VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2016-10-22 12:42:58 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 5
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
avast 161021-0 4.7.4 2016-10-21 Found nothing 32
avg 2109/12736 10.0.1405 2016-10-19 Found nothing 2
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 8
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 1
clamav 22399 0.97.5 2016-10-20 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2016-10-22 Found nothing 45
fortinet 40.188, 40.188, 40.188 5.4.233 2016-10-22 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 13
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 13
gdata 25.8610 25.8610 2016-10-12 Found nothing 10
ikarus 1.06.01 V1.32.31.0 2016-10-21 Found nothing 33
jiangmin 16.0.100 1.0.0.0 2016-10-06 Found nothing 46
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 28
kingsoft 2.1 2.1 2013-09-22 Found nothing 7
mcafee 8254 5400.1158 2016-08-11 Found nothing 44
nod32 1777 3.0.21 2015-06-12 Found nothing 4
panda 9.05.01 9.05.01 2016-10-21 Found nothing 5
pcc 12.850.07 9.500-1005 2016-10-21 Found nothing 2
qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 1
quickheal 14.00 14.00 2016-10-21 Found nothing 2
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 2
sophos 5.32 3.65.2 2016-10-10 Found nothing 10
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 5
thehacker 6.8.0.5 6.8.0.5 2016-10-19 Found nothing 2
tws 17.47.17308 1.0.2.2108 2016-10-21 Found nothing 14
vba 3.12.29.3 beta 3.12.29.3 beta 2016-10-21 Found nothing 54
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:d2270fe4c49ba44dad0ab2b5b333a6c0
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:org.tamanegi.wallpaper.multipicture
最低运行环境:Android 2.1.x
版权:
关键行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 直接获取CPU时钟
详情信息: N/A
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0x15010632.
Foreground window Info: HWND = 0x00000000, DC = 0x1f010681.
Foreground window Info: HWND = 0x00000000, DC = 0x8c01058a.
进程行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 直接获取CPU时钟
详情信息: N/A
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0x15010632.
Foreground window Info: HWND = 0x00000000, DC = 0x1f010681.
Foreground window Info: HWND = 0x00000000, DC = 0x8c01058a.
文件行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 查找文件
详情信息: FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
FileName = C:\WINDOWS\system32\Ras\*.pbk
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Network\Connections\Pbk\*.pbk
网络行为
VirSCANVirSCAN
行为描述: 连接指定站点
详情信息: InternetConnectA: ServerName = r.****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
行为描述: 打开HTTP连接
详情信息: InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0), hSession = 0x00cc0004
行为描述: 建立到一个指定的套接字连接
详情信息: URL: r.****om, IP: **.133.40.**:80, SOCKET = 0x0000057c
行为描述: 读取网络文件
详情信息: hFile = 0x00cc000c, BytesToRead =102400, BytesRead = 102400.
行为描述: 发送HTTP包
详情信息: GET /fcg-bin/cgi_get_portrait.fcg?uins=826061171&get_nick=1&_=1438937421131 HTTP/1.1 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) Accept: */* Host: r.****om Cache-Control: no-cache
行为描述: 打开HTTP请求
详情信息: HttpOpenRequestA: r.****om:80/fcg-bin/cgi_get_portrait.fcg?uins=826061171&get_nick=1&_=1438937421131, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x84000000
行为描述: 按名称获取主机地址
详情信息: GetAddrInfoW: r.****om
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Multimedia\DrawDib\vga.drv 1920x973x16(565 0)
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
行为描述: 删除注册表键值
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
\REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\DWFileTreeRoot
行为描述: 删除注册表键
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: RasPbFile
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
行为描述: 创建事件对象
详情信息: EventName = DINPUTWINMM
EventName = Global\userenv: User Profile setup event
行为描述: 直接获取CPU时钟
详情信息: N/A
行为描述: 窗口信息
详情信息: Pid = 588, Hwnd=0x8036e, Text = 确定, ClassName = Button.
Pid = 588, Hwnd=0x1c037a, Text = 取消, ClassName = Button.
Pid = 588, Hwnd=0x503de, Text = "0x20013f62" 指令引用的 "0x00000000" 内存。该内存不能为 "written"。 要终止程序,请单击“确定”。 要调试程序,请单击“取消”。, ClassName = Static.
Pid = 588, Hwnd=0xc037c, Text = _iext3_CTipWnd: %temp%\****.exe - 应用程序错误, ClassName = #32770.
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Global\SvcctrlStartEvent_A3752DX
\INSTALLATION_SECURITY_HOLD
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0x15010632.
Foreground window Info: HWND = 0x00000000, DC = 0x1f010681.
Foreground window Info: HWND = 0x00000000, DC = 0x8c01058a.
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [<,AfxWnd42s]
[Window,Class] = [>,AfxWnd42s]
[Window,Class] = [,Edit]
[Window,Class] = [注册,Button]
[Window,Class] = [密码:,Afx:400000:b:10011:1900015:0]
[Window,Class] = [邮箱:,Afx:400000:b:10011:1900015:0]
[Window,Class] = [充值,Button]
[Window,Class] = [账号:,Afx:400000:b:10011:1900015:0]
[Window,Class] = [卡号:,Afx:400000:b:10011:1900015:0]
行为描述: 打开互斥体
详情信息: RasPbFile
ShimCacheMutex
Local\_!MSFTHISTORY!_
Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
Local\c:!documents and settings!administrator!cookies!
Local\c:!documents and settings!administrator!local settings!history!history.ie5!
Local\WininetStartupMutex
Local\WininetConnectionMutex
Local\WininetProxyRegistryMutex
Local\!IETld!Mutex
Activities
VirSCANVirSCAN
活动名 类型
org.tamanegi.wallpaper.multipicture.picsource.SingleSource org.tamanegi.wallpaper.multipicture.action.GET_PICTURE_SOURCE
org.tamanegi.wallpaper.multipicture.picsource.SingleSource android.intent.category.DEFAULT
org.tamanegi.wallpaper.multipicture.picsource.AlbumSource org.tamanegi.wallpaper.multipicture.action.GET_PICTURE_SOURCE
org.tamanegi.wallpaper.multipicture.picsource.AlbumSource android.intent.category.DEFAULT
org.tamanegi.wallpaper.multipicture.picsource.FolderSource org.tamanegi.wallpaper.multipicture.action.GET_PICTURE_SOURCE
org.tamanegi.wallpaper.multipicture.picsource.FolderSource android.intent.category.DEFAULT
org.tamanegi.wallpaper.multipicture.LaunchDispatcher android.intent.action.MAIN
org.tamanegi.wallpaper.multipicture.LaunchDispatcher android.intent.category.INFO
org.tamanegi.wallpaper.multipicture.CreateShortcut android.intent.action.CREATE_SHORTCUT
危险函数
VirSCANVirSCAN
函数名称 信息
ContentResolver;->query 读取联系人、短信等数据库
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
服务列表
VirSCANVirSCAN
名称
org.tamanegi.wallpaper.multipicture.MultiPictureService
org.tamanegi.wallpaper.multipicture.picsource.SinglePickService
org.tamanegi.wallpaper.multipicture.picsource.AlbumPickService
org.tamanegi.wallpaper.multipicture.picsource.FolderPickService
org.tamanegi.wallpaper.multipicture.picsource.FolderDirectPickService
文件列表
VirSCANVirSCAN
文件名 校验码
res/drawable/bottom_area.xml 0x2457dd95
res/drawable/btn_add_screen.xml 0x29aa40f6
res/drawable/btn_circle.xml 0x8628906e
res/drawable/btn_circle_disable.xml 0x43f11ba0
res/drawable/btn_circle_normal.xml 0x7e0b4618
res/drawable/btn_circle_pressed.xml 0x1007bc42
res/drawable/qr.xml 0x87030a46
res/layout/button_preference_list.xml 0x8ab6cfdf
res/layout/color_picker.xml 0x2274329d
res/layout/folder_picker.xml 0xf6e96391
res/layout/folder_picker_list_item.xml 0x2eb07fd
res/layout/preference_add_screen.xml 0xa149b5c8
res/layout/preference_picsource_item.xml 0x696d8b09
res/layout/qr_viewer.xml 0x11abe972
res/layout/screen_picker.xml 0x3e2246bc
res/menu/setting_options.xml 0xcfc7cce8
res/xml/album_pref.xml 0xf480c7bd
res/xml/folder_pref.xml 0x42822469
res/xml/multipicture.xml 0xda36ad8d
res/xml/pref.xml 0xdca2432c
AndroidManifest.xml 0x57c401b4
resources.arsc 0x6cfda95c
res/layout-v11/preference_add_screen.xml 0x92652837
res/layout-v11/preference_picsource_item.xml 0xa5418c3c
res/drawable-hdpi/btn_decrement.png 0x32392fd6
res/drawable-hdpi/btn_increment.png 0x872634e0
res/drawable-hdpi/ic_btn_add_screen.png 0xa09f4ae8
res/drawable-hdpi/ic_menu_qr.png 0x1e2aa950
res/drawable-hdpi/ic_picsource_album.png 0x340e5802
res/drawable-hdpi/ic_picsource_folder.png 0x92a04a
res/drawable-hdpi/ic_picsource_single.png 0x6c496bb0
res/drawable-hdpi/ic_picsource_use_default.png 0x4e60c020
res/drawable-hdpi/icon.png 0x8e02dec3
res/drawable-hdpi/spinner.png 0xae56ef75
res/drawable-ldpi/btn_decrement.png 0x40f811bf
res/drawable-ldpi/btn_increment.png 0x4a254314
res/drawable-ldpi/ic_btn_add_screen.png 0x625f7aa8
res/drawable-ldpi/ic_menu_qr.png 0x2093d3b5
res/drawable-ldpi/ic_picsource_album.png 0x3c577cf4
res/drawable-ldpi/ic_picsource_folder.png 0x502b3734
res/drawable-ldpi/ic_picsource_single.png 0x9528e025
res/drawable-ldpi/ic_picsource_use_default.png 0x84ce4334
res/drawable-ldpi/icon.png 0x45057084
res/drawable-ldpi/spinner.png 0xfeaae341
res/drawable-mdpi/btn_decrement.png 0x36f757a5
res/drawable-mdpi/btn_increment.png 0x567d078b
res/drawable-mdpi/ic_btn_add_screen.png 0xd2f81c39
res/drawable-mdpi/ic_menu_qr.png 0x2f8e8b35
res/drawable-mdpi/ic_picsource_album.png 0x9ffba75e
res/drawable-mdpi/ic_picsource_folder.png 0xa870163a
res/drawable-mdpi/ic_picsource_single.png 0xa487169d
res/drawable-mdpi/ic_picsource_use_default.png 0x68420adb
res/drawable-mdpi/icon.png 0x93e178af
res/drawable-mdpi/spinner.png 0x62d06fb1
res/drawable-nodpi/qr_img.png 0x4685d522
res/drawable-nodpi/thumbnail.png 0x62c67a6
res/drawable-xhdpi/btn_decrement.png 0x71dfe8c7
res/drawable-xhdpi/btn_increment.png 0x5c6aa739
res/drawable-xhdpi/ic_btn_add_screen.png 0xa5896721
res/drawable-xhdpi/ic_menu_qr.png 0x82e8f908
res/drawable-xhdpi/ic_picsource_album.png 0x8db54e24
res/drawable-xhdpi/ic_picsource_folder.png 0x2b8d7674
res/drawable-xhdpi/ic_picsource_single.png 0x3f4e872d
res/drawable-xhdpi/ic_picsource_use_default.png 0xd12e2c6b
res/drawable-xhdpi/icon.png 0x65d7ecb8
res/drawable-xhdpi/spinner.png 0x8d5ca583
res/drawable-xxhdpi/btn_decrement.png 0x21ad4250
res/drawable-xxhdpi/btn_increment.png 0x3d32816f
res/drawable-xxhdpi/ic_btn_add_screen.png 0x360ecfd4
res/drawable-xxhdpi/ic_menu_qr.png 0xd3e3dbb5
res/drawable-xxhdpi/ic_picsource_album.png 0x67bca78b
res/drawable-xxhdpi/ic_picsource_folder.png 0x55815472
res/drawable-xxhdpi/ic_picsource_single.png 0x69aad2e2
res/drawable-xxhdpi/ic_picsource_use_default.png 0x4b8c46b3
res/drawable-xxhdpi/icon.png 0xa9938e7c
res/drawable-xxhdpi/spinner.png 0x5778c03
res/layout-land/color_picker.xml 0x7ab02928
classes.dex 0x5ed8f02b
META-INF/MANIFEST.MF 0xa5e74bdf
META-INF/CERT.SF 0x18ef8a3a
META-INF/CERT.RSA 0x85a96671
运行截图
VirSCANVirSCAN
VirSCAN