址
详情信息: InternetOpenUrlA: http://**.133.40.**:128/wpad.dat, hInternet = 0x00cc0004, Flags = 0x80000010
InternetOpenUrlA: http://**.133.40.**:128/wpad.dat, hInternet = 0x00cc0010, Flags = 0x00000010
行为描述: 下载文件
详情信息: URLDownloadToFileW: http://ww****om/favicon.ico ---> C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
行为描述: 打开指定IE网页
详情信息: http://go****om/fwlink/?LinkID=134774&rClrVer=v4.0
行为描述: 连接指定站点
详情信息: InternetConnectA: ServerName = **.133.40.**, PORT = 128, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x80000010
InternetConnectA: ServerName = go****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
InternetConnectA: ServerName = **.133.40.**, PORT = 128, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000010
InternetConnectA: ServerName = ww****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
InternetConnectA: ServerName = ur****om, PORT = 443, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000200
行为描述: 打开HTTP连接
详情信息: InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0), hSession = 0x00cc0004
InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489), hSession = 0x00cc0004
InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0), hSession = 0x00cc0010
InternetOpenA: UserAgent: VCSoapClient, hSession = 0x00cc0010
行为描述: 建立到一个指定的套接字连接
详情信息: URL: wpad, IP: **.133.40.**:128, SOCKET = 0x000004b8
URL: wpad, IP: **.133.40.**:128, SOCKET = 0x000004b4
URL: wpad, IP: **.133.40.**:128, SOCKET = 0x00000530
URL: go****om, IP: **.133.40.**:80, SOCKET = 0x0000053c
URL: go****om, IP: **.133.40.**:80, SOCKET = 0x00000570
URL: ww****om, IP: **.133.40.**:80, SOCKET = 0x000005dc
URL: ur****om, IP: **.133.40.**:443, SOCKET = 0x000005f8
行为描述: 读取网络文件
详情信息: hFile = 0x00cc000c, BytesToRead =4010, BytesRead = 4010.
hFile = 0x00cc0018, BytesToRead =4010, BytesRead = 4010.
hFile = 0x00cc000c, BytesToRead =4096, BytesRead = 4096.
行为描述: 发送HTTP包
详情信息: GET /wpad.dat HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0) Host: **.133.40.**:128 Cache-Control: no-cache
GET /wpad.dat HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0) Host: **.133.40.**:128
GET /fwlink/?LinkID=134774&rClrVer=v4.0 HTTP/1.1 Accept: */* Accept-Language: zh-cn User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Accept-Encoding: gzip, deflate Host: go****om Connection: Keep-Alive
GET /fwlink/?LinkID=134774&rClrVer=v4.0 HTTP/1.1 Accept: */* Accept-Language: zh-cn Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: go****om Connection: Keep-Alive
GET /favicon.ico HTTP/1.1 Accept: */* Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; KB974489) Host: ww****om Connection: Keep-Alive
行为描述: 打开HTTP请求
详情信息: HttpOpenRequestA: **.133.40.**:128/wpad.dat, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x80000010
HttpOpenRequestA: go****om:80/fwlink/?linkid=134774&rclrver=v4.0, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400000
HttpOpenRequestA: **.133.40.**:128/wpad.dat, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: GET, Referer: , Flags = 0x00000010
HttpOpenRequestA: ww****om:80/favicon.ico, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00600010
HttpOpenRequestA: go****om:80/fwlink/?linkid=134774&rclrver=v4.0, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x00400010
HttpOpenRequestA: ur****om:443/urs.asmx?msurs-client-key=spz2lusutbpyh4td4vf5hq%3d%3d&msurs-patented-lock=xhadhvse%2bh4%3d, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: POST, Referer: , Flags = 0x04880300
行为描述: 按名称获取主机地址
详情信息: GetAddrInfoW: computer
GetAddrInfoW: wpad
GetAddrInfoW: go****om
GetAddrInfoW: ww****om
GetAddrInfoW: ur****om
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
\REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\Recovery\Active\{E27BF0A2-6709-11E6-91BE-7B****28}
\REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\{63800dac-e7ca-4df9-9a5c-20765055488d}\Enable
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}\1.1\0\win32\
\REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\Recovery\Active\{E619010A-6709-11E6-91BE-7B****28}
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Count
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\Time
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\LoadTime
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\iexplore\LoadTimeCount
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Count
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}\iexplore\Time
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32\ThreadingModel
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\
行为描述: 删除注册表键值
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
\REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\Expiration
\REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\Expiration
行为描述: 删除注册表键
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\{63800dac-e7ca-4df9-9a5c-20765055488d}\
\REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\
\REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\
\REGISTRY\USER\S-*\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\
\REGISTRY\USER\S-*_CLASSES\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\
\REGISTRY\USER\S-*_CLASSES\JavaPlugin.1000\CLSID\
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
Local\!BrowserEmulation!SharedMemory!Mutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
RasPbFile
ConnHashTable<3216>_HashTable_Mutex
Local\ZonesCounterMutex
oleacc-msaa-loaded
行为描述: 创建事件对象
详情信息: EventName = Isolation Signal Registry Event (E27BF09F-6709-11E6-91BE-7B****28, 0)
EventName = IE_EarlyTabStart_0xc94
EventName = Isolation Signal Registry Event (E27BF0A0-6709-11E6-91BE-7B****28, 0)
EventName = DINPUTWINMM
EventName = Global\userenv: User Profile setup event
EventName = Global\crypt32LogoffEvent
EventName = Local\IEDDEExecuteEvent
EventName = Isolation Signal Registry Event (E6190107-6709-11E6-91BE-7B****28, 0)
EventName = Local\RSS Eventing Event Event 00000c90
EventName = IE_EarlyTabStart_0xd20
EventName = Isolation Signal Registry Event (E6190108-6709-11E6-91BE-7B****28, 0)
EventName = MSCTF.SendReceive.Event.EJM.IC
EventName = MSCTF.SendReceiveConection.Event.EJM.IC
EventName = Local\RSS Eventing Event Event 00000d1c
EventName = Local\cc4_29
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [IEFrame,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [Static,]
NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000041
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000041
MSCTF.SendReceiveConection.Event.ELH.IC
MSCTF.SendReceive.Event.ELH.IC
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Isolation Signal Registry Event (E27BF09F-6709-11E6-91BE-7B****28, 0)
Global\SvcctrlStartEvent_A3752DX
\INSTALLATION_SECURITY_HOLD
Isolation Signal Registry Event (E27BF0A0-6709-11E6-91BE-7B****28, 0)
IE_EarlyTabStart_0xc94
_fCanRegisterWithShellService
MSFT.VSA.COM.DISABLE.3216
MSFT.VSA.IEC.STATUS.6c736db0
Global\crypt32LogoffEvent
行为描述: 获取TickCount值
详情信息: TickCount = 5362671, SleepMilliseconds = 250.
行为描述: 调整进程token权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 窗口信息
详情信息: Pid = 3152, Hwnd=0x1002c8, Text = 是(&Y), ClassName = Button.
Pid = 3152, Hwnd=0x1802fe, Text = 否(&N), ClassName = Button.
Pid = 3152, Hwnd=0x503b0, Text = To run this application, you first must install one of the following versions of the .NET Framework: .NETFramework,Version=v4., ClassName = Static.
Pid = 3152, Hwnd=0xa0358, Text = NecroBot.exe - .NET Framework Initialization Error, ClassName = #32770.
行为描述: 可执行文件签名信息
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico(签名验证: 未通过)
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,BrowserFrameGripperClass]
[Window,Class] = [缩放级别,ToolbarWindow32]
[Window,Class] = [,msctls_progress32]
[Window,Class] = [,SysLink]
[Window,Class] = [,Static]
[Window,Class] = [文件大小未知,Static]
[Window,Class] = [打开此类文件前总是询问(&W),Button]
[Window,Class] = [发行者:,Static]
[Window,Class] = [Windows Internet Explorer,IEFrame]
[Window,Class] = [,UniversalSearchBand]
[Window,Class] = [,TravelBand]
[Window,Class] = [,CommandBarClass]
[Window,Class] = [,ReBarWindow32]
[Window,Class] = [,TabBandClass]
行为描述: 可执行文件MD5
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico ---> fe1d0ee5901dd167ee9b28eece31786c
行为描述: 打开互斥体
详情信息: ShimCacheMutex
Local\!IETld!Mutex
Local\_!MSFTHISTORY!_
Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
Local\c:!documents and settings!administrator!cookies!
Local\c:!documents and settings!administrator!local settings!history!history.ie5!
Local\WininetStartupMutex
Local\WininetConnectionMutex
Local\WininetProxyRegistryMutex
Local\!BrowserEmulation!SharedMemory!Mutex
RasPbFile
CtfmonInstMutexDefaultS-*
Local\RSS Eventing Connection Database Mutex 00000c90
Local\c:!documents and settings!administrator!local settings!application data!microsoft!feeds cache!
Local\RSS Eventing Connection Database Mutex 00000d1c
Activities
VirSCANVirSCAN
活动名 类型
DashboardActivity android.intent.action.MAIN
DashboardActivity android.intent.category.LAUNCHER
AboutActivity android.intent.category.DEFAULT
.AboutUsingSshActivity android.intent.category.DEFAULT
RepositoryViewerActivity org.openintents.git.repo.VIEW
RepositoryViewerActivity android.intent.action.VIEW
RepositoryViewerActivity android.intent.category.DEFAULT
RDTypeListActivity org.openintents.git.remote.LIST
RDTypeListActivity org.openintents.git.tag.LIST
RDTypeListActivity android.intent.category.DEFAULT
RDTBranchListActivity org.openintents.git.branch.LIST
RDTBranchListActivity android.intent.category.DEFAULT
BranchViewer org.openintents.git.branch.VIEW
BranchViewer android.intent.category.DEFAULT
TagViewer org.openintents.git.tag.VIEW
TagViewer android.intent.category.DEFAULT
CommitViewerActivity org.openintents.git.commit.VIEW
CommitViewerActivity android.intent.category.DEFAULT
CloneLauncherActivity org.openintents.git.clone.PREPARE
CloneLauncherActivity android.intent.category.DEFAULT
SuggestRepoActivity org.openintents.git.repo.SUGGEST
SuggestRepoActivity android.intent.category.DEFAULT
.weblaunchers.GitProtocolLaunchActivity android.intent.action.VIEW
.weblaunchers.GitProtocolLaunchActivity android.intent.category.DEFAULT
.weblaunchers.GitProtocolLaunchActivity android.intent.category.BROWSABLE
.weblaunchers.GitHubWebLaunchActivity android.intent.action.VIEW
.weblaunchers.GitHubWebLaunchActivity android.intent.category.DEFAULT
.weblaunchers.GitHubWebLaunchActivity android.intent.category.BROWSABLE
.weblaunchers.GitoriousWebLaunchActivity android.intent.action.VIEW
.weblaunchers.GitoriousWebLaunchActivity android.intent.category.DEFAULT
.weblaunchers.GitoriousWebLaunchActivity android.intent.category.BROWSABLE
.weblaunchers.GoogleCodeWebLaunchActivity android.intent.action.VIEW
.weblaunchers.GoogleCodeWebLaunchActivity android.intent.category.DEFAULT
.weblaunchers.GoogleCodeWebLaunchActivity android.intent.category.BROWSABLE
.weblaunchers.BitBucketWebLaunchActivity android.intent.action.VIEW
.weblaunchers.BitBucketWebLaunchActivity android.intent.category.DEFAULT
.weblaunchers.BitBucketWebLaunchActivity android.intent.category.BROWSABLE
危险函数
VirSCANVirSCAN
函数名称 信息
android/app/NotificationManager;->notify 信息通知栏
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.VIBRATE 允许设备震动
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
org.openintents.ssh.permission.ACCESS_SSH_AGENT
android.permission.GET_ACCOUNTS 访问账户列表
android.permission.MANAGE_ACCOUNTS 管理账户
android.permission.AUTHENTICATE_ACCOUNTS 验证账户
android.permission.READ_SYNC_SETTINGS 读取同步设置
android.permission.READ_SYNC_STATS 读取同步状态
android.permission.WRITE_SYNC_SETTINGS 写入同步设置
服务列表
VirSCANVirSCAN
名称
com.madgag.agit.GitOperationsService
com.madgag.agit.sync.AccountAuthenticatorService
com.madgag.agit.sync.AgitSyncAdapterService
Providers
VirSCANVirSCAN
名称 信息
com.madgag.agit.GitOperationsService
com.madgag.agit.sync.AccountAuthenticatorService
com.madgag.agit.sync.AgitSyncAdapterService
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0x754513b7
META-INF/CERT.SF 0x27f2cc0d
META-INF/CERT.RSA 0xe1667b8e
AndroidManifest.xml 0x24af4122
about.html 0x4c3391d3
assets/CREDITS.markdown 0xcec4ab82
assets/Using-SSH.markdown 0xc58ab5d0
classes.dex 0xc948d95d
org/eclipse/jgit/JGitText.properties 0xe8a73974
org/eclipse/jgit/storage/dfs/DfsText.properties 0x5d0e5704
plugin.properties 0x668dab7e
res/anim/pull_child_in.xml 0xaa9ce82f
res/anim/pull_parent_in.xml 0x5519cef9
res/anim/push_child_out.xml 0x83b9875e
res/anim/push_parent_out.xml 0x31262d0c
res/anim/slide_in_from_bottom.xml 0xc9e47785
res/anim/slide_in_from_top.xml 0xcff16914
res/anim/slide_out_to_bottom.xml 0xd77c2bb8
res/anim/slide_out_to_top.xml 0x4fc7d2ee
res/color/abs__primary_text_disable_only_holo_dark.xml 0xe68f0370
res/color/abs__primary_text_disable_only_holo_light.xml 0x75907c0a
res/color/abs__primary_text_holo_dark.xml 0xdb84cf25
res/color/abs__primary_text_holo_light.xml 0x27e52d1
res/drawable-hdpi/abs__ab_bottom_solid_dark_holo.9.png 0x2a5170de
res/drawable-hdpi/abs__ab_bottom_solid_inverse_holo.9.png 0xbd09653b
res/drawable-hdpi/abs__ab_bottom_solid_light_holo.9.png 0x29355cf7
res/drawable-hdpi/abs__ab_bottom_transparent_dark_holo.9.png 0x18c6edaa
res/drawable-hdpi/abs__ab_bottom_transparent_light_holo.9.png 0xe9136d
res/drawable-hdpi/abs__ab_share_pack_holo_dark.9.png 0xe504decd
res/drawable-hdpi/abs__ab_share_pack_holo_light.9.png 0x1c3ac42
res/drawable-hdpi/abs__ab_solid_dark_holo.9.png 0xa39d484f
res/drawable-hdpi/abs__ab_solid_light_holo.9.png 0xb6e03b91
res/drawable-hdpi/abs__ab_solid_shadow_holo.9.png 0x8663aad3
res/drawable-hdpi/abs__ab_stacked_solid_dark_holo.9.png 0x909db13
res/drawable-hdpi/abs__ab_stacked_solid_light_holo.9.png 0xde0e075f
res/drawable-hdpi/abs__ab_stacked_transparent_dark_holo.9.png 0x2eb3885a
res/drawable-hdpi/abs__ab_stacked_transparent_light_holo.9.png 0x5e205a10
res/drawable-hdpi/abs__ab_transparent_dark_holo.9.png 0xfca261e7
res/drawable-hdpi/abs__ab_transparent_light_holo.9.png 0xe7ff01af
res/drawable-hdpi/abs__btn_cab_done_default_holo_dark.9.png 0x4fe60e82
res/drawable-hdpi/abs__btn_cab_done_default_holo_light.9.png 0x95037a54
res/drawable-hdpi/abs__btn_cab_done_focused_holo_dark.9.png 0x41ae12a8
res/drawable-hdpi/abs__btn_cab_done_focused_holo_light.9.png 0x1bdcb021
res/drawable-hdpi/abs__btn_cab_done_pressed_holo_dark.9.png 0xe68cf03e
res/drawable-hdpi/abs__btn_cab_done_pressed_holo_light.9.png 0xa437f1eb
res/drawable-hdpi/abs__cab_background_bottom_holo_dark.9.png 0x6f320319
res/drawable-hdpi/abs__cab_background_bottom_holo_light.9.png 0x178e620c
res/drawable-hdpi/abs__cab_background_top_holo_dark.9.png 0x5cfcf75c
res/drawable-hdpi/abs__cab_background_top_holo_light.9.png 0xffd6c088
res/drawable-hdpi/abs__dialog_full_holo_dark.9.png 0x9aa304b6
res/drawable-hdpi/abs__dialog_full_holo_light.9.png 0x97d9f6dc
res/drawable-hdpi/abs__ic_ab_back_holo_dark.png 0x174488a8
res/drawable-hdpi/abs__ic_ab_back_holo_light.png 0x4dcc2ed8
res/drawable-hdpi/abs__ic_cab_done_holo_dark.png 0x32a65180
res/drawable-hdpi/abs__ic_cab_done_holo_light.png 0x91f0698a
res/drawable-hdpi/abs__ic_menu_moreoverflow_normal_holo_dark.png 0x13804a99
res/drawable-hdpi/abs__ic_menu_moreoverflow_normal_holo_light.png 0x3a4b4477
res/drawable-hdpi/abs__ic_menu_share_holo_dark.png 0x2a6c5116
res/drawable-hdpi/abs__ic_menu_share_holo_light.png 0x3e081d60
res/drawable-hdpi/abs__list_activated_holo.9.png 0x9ee3dd42
res/drawable-hdpi/abs__list_divider_holo_dark.9.png 0xe4823600
res/drawable-hdpi/abs__list_divider_holo_light.9.png 0xb0dc2b05
res/drawable-hdpi/abs__list_focused_holo.9.png 0x4706c1df
res/drawable-hdpi/abs__list_longpressed_holo.9.png 0x9ee3dd42
res/drawable-hdpi/abs__list_pressed_holo_dark.9.png 0x816ffde7
res/drawable-hdpi/abs__list_pressed_holo_light.9.png 0x816ffde7
res/drawable-hdpi/abs__list_selector_disabled_holo_dark.9.png 0x5f501b8d
res/drawable-hdpi/abs__list_selector_disabled_holo_light.9.png 0x63f15616
res/drawable-hdpi/abs__menu_dropdown_panel_holo_dark.9.png 0xa9304852
res/drawable-hdpi/abs__menu_dropdown_panel_holo_light.9.png 0x780099d8
res/drawable-hdpi/abs__progress_bg_holo_dark.9.png 0x7b6f1c96
res/drawable-hdpi/abs__progress_bg_holo_light.9.png 0xf5f73187
res/drawable-hdpi/abs__progress_primary_holo_dark.9.png 0x3f8a1a53
res/drawable-hdpi/abs__progress_primary_holo_light.9.png 0x3f8a1a53
res/drawable-hdpi/abs__progress_secondary_holo_dark.9.png 0xd86939a
res/drawable-hdpi/abs__progress_secondary_holo_light.9.png 0xd86939a
res/drawable-hdpi/abs__spinner_48_inner_holo.png 0xd4056310
res/drawable-hdpi/abs__spinner_48_outer_holo.png 0xd3f129c3
res/drawable-hdpi/abs__spinner_ab_default_holo_dark.9.png 0xf06791f5
res/drawable-hdpi/abs__spinner_ab_default_holo_light.9.png 0xa673dd59
res/drawable-hdpi/abs__spinner_ab_disabled_holo_dark.9.png 0x6b43deb3
res/drawable-hdpi/abs__spinner_ab_disabled_holo_light.9.png 0xc5e8f706
res/drawable-hdpi/abs__spinner_ab_focused_holo_dark.9.png 0xb5ea16c1
res/drawable-hdpi/abs__spinner_ab_focused_holo_light.9.png 0x45d13548
res/drawable-hdpi/abs__spinner_ab_pressed_holo_dark.9.png 0xfedc1188
res/drawable-hdpi/abs__spinner_ab_pressed_holo_light.9.png 0x7c7c4bb4
res/drawable-hdpi/abs__tab_selected_focused_holo.9.png 0x18146f4e
res/drawable-hdpi/abs__tab_selected_holo.9.png 0xc88b0629
res/drawable-hdpi/abs__tab_selected_pressed_holo.9.png 0x3461add3
res/drawable-hdpi/abs__tab_unselected_pressed_holo.9.png 0x3f9a3680
res/drawable-hdpi/actionbar_back_indicator.png 0xd211a9c0
res/drawable-hdpi/actionbar_stripe.png 0x2d9892ce
res/drawable-hdpi/agit_dashboard_logo.png 0x885db67e
res/drawable-hdpi/agit_notification_icon.png 0x262a7e57
res/drawable-hdpi/blob_icon.png 0x5e02e3e4
res/drawable-hdpi/branch_icon.png 0x9c8ff17a
res/drawable-hdpi/clone_picture.png 0x9356eb03
res/drawable-hdpi/commit_icon.png 0x7e7545f9
res/drawable-hdpi/commit_icon_small.png 0x4c69e39c
res/drawable-hdpi/default_ptr_drawable.png 0x5fa75c23
res/drawable-hdpi/ic_pulltorefresh_arrow.png 0x32192a53
res/drawable-hdpi/ic_refresh.png 0x1d97bbe0
res/drawable-hdpi/icon.png 0xa5b6f8c0
res/drawable-hdpi/loading_34.png 0x29305d3c
res/drawable-hdpi/minitab_default.9.png 0x2bea42eb
res/drawable-hdpi/minitab_pressed.9.png 0x432c1584
res/drawable-hdpi/minitab_selected.9.png 0x7c18ca60
res/drawable-hdpi/minitab_unselected.9.png 0xaed57451
res/drawable-hdpi/remote_icon.png 0x26928e2c
res/drawable-hdpi/repo_icon.png 0x5b9c1916
res/drawable-hdpi/tag_icon.png 0x4cfcf6c5
res/drawable-hdpi/tree_icon.png 0xe41b4efe
res/drawable-ldpi/agit_dashboard_logo.png 0x8e6412bb
res/drawable-ldpi/agit_notification_icon.png 0xfe4027e4
res/drawable-ldpi/blob_icon.png 0xa130ae76
res/drawable-ldpi/branch_icon.png 0xe422c90
res/drawable-ldpi/clone_picture.png 0xebbcfe97
res/drawable-ldpi/commit_icon.png 0x4c69e39c
res/drawable-ldpi/commit_icon_small.png 0x4e102621
res/drawable-ldpi/ic_pulltorefresh_arrow.png 0xb4d35c35
res/drawable-ldpi/icon.png 0x620c837b
res/drawable-ldpi/loading_34.png 0x6cb6c71c
res/drawable-ldpi/remote_icon.png 0x724052bf
res/drawable-ldpi/repo_icon.png 0xdc134b14
res/drawable-ldpi/tag_icon.png 0x7ec492aa
res/drawable-ldpi/tree_icon.png 0x61023606
res/drawable-mdpi/abs__ab_bottom_solid_dark_holo.9.png 0x7b47c4fe
res/drawable-mdpi/abs__ab_bottom_solid_inverse_holo.9.png 0x8aedf99a
res/drawable-mdpi/abs__ab_bottom_solid_light_holo.9.png 0x8a943208
res/drawable-mdpi/abs__ab_bottom_transparent_dark_holo.9.png 0x897aedcb
res/drawable-mdpi/abs__ab_bottom_transparent_light_holo.9.png 0xf44d2d39
res/drawable-mdpi/abs__ab_share_pack_holo_dark.9.png 0x63478378
res/drawable-mdpi/abs__ab_share_pack_holo_light.9.png 0xb749488d
res/drawable-mdpi/abs__ab_solid_dark_holo.9.png 0xbc71f7a7
res/drawable-mdpi/abs__ab_solid_light_holo.9.png 0xd8cd9429
res/drawable-mdpi/abs__ab_solid_shadow_holo.9.png 0x9d505404
res/drawable-mdpi/abs__ab_stacked_solid_dark_holo.9.png 0xeacbecce
res/drawable-mdpi/abs__ab_stacked_solid_light_holo.9.png 0xde0f77d5
res/drawable-mdpi/abs__ab_stacked_transparent_dark_holo.9.png 0x14d06f11
res/drawable-mdpi/abs__ab_stacked_transparent_light_holo.9.png 0xc4c6064f
res/drawable-mdpi/abs__ab_transparent_dark_holo.9.png 0x659932db
res/drawable-mdpi/abs__ab_transparent_light_holo.9.png 0x77592f84
res/drawable-mdpi/abs__btn_cab_done_default_holo_dark.9.png 0x67d6a12b
res/drawable-mdpi/abs__btn_cab_done_default_holo_light.9.png 0xaddfa3f4
res/drawable-mdpi/abs__btn_cab_done_focused_holo_dark.9.png 0x8ca91c4c
res/drawable-mdpi/abs__btn_cab_done_focused_holo_light.9.png 0x6f46a285
res/drawable-mdpi/abs__btn_cab_done_pressed_holo_dark.9.png 0xcd15c524
res/drawable-mdpi/abs__btn_cab_done_pressed_holo_light.9.png 0xb8819bcf
res/drawable-mdpi/abs__cab_background_bottom_holo_dark.9.png 0xa8873073
res/drawable-mdpi/abs__cab_background_bottom_holo_light.9.png 0x23b67c99
res/drawable-mdpi/abs__cab_background_top_holo_dark.9.png 0xfb2e5f57
res/drawable-mdpi/abs__cab_background_top_holo_light.9.png 0x5818ab75
res/drawable-mdpi/abs__dialog_full_holo_dark.9.png 0x79dbb2d3
res/drawable-mdpi/abs__dialog_full_holo_light.9.png 0xfdb061df
res/drawable-mdpi/abs__ic_ab_back_holo_dark.png 0xfcab22b6
res/drawable-mdpi/abs__ic_ab_back_holo_light.png 0x8b88c538
res/drawable-mdpi/abs__ic_cab_done_holo_dark.png 0x73c5de5f
res/drawable-mdpi/abs__ic_cab_done_holo_light.png 0x8e10da0a
res/drawable-mdpi/abs__ic_menu_moreoverflow_normal_holo_dark.png 0x46183a6
res/drawable-mdpi/abs__ic_menu_moreoverflow_normal_holo_light.png 0xe0a776a7
res/drawable-mdpi/abs__ic_menu_share_holo_dark.png 0x7f93973c
res/drawable-mdpi/abs__ic_menu_share_holo_light.png 0xe576f47
res/drawable-mdpi/abs__list_activated_holo.9.png 0xc09562f2
res/drawable-mdpi/abs__list_divider_holo_dark.9.png 0xe4823600
res/drawable-mdpi/abs__list_divider_holo_light.9.png 0xb0dc2b05
res/drawable-mdpi/abs__list_focused_holo.9.png 0x77cc9de1
res/drawable-mdpi/abs__list_longpressed_holo.9.png 0xc09562f2
res/drawable-mdpi/abs__list_pressed_holo_dark.9.png 0x449401f4
res/drawable-mdpi/abs__list_pressed_holo_light.9.png 0x449401f4
res/drawable-mdpi/abs__list_selector_disabled_holo_dark.9.png 0x9d81afe3
res/drawable-mdpi/abs__list_selector_disabled_holo_light.9.png 0xa481684d
res/drawable-mdpi/abs__menu_dropdown_panel_holo_dark.9.png 0xfd12b60b
res/drawable-mdpi/abs__menu_dropdown_panel_holo_light.9.png 0x91b31d69
res/drawable-mdpi/abs__progress_bg_holo_dark.9.png 0x7b7862a3
res/drawable-mdpi/abs__progress_bg_holo_light.9.png 0xf1ed1112
res/drawable-mdpi/abs__progress_primary_holo_dark.9.png 0x4e645825
res/drawable-mdpi/abs__progress_primary_holo_light.9.png 0x4e645825
res/drawable-mdpi/abs__progress_secondary_holo_dark.9.png 0x61da65aa
res/drawable-mdpi/abs__progress_secondary_holo_light.9.png 0x61da65aa
res/drawable-mdpi/abs__spinner_48_inner_holo.png 0xc28e776
res/drawable-mdpi/abs__spinner_48_outer_holo.png 0xffe6b371
res/drawable-mdpi/abs__spinner_ab_default_holo_dark.9.png 0xddcdb41
res/drawable-mdpi/abs__spinner_ab_default_holo_light.9.png 0x6f5deb99
res/drawable-mdpi/abs__spinner_ab_disabled_holo_dark.9.png 0x46b2d154
res/drawable-mdpi/abs__spinner_ab_disabled_holo_light.9.png 0xf5f84309
res/drawable-mdpi/abs__spinner_ab_focused_holo_dark.9.png 0xec027107
res/drawable-mdpi/abs__spinner_ab_focused_holo_light.9.png 0xbea22dc0
res/drawable-mdpi/abs__spinner_ab_pressed_holo_dark.9.png 0x7a0d1968
res/drawable-mdpi/abs__spinner_ab_pressed_holo_light.9.png 0x4e6034a7
res/drawable-mdpi/abs__tab_selected_focused_holo.9.png 0x6f51e593
res/drawable-mdpi/abs__tab_selected_holo.9.png 0x2ab487a
res/drawable-mdpi/abs__tab_selected_pressed_holo.9.png 0xc0728d80
res/drawable-mdpi/abs__tab_unselected_pressed_holo.9.png 0xd59cc9e6
res/drawable-mdpi/actionbar_stripe.png 0x385ac879
res/drawable-mdpi/agit_dashboard_logo.png 0xf284d0f7
res/drawable-mdpi/agit_notification_icon.png 0xfb81a85f
res/drawable-mdpi/blob_icon.png 0xaecbd5fd
res/drawable-mdpi/branch_icon.png 0xe7f6e377
res/drawable-mdpi/clone_picture.png 0x1f1f93ac
res/drawable-mdpi/commit_icon.png 0x7b02bb4
res/drawable-mdpi/commit_icon_small.png 0x22b84f1f
res/drawable-mdpi/ic_pulltorefresh_arrow.png 0xeb532964
res/drawable-mdpi/ic_refresh.png 0xcc8b64f4
res/drawable-mdpi/icon.png 0x760741cd
res/drawable-mdpi/loading_34.png 0xc8e1e9fe
res/drawable-mdpi/minitab_default.9.png 0xb6b7bdeb
res/drawable-mdpi/minitab_pressed.9.png 0x98b69585
res/drawable-mdpi/minitab_selected.9.png 0xae20c2fc
res/drawable-mdpi/minitab_unselected.9.png 0xcef30e84
res/drawable-mdpi/remote_icon.png 0xde9e3663
res/drawable-mdpi/repo_icon.png 0x472d0239
res/drawable-mdpi/tag_icon.png 0x7d68eb7a
res/drawable-mdpi/tree_icon.png 0x35a79d3e
res/drawable-v11/abs__progress_medium_holo.xml 0x78cf6501
res/drawable-xhdpi/abs__ab_bottom_solid_dark_holo.9.png 0x89c634b3
res/drawable-xhdpi/abs__ab_bottom_solid_inverse_holo.9.png 0xb1418c5c
res/drawable-xhdpi/abs__ab_bottom_solid_light_holo.9.png 0x1053168
res/drawable-xhdpi/abs__ab_bottom_transparent_dark_holo.9.png 0x5a6affd1
res/drawable-xhdpi/abs__ab_bottom_transparent_light_holo.9.png 0x8dc2ee5f
res/drawable-xhdpi/abs__ab_share_pack_holo_dark.9.png 0x283c19cc
res/drawable-xhdpi/abs__ab_share_pack_holo_light.9.png 0xd59220f0
res/drawable-xhdpi/abs__ab_solid_dark_holo.9.png 0x5b0c1e70
res/drawable-xhdpi/abs__ab_solid_light_holo.9.png 0x86f0155a
res/drawable-xhdpi/abs__ab_solid_shadow_holo.9.png 0xe3f746fa
res/drawable-xhdpi/abs__ab_stacked_solid_dark_holo.9.png 0x45995026
res/drawable-xhdpi/abs__ab_stacked_solid_light_holo.9.png 0x4fa1423
res/drawable-xhdpi/abs__ab_stacked_transparent_dark_holo.9.png 0xf3c72c9b
res/drawable-xhdpi/abs__ab_stacked_transparent_light_holo.9.png 0xed5a755d
res/drawable-xhdpi/abs__ab_transparent_dark_holo.9.png 0xe5266da1
res/drawable-xhdpi/abs__ab_transparent_light_holo.9.png 0xa2a434df
res/drawable-xhdpi/abs__btn_cab_done_default_holo_dark.9.png 0xa1d76dbb
res/drawable-xhdpi/abs__btn_cab_done_default_holo_light.9.png 0xdcd1843b
res/drawable-xhdpi/abs__btn_cab_done_focused_holo_dark.9.png 0x2e24d381
res/drawable-xhdpi/abs__btn_cab_done_focused_holo_light.9.png 0x8fe910b5
res/drawable-xhdpi/abs__btn_cab_done_pressed_holo_dark.9.png 0x35c763a
res/drawable-xhdpi/abs__btn_cab_done_pressed_holo_light.9.png 0xd601a063
res/drawable-xhdpi/abs__cab_background_bottom_holo_dark.9.png 0xc9ae8fde
res/drawable-xhdpi/abs__cab_background_bottom_holo_light.9.png 0xaf26e5ea
res/drawable-xhdpi/abs__cab_background_top_holo_dark.9.png 0xc6079444
res/drawable-xhdpi/abs__cab_background_top_holo_light.9.png 0x3396b7e2
res/drawable-xhdpi/abs__dialog_full_holo_dark.9.png 0x24a74876
res/drawable-xhdpi/abs__dialog_full_holo_light.9.png 0x1481309e
res/drawable-xhdpi/abs__ic_ab_back_holo_dark.png 0xfda7dde0
res/drawable-xhdpi/abs__ic_ab_back_holo_light.png 0xbffc39b3
res/drawable-xhdpi/abs__ic_cab_done_holo_dark.png 0x72b10371
res/drawable-xhdpi/abs__ic_cab_done_holo_light.png 0x8791c4c4
res/drawable-xhdpi/abs__ic_menu_moreoverflow_normal_holo_dark.png 0x3201d039
res/drawable-xhdpi/abs__ic_menu_moreoverflow_normal_holo_light.png 0xc2a9ad8e
res/drawable-xhdpi/abs__ic_menu_share_holo_dark.png 0x94b0462d
res/drawable-xhdpi/abs__ic_menu_share_holo_light.png 0x93f40272
res/drawable-xhdpi/abs__list_activated_holo.9.png 0xf31ffc88
res/drawable-xhdpi/abs__list_divider_holo_dark.9.png 0xde176f71
res/drawable-xhdpi/abs__list_divider_holo_light.9.png 0x3cad70fb
res/drawable-xhdpi/abs__list_focused_holo.9.png 0xfbeaf70c
res/drawable-xhdpi/abs__list_longpressed_holo.9.png 0xf31ffc88
res/drawable-xhdpi/abs__list_pressed_holo_dark.9.png 0xb9cef664
res/drawable-xhdpi/abs__list_pressed_holo_light.9.png 0xb9cef664
res/drawable-xhdpi/abs__list_selector_disabled_holo_dark.9.png 0xbd51fa51
res/drawable-xhdpi/abs__list_selector_disabled_holo_light.9.png 0x819deaae
res/drawable-xhdpi/abs__menu_dropdown_panel_holo_dark.9.png 0x66b89807
res/drawable-xhdpi/abs__menu_dropdown_panel_holo_light.9.png 0xea3a3f5
res/drawable-xhdpi/abs__progress_bg_holo_dark.9.png 0x41ee9e52
res/drawable-xhdpi/abs__progress_bg_holo_light.9.png 0x1f61ce1f
res/drawable-xhdpi/abs__progress_primary_holo_dark.9.png 0xd67380c5
res/drawable-xhdpi/abs__progress_primary_holo_light.9.png 0xd67380c5
res/drawable-xhdpi/abs__progress_secondary_holo_dark.9.png 0x955f18c2
res/drawable-xhdpi/abs__progress_secondary_holo_light.9.png 0x955f18c2
res/drawable-xhdpi/abs__spinner_48_inner_holo.png 0x28386199
res/drawable-xhdpi/abs__spinner_48_outer_holo.png 0x6cceb634
res/drawable-xhdpi/abs__spinner_ab_default_holo_dark.9.png 0xf5c94e84
res/drawable-xhdpi/abs__spinner_ab_default_holo_light.9.png 0x89892045
res/drawable-xhdpi/abs__spinner_ab_disabled_holo_dark.9.png 0x11b0dbfa
res/drawable-xhdpi/abs__spinner_ab_disabled_holo_light.9.png 0xbdcae3a1
res/drawable-xhdpi/abs__spinner_ab_focused_holo_dark.9.png 0x72b0dfd8
res/drawable-xhdpi/abs__spinner_ab_focused_holo_light.9.png 0x982777a1
res/drawable-xhdpi/abs__spinner_ab_pressed_holo_dark.9.png 0xa0f38fda
res/drawable-xhdpi/abs__spinner_ab_pressed_holo_light.9.png 0x27bb37be
res/drawable-xhdpi/abs__tab_selected_focused_holo.9.png 0x7c3f77bc
res/drawable-xhdpi/abs__tab_selected_holo.9.png 0x20fb759a
res/drawable-xhdpi/abs__tab_selected_pressed_holo.9.png 0xbb04ca93
res/drawable-xhdpi/abs__tab_unselected_pressed_holo.9.png 0x313d81a3
res/drawable-xhdpi/actionbar_stripe.png 0xb758cb0b
res/drawable-xhdpi/arrow_down.png 0xe7b725d4
res/drawable-xhdpi/arrow_up.png 0xdb9b4dc4
res/drawable-xhdpi/default_ptr_drawable.png 0x4083ff09
res/drawable-xhdpi/ic_refresh.png 0xf9228473
res/drawable/abs__activated_background_holo_dark.xml 0x2dd8443
res/drawable/abs__activated_background_holo_light.xml 0x2dd8443
res/drawable/abs__btn_cab_done_holo_dark.xml 0xc24c9042
res/drawable/abs__btn_cab_done_holo_light.xml 0xe97abee3
res/drawable/abs__ic_menu_moreoverflow_holo_dark.xml 0xcfe33d0a
res/drawable/abs__ic_menu_moreoverflow_holo_light.xml 0x41a18c34
res/drawable/abs__item_background_holo_dark.xml 0xc3a1fe38
res/drawable/abs__item_background_holo_light.xml 0xa72e6a08
res/drawable/abs__list_selector_background_transition_holo_dark.xml 0x943bb84b
res/drawable/abs__list_selector_background_transition_holo_light.xml 0xb3ddea87
res/drawable/abs__list_selector_holo_dark.xml 0x45d09c8b
res/drawable/abs__list_selector_holo_light.xml 0xe5130271
res/drawable/abs__progress_horizontal_holo_dark.xml 0x9a3a855a
res/drawable/abs__progress_horizontal_holo_light.xml 0x8cd17179
res/drawable/abs__progress_medium_holo.xml 0x48960fa9
res/drawable/abs__spinner_ab_holo_dark.xml 0xcc8a96c
res/drawable/abs__spinner_ab_holo_light.xml 0xb01ea010
res/drawable/abs__tab_indicator_ab_holo.xml 0xa34b4a80
res/drawable/actionbar_agit_logo.png 0xfb0b3aab
res/drawable/actionbar_background.xml 0xb9d3356e
res/drawable/btn_blue_matte.9.png 0xecd346b9
res/drawable/btn_green_matte.9.png 0xf8418277
res/drawable/clone.png 0x99a57f47
res/drawable/database_grey.png 0x856c5e3d
res/drawable/database_purple.png 0xd9001d14
res/drawable/diff_changetype_add.png 0x94592340
res/drawable/diff_changetype_delete.png 0x11362feb
res/drawable/diff_changetype_modify.png 0xd5729496
res/drawable/diff_changetype_rename.png 0xa0cbbb5a
res/drawable/diff_seekbar.xml 0x20cdcc92
res/drawable/executionbar_background.xml 0x51b6b271
res/drawable/friendly_button.xml 0x3a07452e
res/drawable/gravatar_border.xml 0x730cab6c
res/drawable/indicator_bg_bottom.xml 0x5afaaa4
res/drawable/indicator_bg_top.xml 0xf9c2ce11
res/drawable/label_background.xml 0x1de11e1d
res/drawable/loading_34_centred.xml 0x35712281
res/drawable/minitab.xml 0x55afaabc
res/drawable/pull_to_refresh_header_background.xml 0xc1d4da3
res/drawable/shadow.xml 0xd9e45e04
res/drawable/single_line_frame.xml 0xf839957f
res/drawable/top_bar.xml 0x64719171
res/layout-large/abs__action_mode_close_item.xml 0xca9e72e7
res/layout-v14/sherlock_spinner_dropdown_item.xml 0x9df42bed
res/layout-v14/sherlock_spinner_item.xml 0x6ec8ef23
res/layout-xlarge/abs__screen_action_bar.xml 0xe7bc982c
res/layout-xlarge/abs__screen_action_bar_overlay.xml 0x4e00d09b
res/layout/about_activity.xml 0x26529ee1
res/layout/abs__action_bar_home.xml 0xd1c970d2
res/layout/abs__action_bar_tab.xml 0x62b90cc
res/layout/abs__action_bar_tab_bar_view.xml 0xc8aed199
res/layout/abs__action_bar_title_item.xml 0xa50efb8c
res/layout/abs__action_menu_item_layout.xml 0xbbde7acf
res/layout/abs__action_menu_layout.xml 0xead6e790
res/layout/abs__action_mode_bar.xml 0x8870161b
res/layout/abs__action_mode_close_item.xml 0x369666db
res/layout/abs__activity_chooser_view.xml 0x7281b1e8
res/layout/abs__activity_chooser_view_list_item.xml 0x7f7e30a8
res/layout/abs__dialog_title_holo.xml 0xfc2b0a3a
res/layout/abs__list_menu_item_checkbox.xml 0x6cf56fa3
res/layout/abs__list_menu_item_icon.xml 0x623c3ba2
res/layout/abs__list_menu_item_layout.xml 0x68e23c83
res/layout/abs__list_menu_item_radio.xml 0xc8cfe430
res/layout/abs__popup_menu_item_layout.xml 0xa8cbc3c6
res/layout/abs__screen_action_bar.xml 0xb0e56524
res/layout/abs__screen_action_bar_overlay.xml 0xd1b17700
res/layout/abs__screen_simple.xml 0xa2bb1ad4
res/layout/abs__screen_simple_overlay_action_mode.xml 0x64ad14d5
res/layout/actionbar_custom_title.xml 0x77276b52
res/layout/branch_list_item.xml 0x9efa1508
res/layout/branch_view.xml 0x2239fcb1
res/layout/clone_launcher.xml 0x1085369a
res/layout/commit_detail_view.xml 0x6538009e
res/layout/commit_navigation_animation_layout.xml 0x912489dd
res/layout/commit_navigation_view.xml 0x8b91e42b
res/layout/commit_summary_view.xml 0x88326d81
res/layout/commit_view.xml 0xfa3bce9e
res/layout/create_tag_dialog.xml 0x358f31da
res/layout/dashboard_activity.xml 0x90e4e92a
res/layout/dashboard_repo_list_header.xml 0x50e8a46d
res/layout/diff_player_view.xml 0x3fe8ebe9
res/layout/diff_seekbar_view.xml 0x7493e232
res/layout/diff_view.xml 0xb27963e5
res/layout/file_change_header_expanded_view.xml 0xc9a8a529
res/layout/file_change_header_view.xml 0x9cdb2e5e
res/layout/latest_commit_view.xml 0xceb86e2d
res/layout/list_activity_layout.xml 0xfffe3c9e
res/layout/object_summary_view.xml 0x344d545f
res/layout/operation_progress.xml 0xf7084297
res/layout/osv_blob_summary_view.xml 0xf1bfd76f
res/layout/osv_commit_summary_view.xml 0xf650f14c
res/layout/osv_tag_summary_view.xml 0x3a7369dd
res/layout/osv_tree_summary_view.xml 0x3ec683f
res/layout/person_ident_detail_view.xml 0x92ea23e
res/layout/person_ident_view.xml 0x69ce16c8
res/layout/pull_to_refresh_header.xml 0x423e7e40
res/layout/related_commit_button.xml 0x7d5557ab
res/layout/remote_view.xml 0x43232f9b
res/layout/remotes_summary_view.xml 0x1079cfa8
res/layout/repo_list_item.xml 0x60615f3c
res/layout/repo_management_activity.xml 0xf387c1b0
res/layout/rev_commit_list_item.xml 0xf9aaa3c6
res/layout/rev_commit_view.xml 0x17e6f17f
res/layout/rev_commit_view_header.xml 0x5a327286
res/layout/sherlock_spinner_dropdown_item.xml 0x12174eb8
res/layout/sherlock_spinner_item.xml 0x5033f0ed
res/layout/simple_summary_list_item.xml 0xa7c79be4
res/layout/tab_indicator.xml 0xd1294ebb
res/layout/tag_viewer_activity.xml 0x63b6a3c1
res/layout/text_entry.xml 0x2a7607c0
res/layout/top_bar.xml 0x67388dab
res/menu/dashboard.xml 0x13d517d8
res/menu/repo.xml 0x4758f7f5
res/xml/authenticator.xml 0xedcebc93
res/xml/sync_adapter.xml 0xab5dd88c
resources.arsc 0xd540298
运行截图
VirSCANVirSCAN
VirSCAN