VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:2%Scanner(s) (1/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-11-13 14:34:24 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 3
antivir 1.9.2.0 1.9.159.0 7.11.184.224 Found nothing 12
antiy 114701 AVL141003 2014-10-04 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4157 9.0.0.4157 2014-07-30 Found nothing 1
avast 141112-0 4.7.4 2014-11-12 Found nothing 21
avg 2109/8019 10.0.1405 2014-11-06 Found nothing 4
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 3
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57701 7.90123 2014-11-13 Found nothing 6
clamav 19613 0.97.5 2014-11-11 Heuristics.Broken.Executable 1
comodo 15023 5.1 2014-10-03 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-31 Found nothing 58
fortinet 23.171, 23.171 5.1.158 2014-11-13 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-11-11 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 4
gdata 24.3819 24.3819 2014-08-29 Found nothing 7
hauri 2.73 2.73 2014-06-13 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-11-12 Found nothing 14
jiangmin 16.0.100 1.0.0.0 2014-07-28 Found nothing 17
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 22
kingsoft 2.1 2.1 2013-09-22 Found nothing 2
mcafee 7520 5400.1158 2014-08-04 Found nothing 9
nod32 0436 3.0.21 2014-09-18 Found nothing 1
panda 9.05.01 9.05.01 2014-06-15 Found nothing 7
pcc 11.272.05 9.500-1005 2014-11-12 Found nothing 2
qh360 1.0.1 1.0.1 1.0.1 Found nothing 12
qqphone 1.0.0.0 1.0.0.0 2014-11-13 Found nothing 1
quickheal 14.00 14.00 2014-06-14 Found nothing 5
rising 25.17.00.04 25.17.00.04 2014-06-02 Found nothing 5
sophos 5.04 3.51.0 2014-08-05 Found nothing 7
sunbelt 3.9.2589.2 3.9.2589.2 2014-06-13 Found nothing 2
symantec 20141111.002 1.3.0.24 2014-11-11 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2014-06-12 Found nothing 3
tws 17.47.17308 1.0.2.2108 2014-06-16 Found nothing 8
vba 3.12.26.3 3.12.26.3 2014-11-12 Found nothing 5
virusbuster 15.0.965.0 5.5.2.13 2014-11-11 Found nothing 16
权限列表
许可名称 信息
android.permission.CAMERA 访问照相机设备
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.VIBRATE 允许设备震动
android.permission.FLASHLIGHT 访问闪光灯
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.EXPAND_STATUS_BAR 操控状态栏
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.INTERNET 连接网络(2G或3G)
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
com.android.launcher.permission.UNINSTALL_SHORTCUT 删除快捷方式
android.permission.SET_DEBUG_APP 调试程序
文件信息
VirSCANVirSCAN
安全评分 :74
基本信息
VirSCANVirSCAN
MD5:64536a9bc43848c410b58d5235601d9d
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.nanshan.torch
最低运行环境:Android 2.2.x
版权:
关键行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = Order Request.scr, WriteAddress = 0x00400000, Size = 1024
TargetProcess = Order Request.scr, WriteAddress = 0x00401000, Size = 133120
TargetProcess = Order Request.scr, WriteAddress = 0x00422000, Size = 1024
TargetProcess = Order Request.scr, WriteAddress = 0x00425000, Size = 6144
TargetProcess = Order Request.scr, WriteAddress = 0x7ffda008, Size = 4
TargetProcess = vaaki.exe, WriteAddress = 0x00400000, Size = 1024
TargetProcess = vaaki.exe, WriteAddress = 0x00401000, Size = 133120
TargetProcess = vaaki.exe, WriteAddress = 0x00422000, Size = 1024
TargetProcess = vaaki.exe, WriteAddress = 0x00425000, Size = 6144
TargetProcess = vaaki.exe, WriteAddress = 0x7ffdd008, Size = 4
TargetProcess = explorer.exe, WriteAddress = 0x03080000, Size = 159744
C:\WINDOWS\explorer.exe
TargetProcess = explorer.exe, WriteAddress = 0x030a2bf8, Size = 4
TargetProcess = explorer.exe, WriteAddress = 0x030a2c0c, Size = 4
TargetProcess = explorer.exe, WriteAddress = 0x030a30bc, Size = 4
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ListBox]
[Window,Class] = [,Static]
[Window,Class] = [Animate1,SysAnimate32]
[Window,Class] = [List1,SysListView32]
[Window,Class] = [QQ2013,TXGuiFoundation]
[Window,Class] = [OP_2269840561,CTXOPConntion_Class]
[Window,Class] = [,BrowserFrameGripperClass]
[Window,Class] = [Windows Internet Explorer,IEFrame]
[Window,Class] = [缩放级别,ToolbarWindow32]
[Window,Class] = [,msctls_progress32]
行为描述: 创建远程线程
详情信息: C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tencent\QQ\Bin\QQ.exe
C:\Program Files\Tencent\QQ\Bin\TXPlatform.exe
C:\%temp%\1415855916.508152.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\PersonalBankPortal.exe
C:\WINDOWS\system32\conime.exe
C:\%temp%\1415855916.840783.exe
C:\%temp%\1415855916.911902.exe
C:\%temp%\1415855917.004024.exe
C:\%temp%\1415855917.083863.exe
C:\WINDOWS\system32\patchupdate.exe
C:\WINDOWS\system32\tm.exe
C:\WINDOWS\system32\cmd.exe
行为描述: 设置线程上下文
详情信息: C:\%temp%\1415855881.866370.exe_7zdump\Order Request.scr
C:\Documents and Settings\Administrator\Application Data\Diiqe\vaaki.exe
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
C:\Documents and Settings\Administrator\IECompatCache
行为描述: 按名称获取主机地址
详情信息: wpad
www.yixun.com
行为描述: 自删除
详情信息: C:\%temp%\1415856009.267949.exe_7zdump\Order Request.scr
行为描述: 修改注册表_启动项
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Run\{25F0E6E4-1CB1-CE2E-5860-AAC88CD08CEF}
进程行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = Order Request.scr, WriteAddress = 0x00400000, Size = 1024
TargetProcess = Order Request.scr, WriteAddress = 0x00401000, Size = 133120
TargetProcess = Order Request.scr, WriteAddress = 0x00422000, Size = 1024
TargetProcess = Order Request.scr, WriteAddress = 0x00425000, Size = 6144
TargetProcess = Order Request.scr, WriteAddress = 0x7ffda008, Size = 4
TargetProcess = vaaki.exe, WriteAddress = 0x00400000, Size = 1024
TargetProcess = vaaki.exe, WriteAddress = 0x00401000, Size = 133120
TargetProcess = vaaki.exe, WriteAddress = 0x00422000, Size = 1024
TargetProcess = vaaki.exe, WriteAddress = 0x00425000, Size = 6144
TargetProcess = vaaki.exe, WriteAddress = 0x7ffdd008, Size = 4
TargetProcess = explorer.exe, WriteAddress = 0x03080000, Size = 159744
C:\WINDOWS\explorer.exe
TargetProcess = explorer.exe, WriteAddress = 0x030a2bf8, Size = 4
TargetProcess = explorer.exe, WriteAddress = 0x030a2c0c, Size = 4
TargetProcess = explorer.exe, WriteAddress = 0x030a30bc, Size = 4
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ListBox]
[Window,Class] = [,Static]
[Window,Class] = [Animate1,SysAnimate32]
[Window,Class] = [List1,SysListView32]
[Window,Class] = [QQ2013,TXGuiFoundation]
[Window,Class] = [OP_2269840561,CTXOPConntion_Class]
[Window,Class] = [,BrowserFrameGripperClass]
[Window,Class] = [Windows Internet Explorer,IEFrame]
[Window,Class] = [缩放级别,ToolbarWindow32]
[Window,Class] = [,msctls_progress32]
行为描述: 创建远程线程
详情信息: C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tencent\QQ\Bin\QQ.exe
C:\Program Files\Tencent\QQ\Bin\TXPlatform.exe
C:\%temp%\1415855916.508152.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\PersonalBankPortal.exe
C:\WINDOWS\system32\conime.exe
C:\%temp%\1415855916.840783.exe
C:\%temp%\1415855916.911902.exe
C:\%temp%\1415855917.004024.exe
C:\%temp%\1415855917.083863.exe
C:\WINDOWS\system32\patchupdate.exe
C:\WINDOWS\system32\tm.exe
C:\WINDOWS\system32\cmd.exe
行为描述: 设置线程上下文
详情信息: C:\%temp%\1415855881.866370.exe_7zdump\Order Request.scr
C:\Documents and Settings\Administrator\Application Data\Diiqe\vaaki.exe
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
C:\Documents and Settings\Administrator\IECompatCache
行为描述: 按名称获取主机地址
详情信息: wpad
www.yixun.com
行为描述: 自删除
详情信息: C:\%temp%\1415856009.267949.exe_7zdump\Order Request.scr
行为描述: 修改注册表_启动项
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Run\{25F0E6E4-1CB1-CE2E-5860-AAC88CD08CEF}
文件行为
VirSCANVirSCAN
行为描述: 创建可执行文件
详情信息: C:\Documents and Settings\Administrator\Application Data\Diiqe\vaaki.exe
行为描述: 写权限映射文件
详情信息: Global\Cor_Private_IPCBlock_872
Global\Cor_Public_IPCBlock_872
Global\NLS_00000804_Exception_Table_3_2
Global\NLS_CodePage_936_3_2_0_0
Global\Cor_Private_IPCBlock_2296
Global\Cor_Public_IPCBlock_2296
microsoft_thor_folder_notifyinfo_mappedfile
c:_documents and settings_administrator_local settings_application data_identities_{cfd7c28a-208c-4447-b3ff-2fdac596c2fd}_microsoft_outlook express_folders.dbx_directdbshare
\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{CFD7C28A-208C-4447-B3FF-2FDAC596C2FD}\Microsoft\Outlook Express\Folders.dbxbx_directdbfilemap
c:_documents and settings_administrator_local settings_application data_identities_{cfd7c28a-208c-4447-b3ff-2fdac596c2fd}_microsoft_outlook express_收件箱.dbx_directdbshare
\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{CFD7C28A-208C-4447-B3FF-2FDAC596C2FD}\Microsoft\Outlook Express\收件箱.dbxbx_directdbfilemap
Local\!PrivacIE!SharedMem!Counter
c:_documents and settings_administrator_local settings_application data_identities_{cfd7c28a-208c-4447-b3ff-2fdac596c2fd}_microsoft_outlook express_offline.dbx_directdbshare
\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{CFD7C28A-208C-4447-B3FF-2FDAC596C2FD}\Microsoft\Outlook Express\Offline.dbxbx_directdbfilemap
c:_documents and settings_administrator_local settings_application data_identities_{cfd7c28a-208c-4447-b3ff-2fdac596c2fd}_microsoft_outlook express_已发送邮件.dbx_directdbshare
行为描述: 重命名文件
详情信息: C:\Documents and Settings\Administrator\Application Data\Daky\yszua.cei ---> C:\Documents and Settings\Administrator\Application Data\Daky\yszua.tmp
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
C:\Documents and Settings\Administrator\IECompatCache
行为描述: 修改文件内容
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp03147655.bat---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\Daky\yszua.cei---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\Microsoft\Address Book\Administrator.wab---> Offset = 2212
C:\Documents and Settings\Administrator\Application Data\Microsoft\Address Book\Administrator.wab---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\Microsoft\Address Book\Administrator.wab---> Offset = 176280
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\MPS4.tmp---> Offset = 2212
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\MPS4.tmp---> Offset = 6212
C:\Documents and Settings\Administrator\Application Data\Microsoft\Address Book\Administrator.wab~---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\dnserrordiagoff[1]---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\ErrorPageTemplate[1]---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6P4O8QNJ\errorPageStrings[1]---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6TLOMATB\httpErrorPagesScripts[1]---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C1OS62RY\noConnect[1]---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\bullet[2]---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\background_gradient[2]---> Offset = 0
行为描述: 自删除
详情信息: C:\%temp%\1415856009.267949.exe_7zdump\Order Request.scr
网络行为
VirSCANVirSCAN
行为描述: 连接指定站点
详情信息: InternetConnectA: ServerName = 104.192.103.18, PORT = 80
行为描述: 下载文件
详情信息: URLDownloadToFileW: http://www.live.com/favicon.ico ---> C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico
行为描述: 打开HTTP请求
详情信息: HttpOpenRequestA: 104.192.103.18:80/idowu/panel/config.bin, hConnect = 0x00000260
HttpOpenRequestA: 104.192.103.18:80/idowu/panel/config.bin, hConnect = 0x00000478
HttpOpenRequestA: 104.192.103.18:80/idowu/panel/config.bin, hConnect = 0x0000081c
HttpOpenRequestA: 104.192.103.18:80/idowu/panel/config.bin, hConnect = 0x000006e4
行为描述: 按名称获取主机地址
详情信息: wpad
www.yixun.com
注册表行为
VirSCANVirSCAN
行为描述: 删除注册表键
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000\{63800dac-e7ca-4df9-9a5c-20765055488d}
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile\0x00000000
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}\LanguageProfile
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\CTF\TIP\{1188450c-fdab-47ae-80d8-c9633f71be64}
\REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Internet Explorer\PhishingFilter\EnabledV8
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Internet Explorer\Privacy\CleanCookies
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1406
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1609
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1406
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1609
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1406
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1406
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Internet Account Manager\Accounts\Active Directory GC\LDAP Server ID
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Internet Account Manager\Accounts\Bigfoot\LDAP Server ID
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Internet Account Manager\Accounts\VeriSign\LDAP Server ID
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Internet Account Manager\Accounts\WhoWhere\LDAP Server ID
行为描述: 删除注册表键值
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Identities\Changing
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Identities\IncomingID
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Identities\OutgoingID
\REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\DWFileTreeRoot
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\0\Expiration
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Internet Explorer\LinksBar\ItemCache\1\Expiration
行为描述: 删除注册表键值_IE连接设置
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
行为描述: 修改注册表_启动项
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Run\{25F0E6E4-1CB1-CE2E-5860-AAC88CD08CEF}
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: Global\{525BDAB6-20E3-B985-5860-AAC88CD08CEF}
SHIMLIB_LOG_MUTEX
Local\{E842FFFD-05A8-039C-5860-AAC88CD08CEF}
Global\{F52F7FDD-8588-1EF1-1250-AC25C6E08A02}
Global\{F52F7FDD-8588-1EF1-0252-AC25D6E28A02}
Global\{F52F7FDD-8588-1EF1-4652-AC2592E28A02}
Global\{F52F7FDD-8588-1EF1-7E52-AC25AAE28A02}
Global\{F52F7FDD-8588-1EF1-8A52-AC255EE28A02}
Global\{F52F7FDD-8588-1EF1-BE52-AC256AE28A02}
Global\{F52F7FDD-8588-1EF1-5E53-AC258AE38A02}
Global\{F52F7FDD-8588-1EF1-4E53-AC259AE38A02}
Global\{F52F7FDD-8588-1EF1-8A53-AC255EE38A02}
Global\{F52F7FDD-8588-1EF1-D253-AC2506E38A02}
Global\{F52F7FDD-8588-1EF1-0E54-AC25DAE48A02}
Global\{F52F7FDD-8588-1EF1-2E54-AC25FAE48A02}
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ListBox]
[Window,Class] = [,Static]
[Window,Class] = [Animate1,SysAnimate32]
[Window,Class] = [List1,SysListView32]
[Window,Class] = [QQ2013,TXGuiFoundation]
[Window,Class] = [OP_2269840561,CTXOPConntion_Class]
[Window,Class] = [,BrowserFrameGripperClass]
[Window,Class] = [Windows Internet Explorer,IEFrame]
[Window,Class] = [缩放级别,ToolbarWindow32]
[Window,Class] = [,msctls_progress32]
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
NtUserFindWindowEx: [Class,Window] = [MS_WebcheckMonitor,]
NtUserFindWindowEx: [Class,Window] = [TXGuiFoundation,QQ2013]
NtUserFindWindowEx: [Class,Window] = [CTXOPConntion_Class,OP_2269840561]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
NtUserFindWindowEx: [Class,Window] = [Static,]
行为描述: 获取系统权限
详情信息: SE_SECURITY_PRIVILEGE
SE_LOAD_DRIVER_PRIVILEGE
行为描述: 枚举窗口
详情信息: N/A
行为描述: 内联HOOK
详情信息: C:\WINDOWS\system32\ntdll.dll--->ZwCreateThread Offset = 0x0
C:\WINDOWS\system32\ntdll.dll--->LdrLoadDll Offset = 0x0
C:\WINDOWS\system32\kernel32.dll--->GetFileAttributesExW Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->HttpSendRequestW Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->HttpSendRequestA Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->HttpSendRequestExW Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->HttpSendRequestExA Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->InternetCloseHandle Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->InternetReadFile Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->InternetReadFileExA Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->InternetQueryDataAvailable Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->HttpQueryInfoA Offset = 0x0
C:\WINDOWS\system32\WS2_32.dll--->closesocket Offset = 0x0
C:\WINDOWS\system32\WS2_32.dll--->send Offset = 0x0
C:\WINDOWS\system32\WS2_32.dll--->WSASend Offset = 0x0
异常崩溃
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: Global\{525BDAB6-20E3-B985-5860-AAC88CD08CEF}
SHIMLIB_LOG_MUTEX
Local\{E842FFFD-05A8-039C-5860-AAC88CD08CEF}
Global\{F52F7FDD-8588-1EF1-1250-AC25C6E08A02}
Global\{F52F7FDD-8588-1EF1-0252-AC25D6E28A02}
Global\{F52F7FDD-8588-1EF1-4652-AC2592E28A02}
Global\{F52F7FDD-8588-1EF1-7E52-AC25AAE28A02}
Global\{F52F7FDD-8588-1EF1-8A52-AC255EE28A02}
Global\{F52F7FDD-8588-1EF1-BE52-AC256AE28A02}
Global\{F52F7FDD-8588-1EF1-5E53-AC258AE38A02}
Global\{F52F7FDD-8588-1EF1-4E53-AC259AE38A02}
Global\{F52F7FDD-8588-1EF1-8A53-AC255EE38A02}
Global\{F52F7FDD-8588-1EF1-D253-AC2506E38A02}
Global\{F52F7FDD-8588-1EF1-0E54-AC25DAE48A02}
Global\{F52F7FDD-8588-1EF1-2E54-AC25FAE48A02}
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ListBox]
[Window,Class] = [,Static]
[Window,Class] = [Animate1,SysAnimate32]
[Window,Class] = [List1,SysListView32]
[Window,Class] = [QQ2013,TXGuiFoundation]
[Window,Class] = [OP_2269840561,CTXOPConntion_Class]
[Window,Class] = [,BrowserFrameGripperClass]
[Window,Class] = [Windows Internet Explorer,IEFrame]
[Window,Class] = [缩放级别,ToolbarWindow32]
[Window,Class] = [,msctls_progress32]
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [MS_AutodialMonitor,]
NtUserFindWindowEx: [Class,Window] = [MS_WebcheckMonitor,]
NtUserFindWindowEx: [Class,Window] = [TXGuiFoundation,QQ2013]
NtUserFindWindowEx: [Class,Window] = [CTXOPConntion_Class,OP_2269840561]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [MS_WebCheckMonitor,]
NtUserFindWindowEx: [Class,Window] = [Static,]
行为描述: 获取系统权限
详情信息: SE_SECURITY_PRIVILEGE
SE_LOAD_DRIVER_PRIVILEGE
行为描述: 枚举窗口
详情信息: N/A
行为描述: 内联HOOK
详情信息: C:\WINDOWS\system32\ntdll.dll--->ZwCreateThread Offset = 0x0
C:\WINDOWS\system32\ntdll.dll--->LdrLoadDll Offset = 0x0
C:\WINDOWS\system32\kernel32.dll--->GetFileAttributesExW Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->HttpSendRequestW Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->HttpSendRequestA Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->HttpSendRequestExW Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->HttpSendRequestExA Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->InternetCloseHandle Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->InternetReadFile Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->InternetReadFileExA Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->InternetQueryDataAvailable Offset = 0x0
C:\WINDOWS\system32\WININET.dll--->HttpQueryInfoA Offset = 0x0
C:\WINDOWS\system32\WS2_32.dll--->closesocket Offset = 0x0
C:\WINDOWS\system32\WS2_32.dll--->send Offset = 0x0
C:\WINDOWS\system32\WS2_32.dll--->WSASend Offset = 0x0
危险行为
VirSCANVirSCAN
行为描述: 执行系统命令
详情信息: chmod 777 /data/data/com.nanshan.torch/files/libqupc.so
getprop ro.product.cpu.abi
动态列表行为
VirSCANVirSCAN
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述: 读取文件
详情信息: path:pipe:[3511] length:105
path:/proc/783/cmdline length:105
path:/proc/799/cmdline length:105
path:/proc/811/cmdline length:105
path:/proc/853/cmdline length:105
path:/data/data/com.nanshan.torch/files/libqupc.so length:104
path:pipe:[3596] length:105
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:102
path:pipe:[3631] length:105
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.nanshan.torch-1.apk
行为描述: 执行系统命令
详情信息: chmod 777 /data/data/com.nanshan.torch/files/libqupc.so
getprop ro.product.cpu.abi
行为描述: 缓冲区读取一行数据
详情信息: armeabi-v7a
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.nanshan.torch/files/libqupc.so length:104
path:/data/data/com.nanshan.torch/files/libqupc.so length:51
path:/data/data/com.nanshan.torch/files/libqupc.so length:42
path:/data/data/com.nanshan.torch/files/libqupc.so length:58
path:/data/data/com.nanshan.torch/files/libqupc.so length:51
path:/data/data/com.nanshan.torch/files/libqupc.so length:58
path:/data/data/com.nanshan.torch/files/libqupc.so length:48
path:/data/data/com.nanshan.torch/files/libqupc.so length:105
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:102
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:105
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:50
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:53
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:44
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:53
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:36
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:57
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:105
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:57
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:51
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:50
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:62
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:54
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:53
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:60
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:54
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:53
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:52
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:62
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:64
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:52
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:51
path:/data/data/com.nanshan.torch/files/libprotectClass.so length:49
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
Activities
VirSCANVirSCAN
活动名 类型
com.sskj.flashlight.ui.home.MainActivity android.intent.action.MAIN
com.sskj.flashlight.ui.home.MainActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.CAMERA 访问照相机设备
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.RECEIVE_BOOT_COMPLETED 接收开机启动广播
android.permission.VIBRATE 允许设备震动
android.permission.FLASHLIGHT 访问闪光灯
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.EXPAND_STATUS_BAR 操控状态栏
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.INTERNET 连接网络(2G或3G)
com.android.launcher.permission.READ_SETTINGS 读取快捷方式信息
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
com.android.launcher.permission.UNINSTALL_SHORTCUT 删除快捷方式
android.permission.SET_DEBUG_APP 调试程序
服务列表
VirSCANVirSCAN
名称
com.umeng.update.net.DownloadingService
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0x92ede3eb
META-INF/NANSHAN-.SF 0xd787911c
META-INF/NANSHAN-.RSA 0xd846562d
AndroidManifest.xml 0xa8101c04
assets/ 0x0
assets/drawable-hdpi/ic_com_sina_weibo_sdk_close.png 0xbe9fc2e4
assets/drawable-ldpi/ic_com_sina_weibo_sdk_close.png 0xfb4127df
assets/drawable-mdpi/ic_com_sina_weibo_sdk_close.png 0x55b26ac
assets/drawable-xhdpi/ic_com_sina_weibo_sdk_close.png 0xfd14d699
assets/drawable-xxhdpi/ic_com_sina_weibo_sdk_close.png 0x65f5bfc5
assets/drawable/weibosdk_dialog_bg.9.png 0xdfdb02b
assets/libprotectClass.so 0xf0723608
assets/libprotectClass_x86.so 0x310ead0e
assets/libqupc.so 0x4ea23d28
classes.dex 0x802e2820
lib/armeabi/libbspatch.so 0x6333ecec
org/apache/http/entity/mime/version.properties 0x53e10a06
res/anim/push_bottom_in.xml 0xc2eda394
res/anim/push_bottom_out.xml 0x4508148f
res/anim/push_up_in.xml 0xf4e8accb
res/anim/push_up_out.xml 0xea70f0f6
res/anim/slide_in.xml 0xb7e7f737
res/anim/slide_out.xml 0x85dfcb33
res/anim/umeng_fb_slide_in_from_left.xml 0x970dfb8b
res/anim/umeng_fb_slide_in_from_right.xml 0xd29e9c99
res/anim/umeng_fb_slide_out_from_left.xml 0x807b5089
res/anim/umeng_fb_slide_out_from_right.xml 0x847927ad
res/anim/umeng_socialize_fade_in.xml 0xf2e7bdac
res/anim/umeng_socialize_fade_out.xml 0x19682b1d
res/anim/umeng_socialize_shareboard_animation_in.xml 0x5b62eaa8
res/anim/umeng_socialize_shareboard_animation_out.xml 0x100d0f13
res/anim/umeng_socialize_slide_in_from_bottom.xml 0x72fa759c
res/anim/umeng_socialize_slide_out_from_bottom.xml 0x62fd58e7
res/drawable-480dpi/ic_menu_preferences.png 0x299f14f8
res/drawable-hdpi/about_dianliang.png 0xed2baed8
res/drawable-hdpi/about_qq.png 0x44ba8bc3
res/drawable-hdpi/about_szqd.png 0x364aa581
res/drawable-hdpi/about_textimage.png 0xdffbc8d4
res/drawable-hdpi/about_weixin.png 0x68d17cca
res/drawable-hdpi/abouticon.png 0x2e0853e2
res/drawable-hdpi/abouticon1.png 0xdb4d0a28
res/drawable-hdpi/abput_sina.png 0xbd580fc3
res/drawable-hdpi/btn_more_n.9.png 0x395d7970
res/drawable-hdpi/btn_more_p.9.png 0x588743a7
res/drawable-hdpi/earthbase.png 0x783dd729
res/drawable-hdpi/earthsignal.png 0xf8f4f9ad
res/drawable-hdpi/earthsignalnormal.png 0x2e495ae6
res/drawable-hdpi/fangweibtn.9.png 0xad114432
res/drawable-hdpi/fangweibtn_press.9.png 0xfb50212a
res/drawable-hdpi/float_360.png 0x76fbadbd
res/drawable-hdpi/ic_launcher1.png 0x46f69206
res/drawable-hdpi/ic_launcher2.png 0xb28178bd
res/drawable-hdpi/ic_launcher72_72.png 0xc3d47829
res/drawable-hdpi/ic_menu_preferences.png 0x5a8eb1cb
res/drawable-hdpi/ic_pulltorefresh_arrow.png 0x32192a53
res/drawable-hdpi/ic_pulltorefresh_arrow_up.png 0xa2b74da6
res/drawable-hdpi/ic_share_qq.png 0x95665a6c
res/drawable-hdpi/ic_share_qzone.png 0x1ef19931
res/drawable-hdpi/ic_share_renn.png 0x56d3e10a
res/drawable-hdpi/ic_share_sina.png 0x8ca325fd
res/drawable-hdpi/ic_share_wx.png 0x130137da
res/drawable-hdpi/ic_share_wxcircle.png 0x58f031ce
res/drawable-hdpi/shortcut_erweima.png 0x54d7d332
res/drawable-hdpi/shortcut_eye.png 0x2d5d08ab
res/drawable-hdpi/umeng_socialize_light_bar_bg_pad.9.png 0xbd5de45a
res/drawable-hdpi/umeng_socialize_nav_bar_bg_pad.9.png 0xe4fd9b91
res/drawable-hdpi/umeng_socialize_oauth_check_off.png 0xd0d60451
res/drawable-hdpi/umeng_socialize_oauth_check_on.png 0x666c6035
res/drawable-hdpi/umeng_socialize_share_music.png 0x970770da
res/drawable-hdpi/umeng_socialize_share_pic.png 0x1b838ca6
res/drawable-hdpi/umeng_socialize_share_video.png 0x6eead77a
res/drawable-hdpi/umeng_update_btn_check_off_focused_holo_light.png 0x63f5fdb0
res/drawable-hdpi/umeng_update_btn_check_off_holo_light.png 0x9dd19bd9
res/drawable-hdpi/umeng_update_btn_check_off_pressed_holo_light.png 0x3f0df474
res/drawable-hdpi/umeng_update_btn_check_on_focused_holo_light.png 0x3a86058e
res/drawable-hdpi/umeng_update_btn_check_on_holo_light.png 0x54ca4df0
res/drawable-hdpi/umeng_update_btn_check_on_pressed_holo_light.png 0xc6e0029f
res/drawable-hdpi/umeng_update_close_bg_normal.png 0xfbb3a5d2
res/drawable-hdpi/umeng_update_close_bg_tap.png 0xa852b3ec
res/drawable-hdpi/youxi_icon.png 0xf26eca5c
res/drawable-mdpi/ic_notifity.png 0x1307df04
res/drawable-mdpi/shortcut_erweima.png 0xdb3db757
res/drawable-mdpi/shortcut_eye.png 0x36da2815
res/drawable-xhdpi/about_button.9.png 0x8349bde4
res/drawable-xhdpi/alarm.png 0x337d91e7
res/drawable-xhdpi/app_item_bg_n.png 0x6490649f
res/drawable-xhdpi/app_item_bg_p.png 0x75611532
res/drawable-xhdpi/background2.png 0xad65a4f
res/drawable-xhdpi/background_bak.png 0x2d23204d
res/drawable-xhdpi/banner_op_normal.png 0x18d9d072
res/drawable-xhdpi/banner_op_select.png 0x383fe4d9
res/drawable-xhdpi/banner_op_selectb.png 0x383fe4d9
res/drawable-xhdpi/bannertitle.png 0x4ed9889
res/drawable-xhdpi/btn_download_item_n.png 0x24fe035e
res/drawable-xhdpi/btn_download_item_p.png 0x65a93a3
res/drawable-xhdpi/btn_find_download_n.png 0x14326f7f
res/drawable-xhdpi/btn_find_download_p.png 0x62714ee7
res/drawable-xhdpi/btn_help_n.png 0xb7a2d98e
res/drawable-xhdpi/btn_help_p.png 0x8b2731fb
res/drawable-xhdpi/btn_screenfilter_n.png 0xdc30029d
res/drawable-xhdpi/btn_screenfilter_p.png 0xe633756c
res/drawable-xhdpi/button_clear_checkbox.png 0x37903500
res/drawable-xhdpi/button_welcome_install_n.png 0xcc18e348
res/drawable-xhdpi/button_welcome_install_p.png 0xaf85921c
res/drawable-xhdpi/close_ac.png 0x116ae930
res/drawable-xhdpi/cuimian_audio_jiantou.png 0xba0703e7
res/drawable-xhdpi/dialog_card_bg.9.png 0x9220fd3c
res/drawable-xhdpi/dialog_card_img.9.png 0x5de55aaa
res/drawable-xhdpi/dialog_close.png 0x82366c0e
res/drawable-xhdpi/dialog_download_n.png 0x82d0e7ab
res/drawable-xhdpi/dialog_download_p.png 0xf8c89a0d
res/drawable-xhdpi/erweima_his_normal.png 0xaf007a3
res/drawable-xhdpi/erweima_his_press.png 0x4d562f8c
res/drawable-xhdpi/erweima_item_header.xml 0x961679ba
res/drawable-xhdpi/erweima_ligth_normal.png 0xc44f1271
res/drawable-xhdpi/erweima_ligth_select.png 0xe08b8e6a
res/drawable-xhdpi/erweima_line.png 0xedadbf34
res/drawable-xhdpi/erweima_photo_normal.png 0x49c4b25f
res/drawable-xhdpi/erweima_photo_press.png 0x78cf765f
res/drawable-xhdpi/erweima_spinner.png 0x826dac45
res/drawable-xhdpi/erweimacheboxnormal.png 0x2f461a14
res/drawable-xhdpi/erweimacheboxselect.png 0x93ea6e21
res/drawable-xhdpi/find_bottom_bg.png 0x238a10b0
res/drawable-xhdpi/find_tab_bg.png 0xf7b66bea
res/drawable-xhdpi/guide_change_theme.png 0x2dddeaac
res/drawable-xhdpi/guide_screenfilter_1.png 0xb51e7e78
res/drawable-xhdpi/guide_screenfilter_2.png 0x8233d4e6
res/drawable-xhdpi/guide_screenfilter_3.png 0xaa0c727e
res/drawable-xhdpi/guide_shortcut.png 0x6d42e066
res/drawable-xhdpi/ic_app_level.png 0xd39fe785
res/drawable-xhdpi/ic_arrow_jump.png 0xd19f7b29
res/drawable-xhdpi/ic_back_p.png 0x34547bbb
res/drawable-xhdpi/ic_back_top_n.png 0x58853f13
res/drawable-xhdpi/ic_btn_back_n.png 0xa474c846
res/drawable-xhdpi/ic_btn_back_p.png 0x13ef138c
res/drawable-xhdpi/ic_btn_down.png 0x12dc2816
res/drawable-xhdpi/ic_btn_rigth.png 0x5b6b6ff2
res/drawable-xhdpi/ic_btn_set_back_n.png 0xb67c0cdd
res/drawable-xhdpi/ic_btn_set_back_p.png 0xe7cc66b5
res/drawable-xhdpi/ic_btn_up.png 0xa289ce21
res/drawable-xhdpi/ic_cancel.png 0xc3e59bed
res/drawable-xhdpi/ic_danhong.png 0x8fffbf35
res/drawable-xhdpi/ic_danhuang.png 0xc90ac29f
res/drawable-xhdpi/ic_danlan.png 0xc9120256
res/drawable-xhdpi/ic_danzhise.png 0x4deb9b99
res/drawable-xhdpi/ic_delete.png 0x455b9514
res/drawable-xhdpi/ic_dialog_bottom.png 0xf5e39c3
res/drawable-xhdpi/ic_dialog_cancel_n.png 0x6bb565e9
res/drawable-xhdpi/ic_dialog_cancel_p.png 0x24bce0d4
res/drawable-xhdpi/ic_dialog_flat_cancel_n.png 0xb210c88b
res/drawable-xhdpi/ic_dialog_flat_cancel_p.png 0xe4df4e14
res/drawable-xhdpi/ic_dialog_flat_ok_n.png 0x5a459b26
res/drawable-xhdpi/ic_dialog_flat_ok_p.png 0xc554f049
res/drawable-xhdpi/ic_dialog_ok_n.png 0x7c87d048
res/drawable-xhdpi/ic_dialog_ok_p.png 0x9f39b2ea
res/drawable-xhdpi/ic_dialog_top.png 0x476fdf9
res/drawable-xhdpi/ic_download_count_bg.png 0x78a91792
res/drawable-xhdpi/ic_download_delete.png 0x609b5f50
res/drawable-xhdpi/ic_download_delete_n.png 0xa015cb23
res/drawable-xhdpi/ic_download_delete_p.png 0xf36d61f7
res/drawable-xhdpi/ic_download_n.png 0x3a7e1221
res/drawable-xhdpi/ic_download_p.png 0x6ac3de42
res/drawable-xhdpi/ic_earthquake_logo.png 0x727c5a88
res/drawable-xhdpi/ic_erweima_find.png 0xc73c0f03
res/drawable-xhdpi/ic_find_bottom_about.png 0x9034bc8b
res/drawable-xhdpi/ic_find_bottom_feedback.png 0x2b9b7671
res/drawable-xhdpi/ic_find_bottom_setting.png 0x96010874
res/drawable-xhdpi/ic_find_bottom_theme.png 0xfa7d0c0b
res/drawable-xhdpi/ic_find_feedback.png 0xee7b1e0b
res/drawable-xhdpi/ic_find_icon_bg.png 0x56ad78d7
res/drawable-xhdpi/ic_find_locker.png 0x76cd0a06
res/drawable-xhdpi/ic_find_null_data.png 0x91c8166
res/drawable-xhdpi/ic_find_protect_eye.png 0x8d7f995c
res/drawable-xhdpi/ic_find_qrcode.png 0x44f8c21a
res/drawable-xhdpi/ic_find_setting.png 0x5db34785
res/drawable-xhdpi/ic_find_theme.png 0x679e6801
res/drawable-xhdpi/ic_find_title_bg.png 0xe786297f
res/drawable-xhdpi/ic_find_type_update.png 0x11919a9
res/drawable-xhdpi/ic_find_yyb.png 0xef5606e0
res/drawable-xhdpi/ic_fine.png 0xf30ce9bf
res/drawable-xhdpi/ic_flashlight_switch.png 0x202576c6
res/drawable-xhdpi/ic_flashlight_switch_close.png 0xe638283d
res/drawable-xhdpi/ic_flashlight_switch_close_bak.png 0x3275a69c
res/drawable-xhdpi/ic_flashlight_switch_close_press.png 0x89e1ef47
res/drawable-xhdpi/ic_flashlight_switch_open.png 0x5bb4ceeb
res/drawable-xhdpi/ic_flashlight_switch_open1.png 0x563e29f
res/drawable-xhdpi/ic_flashlight_switch_open_press.png 0xe3ffed97
res/drawable-xhdpi/ic_flashlight_switch_press.png 0xa33551ff
res/drawable-xhdpi/ic_home_find_n.9.png 0xb39c3757
res/drawable-xhdpi/ic_home_find_n1.png 0x491617e0
res/drawable-xhdpi/ic_home_find_p.9.png 0xa7beb10a
res/drawable-xhdpi/ic_home_find_p1.png 0xd8afcd55
res/drawable-xhdpi/ic_home_new_update.png 0x7f842e3b
res/drawable-xhdpi/ic_home_prize.png 0xe4bfd69a
res/drawable-xhdpi/ic_hot.png 0x13501c30
res/drawable-xhdpi/ic_icon_christams.png 0x537b7917
res/drawable-xhdpi/ic_icon_earthquake.png 0x157c4be8
res/drawable-xhdpi/ic_item_bg.9.png 0x25813182
res/drawable-xhdpi/ic_item_refresh.png 0x241249c9
res/drawable-xhdpi/ic_item_search.png 0x302bf501
res/drawable-xhdpi/ic_launcher.png 0x2e0853e2
res/drawable-xhdpi/ic_launcher1.png 0x225c6aee
res/drawable-xhdpi/ic_launcher2.png 0xbbe273d8
res/drawable-xhdpi/ic_meiguihong.png 0xf1c200c7
res/drawable-xhdpi/ic_menu_fenxiang.png 0x83920359
res/drawable-xhdpi/ic_menu_fuzhi.png 0xe0e4b864
res/drawable-xhdpi/ic_menu_preferences.png 0xe59a225c
res/drawable-xhdpi/ic_menu_quanxuan.png 0x64b8f72e
res/drawable-xhdpi/ic_menu_shanchu.png 0xcbab2e1a
res/drawable-xhdpi/ic_notifity.png 0x812e1ec4
res/drawable-xhdpi/ic_overflow_n.png 0xfdd5d0f
res/drawable-xhdpi/ic_overflow_p.png 0x8156037e
res/drawable-xhdpi/ic_right_download.png 0x73ac594f
res/drawable-xhdpi/ic_rotating.png 0x6b431e89
res/drawable-xhdpi/ic_rotating_flashlight_close.png 0x70fa5ea7
res/drawable-xhdpi/ic_rotating_flashlight_open.png 0x6ae0a611
res/drawable-xhdpi/ic_scale_bg.png 0x6024a055
res/drawable-xhdpi/ic_screefilter_help.png 0x3ab04c6d
res/drawable-xhdpi/ic_screefilter_send.png 0x4724f350
res/drawable-xhdpi/ic_screen_bai.png 0xc045dedc
res/drawable-xhdpi/ic_screen_huang.png 0x854fda3b
res/drawable-xhdpi/ic_screen_lv.png 0x901ebe0
res/drawable-xhdpi/ic_screen_nan.png 0x414e6336
res/drawable-xhdpi/ic_screen_progress.png 0xa362a047
res/drawable-xhdpi/ic_screen_red.png 0x4bd5c240
res/drawable-xhdpi/ic_screen_selceted.png 0x76cdccda
res/drawable-xhdpi/ic_screen_thmub.png 0xbd17515e
res/drawable-xhdpi/ic_screen_unselcet.png 0xa9a5a90e
res/drawable-xhdpi/ic_screenfilter_guide.png 0x505d5f01
res/drawable-xhdpi/ic_search.png 0x23409861
res/drawable-xhdpi/ic_share_n.png 0x555f8c55
res/drawable-xhdpi/ic_share_p.png 0xc0e52985
res/drawable-xhdpi/ic_star_off.png 0xaae3b7c3
res/drawable-xhdpi/ic_star_on.png 0xa733cf16
res/drawable-xhdpi/ic_theme_default.png 0xb0fd6751
res/drawable-xhdpi/ic_theme_del_item_selected_bg.png 0xc1a355a7
res/drawable-xhdpi/ic_theme_downloaded.png 0x3638432a
res/drawable-xhdpi/ic_theme_item_bg.png 0xa7784222
res/drawable-xhdpi/ic_theme_item_selected_bg.png 0x5789cd73
res/drawable-xhdpi/ic_theme_loadingfailure.png 0x1c349515
res/drawable-xhdpi/ic_theme_new.png 0x247b7588
res/drawable-xhdpi/ic_theme_recommend.png 0x1f4d87c7
res/drawable-xhdpi/ic_theme_switchbtn_n.png 0x4545dce9
res/drawable-xhdpi/ic_theme_switchbtn_p.png 0x2f79821d
res/drawable-xhdpi/ic_theme_used.png 0xa78975fd
res/drawable-xhdpi/ic_theme_yinse.jpg 0x9e81ff1f
res/drawable-xhdpi/ic_title_bg.png 0xa2d854d3
res/drawable-xhdpi/ic_title_setting.png 0x1847badc
res/drawable-xhdpi/ic_togglebtn_no.png 0x54fe4ebc
res/drawable-xhdpi/ic_togglebtn_yes.png 0x5ea213e3
res/drawable-xhdpi/img_banner_default.png 0xed7584f2
res/drawable-xhdpi/item_download_bg.png 0xfd29cb36
res/drawable-xhdpi/item_download_select_bg.png 0x82318df6
res/drawable-xhdpi/loading_bg.png 0x208840a8
res/drawable-xhdpi/loading_rotate.png 0xd5bd74f4
res/drawable-xhdpi/locker_back.png 0x310a4a2b
res/drawable-xhdpi/locker_key_0.png 0x37b7376
res/drawable-xhdpi/locker_key_1.png 0x2cfa3619
res/drawable-xhdpi/locker_key_2.png 0x2c7f90b6
res/drawable-xhdpi/locker_key_3.png 0xfc02b8cc
res/drawable-xhdpi/locker_key_4.png 0xd73eb4eb
res/drawable-xhdpi/locker_key_5.png 0xd40d6de2
res/drawable-xhdpi/locker_key_6.png 0xfaaad711
res/drawable-xhdpi/locker_key_7.png 0xa9c93453
res/drawable-xhdpi/locker_key_8.png 0x8747a94a
res/drawable-xhdpi/locker_key_9.png 0x3f1aa570
res/drawable-xhdpi/locker_key_bg_n.png 0xc9e30e4b
res/drawable-xhdpi/locker_key_bg_p.png 0x3ae7cf5
res/drawable-xhdpi/locker_key_clear.png 0xd251bdf3
res/drawable-xhdpi/locker_key_delete.png 0x74cab841
res/drawable-xhdpi/locker_list_item_bg.9.png 0x3abd2e0f
res/drawable-xhdpi/locker_popup_bg.9.png 0x8adf23fa
res/drawable-xhdpi/locker_pwd_have.png 0x2362e076
res/drawable-xhdpi/locker_pwd_none.png 0x62a75f97
res/drawable-xhdpi/locker_pwd_step_1.png 0x849008f0
res/drawable-xhdpi/locker_pwd_step_2.png 0x87f72da4
res/drawable-xhdpi/locker_pwd_step_3.png 0x7f12329d
res/drawable-xhdpi/locker_question_edit_bg.9.png 0xdccb9dd1
res/drawable-xhdpi/locker_question_submit_bg_n.9.png 0x80c8d6eb
res/drawable-xhdpi/locker_question_submit_bg_p.9.png 0x16b8c2e5
res/drawable-xhdpi/locker_reset_pwd_step_1.png 0x4103ad6b
res/drawable-xhdpi/locker_reset_pwd_step_2.png 0x84f3f34f
res/drawable-xhdpi/locker_search_edit_bg.9.png 0x6ac803e1
res/drawable-xhdpi/main_find_bg.png 0xe360b4a7
res/drawable-xhdpi/point_selected.png 0xe6b10923
res/drawable-xhdpi/point_unselect.png 0x18c9597b
res/drawable-xhdpi/popup_window_bg.9.png 0x3d5cd7e1
res/drawable-xhdpi/seekbar_progress.9.png 0xd7097e33
res/drawable-xhdpi/seekbar_progress1.png 0xafd23102
res/drawable-xhdpi/seekbar_thumb.9.png 0x38cc1372
res/drawable-xhdpi/seekbar_thumb1.png 0x209ed3de
res/drawable-xhdpi/seekbar_thumb2.9.png 0x45509b6
res/drawable-xhdpi/set_buttom_title.png 0x44d5d2da
res/drawable-xhdpi/set_item_buttombg.9.png 0xdc1e66b8
res/drawable-xhdpi/set_item_buttombg_press.9.png 0x28bce86b
res/drawable-xhdpi/set_item_centerbg.9.png 0x13e25705
res/drawable-xhdpi/set_item_centerbg_press.9.png 0x1efb10b9
res/drawable-xhdpi/set_item_topbg.9.png 0xbe34d45c
res/drawable-xhdpi/set_item_topbg_press.9.png 0x46ae4fe4
res/drawable-xhdpi/set_seekbar.9.png 0xefbe377a
res/drawable-xhdpi/set_shakeswitch_background.9.png 0xd149823
res/drawable-xhdpi/setseekbarthum.png 0xc5cef095
res/drawable-xhdpi/shortcut_erweima.png 0x9fd2b1b7
res/drawable-xhdpi/shortcut_eye.png 0x3be67be2
res/drawable-xhdpi/theme_btn_del_normal.png 0x720f4ec6
res/drawable-xhdpi/theme_btn_del_press.png 0x38bc4611
res/drawable-xhdpi/theme_del_layout_bg.png 0xb0cc6af4
res/drawable-xhdpi/userhelp.jpg 0x4f569467
res/drawable-xhdpi/welcome_360.jpg 0xb7d75ee2
res/drawable-xhdpi/welcome_bottom_bg.png 0x7477ea5c
res/drawable-xhdpi/welcome_yyb.jpg 0x26b04891
res/drawable-xhdpi/youxi_icon.png 0x3c725abb
res/drawable-xhdpi/youxi_icon1.png 0xbc53e802
res/drawable/app_item_bg_selector.xml 0x33b428d2
res/drawable/background.png 0xcff44fd4
res/drawable/background_repeat.xml 0xbbd41b5f
res/drawable/background_tab.xml 0xa0e4c72c
res/drawable/btn_download_item_selector.xml 0x9603ac1c
res/drawable/btn_find_download_selector.xml 0xe3064070
res/drawable/btn_help_selector.xml 0x2891baff
res/drawable/btn_more_selector.xml 0x90d98a8
res/drawable/btn_screenfilter_selector.xml 0xf430b561
res/drawable/btn_share_selector.xml 0x3bf3d757
res/drawable/btn_theme_switch.xml 0x802578a7
res/drawable/button_back_bg.xml 0x874ccd12
res/drawable/button_back_set_bg.xml 0xb6c2b7da
res/drawable/button_clear_bg.xml 0x26aa349f
res/drawable/button_dialog_cancel.xml 0x29be5612
res/drawable/button_dialog_download_selector.xml 0x5533e614
res/drawable/button_dialog_flat_cancel.xml 0xd4f1aea7
res/drawable/button_dialog_flat_ok.xml 0xcc3693c3
res/drawable/button_dialog_ok.xml 0x31796b76
res/drawable/button_download_bg.xml 0x264f9e67
res/drawable/button_erweima_his.xml 0x62c408c3
res/drawable/button_erweima_light.xml 0x50e8b713
res/drawable/button_erweima_photo.xml 0xdc561e20
res/drawable/button_overflow_bg.xml 0x5643d323
res/drawable/button_selector.xml 0x2c50de66
res/drawable/button_welcome_install.xml 0x42051305
res/drawable/dialog_share_item_selector.xml 0x44b9eb0d
res/drawable/earthquake_seekbar_style.xml 0xbc9a21a4
res/drawable/erweima_his_checkbox.xml 0xb119faf2
res/drawable/erweima_his_list_ietm_bg.xml 0xb72c051
res/drawable/feedback_edit_bg.xml 0x603a78c2
res/drawable/feedback_submitbtn_selector.xml 0x541c0af9
res/drawable/find_bottom_btn_selector.xml 0xb3fe0b80
res/drawable/item_download_selecter.xml 0x8e7ecf64
res/drawable/locker_background.xml 0xe42dde54
res/drawable/locker_key_selector.xml 0x47e918d5
res/drawable/locker_question_submit_selector.xml 0xb20940e
res/drawable/notify_panel_notification_icon_bg.png 0x85453014
res/drawable/notify_panel_notification_icon_bg_tile.xml 0xe1201818
res/drawable/popup_item_selector.xml 0x4da7db06
res/drawable/progress_bar.xml 0xa86e31e3
res/drawable/progress_bg.xml 0x1928ef83
res/drawable/rbflashtype_text_color.xml 0x85a0e56e
res/drawable/seekbar_style.xml 0x2eb14039
res/drawable/set_about_versionbg.xml 0x87479dce
res/drawable/set_item_background_select.xml 0x1099f1b1
res/drawable/set_item_buttombg_selector.xml 0xe072658
res/drawable/set_item_centerbg_selector.xml 0x7f5434a2
res/drawable/set_item_topbg_selector.xml 0x9d1a71e4
res/drawable/theme_btn_selector_delete.xml 0x3e115d72
res/drawable/umeng_common_gradient_green.xml 0x962bb903
res/drawable/umeng_common_gradient_orange.xml 0xd5106ae2
res/drawable/umeng_common_gradient_red.xml 0x133ade08
res/drawable/umeng_fb_arrow_right.png 0x7a1c5b28
res/drawable/umeng_fb_back_normal.png 0xf037944c
res/drawable/umeng_fb_back_selected.png 0x8c4fe8b
res/drawable/umeng_fb_back_selector.xml 0x2f7f2578
res/drawable/umeng_fb_bar_bg.9.png 0x382879f2
res/drawable/umeng_fb_btn_bg_selector.xml 0x9e7d68a6
res/drawable/umeng_fb_conversation_bg.png 0xdc739dc7
res/drawable/umeng_fb_gradient_green.xml 0x962bb903
res/drawable/umeng_fb_gradient_orange.xml 0xd5106ae2
res/drawable/umeng_fb_gray_frame.xml 0xd1c4cb2
res/drawable/umeng_fb_list_item.9.png 0x1dd77523
res/drawable/umeng_fb_list_item_pressed.9.png 0xdcc0e0d
res/drawable/umeng_fb_list_item_selector.xml 0x37e9ff8d
res/drawable/umeng_fb_logo.png 0x2d6a27be
res/drawable/umeng_fb_point_new.xml 0xb0b65b88
res/drawable/umeng_fb_point_normal.xml 0xd54fcdde
res/drawable/umeng_fb_reply_left_bg.9.png 0xfa4a43b9
res/drawable/umeng_fb_reply_right_bg.9.png 0x49b36368
res/drawable/umeng_fb_see_list_normal.png 0x6d9ee2f3
res/drawable/umeng_fb_see_list_pressed.png 0x3ff6d161
res/drawable/umeng_fb_see_list_selector.xml 0xc5e597cf
res/drawable/umeng_fb_statusbar_icon.png 0x6eefda9a
res/drawable/umeng_fb_submit_selector.xml 0x1934d325
res/drawable/umeng_fb_tick_normal.png 0xdea435dd
res/drawable/umeng_fb_tick_selected.png 0x33316df3
res/drawable/umeng_fb_tick_selector.xml 0xd167c271
res/drawable/umeng_fb_top_banner.xml 0xf7574374
res/drawable/umeng_fb_user_bubble.9.png 0x23cfe9b2
res/drawable/umeng_fb_write_normal.png 0xf3083af7
res/drawable/umeng_fb_write_pressed.png 0x10dae61
res/drawable/umeng_fb_write_selector.xml 0x684a39ee
res/drawable/umeng_socialize_action_back.xml 0xc9339cd5
res/drawable/umeng_socialize_action_back_normal.png 0xba8b7386
res/drawable/umeng_socialize_action_back_selected.png 0xce53b418
res/drawable/umeng_socialize_at_button.xml 0x4c25626d
res/drawable/umeng_socialize_at_normal.png 0x5f0e2072
res/drawable/umeng_socialize_at_selected.png 0x8dffa32e
res/drawable/umeng_socialize_bind_bg.9.png 0xc75a503
res/drawable/umeng_socialize_button_blue.9.png 0x883f5575
res/drawable/umeng_socialize_button_grey.9.png 0xf6adf7f3
res/drawable/umeng_socialize_button_grey_blue.xml 0x933edc6e
res/drawable/umeng_socialize_button_login.xml 0x1e8d8693
res/drawable/umeng_socialize_button_login_normal.png 0x815ff5a
res/drawable/umeng_socialize_button_login_pressed.png 0x815ff5a
res/drawable/umeng_socialize_button_red.9.png 0x4bb0e4ba
res/drawable/umeng_socialize_button_red_blue.xml 0x47b9ef5b
res/drawable/umeng_socialize_button_white.9.png 0x11f44e85
res/drawable/umeng_socialize_button_white_blue.xml 0x29480514
res/drawable/umeng_socialize_default_avatar.png 0xd968c89b
res/drawable/umeng_socialize_douban_off.png 0x2c165aac
res/drawable/umeng_socialize_douban_on.png 0x72af12c1
res/drawable/umeng_socialize_facebook.png 0x79e8d3ee
res/drawable/umeng_socialize_fetch_image.png 0x79c102e9
res/drawable/umeng_socialize_follow_check.xml 0x56bf4836
res/drawable/umeng_socialize_follow_off.png 0x7a3382ea
res/drawable/umeng_socialize_follow_on.png 0xe9907840
res/drawable/umeng_socialize_google.png 0x14e0c993
res/drawable/umeng_socialize_light_bar_bg.9.png 0x600ae142
res/drawable/umeng_socialize_location_ic.png 0xaa26ffe6
res/drawable/umeng_socialize_location_off.png 0x351812a3
res/drawable/umeng_socialize_location_on.png 0x793abdae
res/drawable/umeng_socialize_nav_bar_bg.png 0x816c111f
res/drawable/umeng_socialize_oauth_check.xml 0xe4d2bcd1
res/drawable/umeng_socialize_oauth_check_off.png 0xe4317840
res/drawable/umeng_socialize_oauth_check_on.png 0x43a08af1
res/drawable/umeng_socialize_qq_off.png 0x7bdd3319
res/drawable/umeng_socialize_qq_on.png 0x1c72a73
res/drawable/umeng_socialize_qzone_off.png 0x9058e27f
res/drawable/umeng_socialize_qzone_on.png 0x9a0765c4
res/drawable/umeng_socialize_refersh.png 0x79e6fe33
res/drawable/umeng_socialize_renren_off.png 0xe8ee095b
res/drawable/umeng_socialize_renren_on.png 0x67c8b264
res/drawable/umeng_socialize_search_icon.png 0x277770e7
res/drawable/umeng_socialize_shape_solid_black.xml 0x1b444197
res/drawable/umeng_socialize_shape_solid_grey.xml 0xd3b9615
res/drawable/umeng_socialize_share_to_button.xml 0x258be656
res/drawable/umeng_socialize_share_transparent_corner.xml 0x2177c030
res/drawable/umeng_socialize_shareboard_item_background.xml 0x2b6939c4
res/drawable/umeng_socialize_sidebar_normal.xml 0x65ceb328
res/drawable/umeng_socialize_sidebar_selected.xml 0xe80b415a
res/drawable/umeng_socialize_sidebar_selector.xml 0xc9b980a
res/drawable/umeng_socialize_sina_off.png 0x9ace6a82
res/drawable/umeng_socialize_sina_on.png 0xa87f0657
res/drawable/umeng_socialize_title_back_bt.xml 0x1496da75
res/drawable/umeng_socialize_title_back_bt_normal.png 0xf06342af
res/drawable/umeng_socialize_title_back_bt_selected.png 0xa372e23a
res/drawable/umeng_socialize_title_right_bt.xml 0xfd89a41f
res/drawable/umeng_socialize_title_right_bt_normal.png 0x361e32e5
res/drawable/umeng_socialize_title_right_bt_selected.png 0x3abfd408
res/drawable/umeng_socialize_title_tab_button_left.xml 0x452c0ac6
res/drawable/umeng_socialize_title_tab_button_right.xml 0xc0079688
res/drawable/umeng_socialize_title_tab_left_normal.png 0x3867c1c8
res/drawable/umeng_socialize_title_tab_left_pressed.png 0x36d083e1
res/drawable/umeng_socialize_title_tab_right_normal.png 0xc8ec4ad
res/drawable/umeng_socialize_title_tab_right_pressed.png 0xcda47f76
res/drawable/umeng_socialize_twitter.png 0x2e7076b0
res/drawable/umeng_socialize_tx_off.png 0xbf6cc43
res/drawable/umeng_socialize_tx_on.png 0xfb1960db
res/drawable/umeng_socialize_wechat.png 0xdb75721e
res/drawable/umeng_socialize_wechat_gray.png 0xb960e5cb
res/drawable/umeng_socialize_window_shadow_pad.xml 0xccbfb7d1
res/drawable/umeng_socialize_wxcircle.png 0xb71e1c46
res/drawable/umeng_socialize_wxcircle_gray.png 0x445beb69
res/drawable/umeng_socialize_x_button.png 0x12819e5e
res/drawable/umeng_update_button_cancel_bg_focused.xml 0xec2fe409
res/drawable/umeng_update_button_cancel_bg_normal.xml 0xec7f7152
res/drawable/umeng_update_button_cancel_bg_selector.xml 0x415a16f8
res/drawable/umeng_update_button_cancel_bg_tap.xml 0x74f2500
res/drawable/umeng_update_button_check_selector.xml 0x52b18a54
res/drawable/umeng_update_button_close_bg_selector.xml 0x79fa4ae4
res/drawable/umeng_update_button_ok_bg_focused.xml 0x3f32fe76
res/drawable/umeng_update_button_ok_bg_normal.xml 0x88fce1f9
res/drawable/umeng_update_button_ok_bg_selector.xml 0xd5fc5cfa
res/drawable/umeng_update_button_ok_bg_tap.xml 0x1f7e756e
res/drawable/umeng_update_dialog_bg.xml 0x565551a3
res/drawable/umeng_update_title_bg.xml 0x9173f89e
res/drawable/umeng_update_wifi_disable.png 0xe635e071
res/layout-v9/umeng_common_download_notification.xml 0x22d960a9
res/layout/activity_about.xml 0x1fb6ea2a
res/layout/activity_declare.xml 0xdb3fb066
res/layout/activity_download.xml 0x1a271854
res/layout/activity_earthquake.xml 0x1c66e669
res/layout/activity_find.xml 0x77bd3d59
res/layout/activity_find_type.xml 0x1b5703fc
res/layout/activity_find_v28.xml 0x7573dcf2
res/layout/activity_left_recommend.xml 0x79c54cad
res/layout/activity_locker.xml 0xed9af287
res/layout/activity_locker_block.xml 0x85b5b5c
res/layout/activity_locker_init.xml 0x440e52e1
res/layout/activity_locker_list.xml 0x8223f6d0
res/layout/activity_locker_reset.xml 0xd814209e
res/layout/activity_main.xml 0x8d7920b4
res/layout/activity_main_bak.xml 0x5cc88ee5
res/layout/activity_right_recommend.xml 0x747a2f73
res/layout/activity_screenfilter.xml 0xc7aea240
res/layout/activity_screenfilter_use.xml 0x3d16dcd6
res/layout/activity_setting.xml 0x67576e64
res/layout/activity_theme.xml 0x7b0bcea0
res/layout/activity_time.xml 0x994c217e
res/layout/activity_welcome.xml 0x3d927dc8
res/layout/bannerimage.xml 0xdfa7017f
res/layout/custom_notification.xml 0x386ce302
res/layout/dialog_download_flat.xml 0x2126bcfe
res/layout/dialog_download_prompt.xml 0xbf63e8a3
res/layout/dialog_download_v28.xml 0x8b7622d2
res/layout/dialog_share_action_sheet.xml 0x3605691f
res/layout/dialog_version_update.xml 0x47c95ccb
res/layout/erweima.xml 0xa2375bb2
res/layout/erweima_his_item.xml 0xec69c2f2
res/layout/erweima_item_header.xml 0xa8b911d4
res/layout/erweima_listview.xml 0x7626ab20
res/layout/feedback.xml 0xfa949e
res/layout/find_bottom_item.xml 0xa69b63e7
res/layout/find_viewpager_item.xml 0x5b597739
res/layout/fragment_screen_alarm.xml 0xc91316b0
res/layout/fragment_screen_base.xml 0x654e2610
res/layout/fragment_screen_brightness.xml 0xf6a6f5db
res/layout/fragment_theme.xml 0x5a2cdc6a
res/layout/historymemory.xml 0x3afa2725
res/layout/item_app_download.xml 0xccbbd9c8
res/layout/item_grid_apps.xml 0x27128fd1
res/layout/item_grid_image.xml 0x150fa05
res/layout/item_grid_right_apps.xml 0xed5156cc
res/layout/item_locker_list.xml 0x9433e30a
res/layout/item_theme_local.xml 0x1a228487
res/layout/item_theme_online.xml 0xaeebb279
res/layout/load.xml 0xcfa091b9
res/layout/nodata.xml 0x9c7821ea
res/layout/notification_download.xml 0x9804cd02
res/layout/pager_find_type.xml 0x5ce07bcb
res/layout/pager_find_type_special.xml 0x8254bc05
res/layout/popup_erweima.xml 0x353a47ed
res/layout/popup_find_new.xml 0x8e0873ff
res/layout/popup_locker.xml 0x9585fe5
res/layout/popup_screenfilter.xml 0x7fd729a3
res/layout/refresh_footer.xml 0xdaefd43b
res/layout/refresh_header.xml 0x50b6b8a3
res/layout/screen_falshlight_view.xml 0xcf19c68a
res/layout/setview.xml 0x44f673f2
res/layout/share_dialog_item.xml 0xb459382
res/layout/spinner_item_d.xml 0xf7bbd5c9
res/layout/status_bar_ongoing_event_progress_bar.xml 0xb6e0981c
res/layout/time_close_view.xml 0xe85adfc8
res/layout/title.xml 0x51dc6b38
res/layout/title_find.xml 0x571628ef
res/layout/umeng_common_download_notification.xml 0xae089f99
res/layout/umeng_fb_activity_contact.xml 0x2d84a836
res/layout/umeng_fb_activity_conversation.xml 0x71df3fd2
res/layout/umeng_fb_list_header.xml 0x5b39fbd0
res/layout/umeng_fb_list_item.xml 0x37556a68
res/layout/umeng_fb_new_reply_alert_dialog.xml 0x1130bc1c
res/layout/umeng_update_dialog.xml 0x9f988aa
res/layout/userhelp.xml 0x35e184b6
res/raw/alarm.mp3 0x4befe770
res/raw/beep.ogg 0x1bac0bfc
res/raw/cell_move.wav 0xeee42253
res/raw/closeflashlightoff.mp3 0xff182240
res/raw/dog.mp3 0x75d98219
res/raw/openflashlighton.mp3 0xb995d2d1
res/raw/seekchange.mp3 0x944ba1ea
res/raw/shutter_down.wav 0x5ca181d1
resources.arsc 0xe33e13e8
运行截图
VirSCANVirSCAN
VirSCAN