VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2017-07-12 08:48:01 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 5
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
avast 170303-1 4.7.4 2017-03-03 Found nothing 60
avg 2109/14149 10.0.1405 2017-07-04 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 12
baidusd 1.0 1.0 2017-03-22 Found nothing 1
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 23551 0.97.5 2017-07-10 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
fortinet 50.115, 50.114, 49.970 5.4.247 2017-07-12 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.13323 25.13323 2017-07-11 Found nothing 11
ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2017-07-10 Found nothing 2
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2017-07-11 Found nothing 3
mcafee 8261 5400.1158 2016-08-18 Found nothing 60
nod32 1777 3.0.21 2015-06-12 Found nothing 60
panda 9.05.01 9.05.01 2017-07-11 Found nothing 3
pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2017-07-11 Found nothing 3
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 2
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2017-07-09 Found nothing 2
tws 17.47.17308 1.0.2.2108 2017-07-11 Found nothing 14
vba 3.12.29.5 beta 3.12.29.5 beta 2017-07-10 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:4e155c6cba29ed2c3cdea858caff7f74
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:qoie.sfware.mermyso
最低运行环境:Android 1.6
版权:cag
进程行为
VirSCANVirSCAN
文件行为
VirSCANVirSCAN
行为描述: 查找文件
详情信息: FileName = C:\Program Files
FileName = C:\Program Files\Microsoft Office
FileName = C:\Program Files\Microsoft Office\OFFICE11\Normal.dot
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Templates\Normal.dot
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Normal.dot
FileName = C:\WINDOWS
FileName = C:\WINDOWS\WinSxS
FileName = C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
FileName = C:/Documents and Settings/Administrator/Local Settings/Temp/EB93A6/%temp%\****.exe_7zdump\应用商店搜索 - Chrome 网上应用店这条街边的黄色警戒线,悄无声息就跑到时尚达人的腰间.doc
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\桌面
FileName = C:\//Documents%20and%20Settings/Administrator/Local%20Settings/Temp/EB93A6/%temp%\****.exe_7zdump/应用商店搜索%20-%20Chrome%20网上应用店这条街边的黄色警戒线,悄无声息就跑到时尚达人的腰间.doc
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Word\STARTUP\*.*
FileName = C:\Program Files\Microsoft Office\OFFICE11\STARTUP\*.*
行为描述: 复制文件
详情信息: C:\Program Files\Microsoft Office\OFFICE11\opa11.bak ---> C:\Program Files\Microsoft Office\OFFICE11\opa11.dat
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\I
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\]L
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\MTTT
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\MTTF
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\MTTA
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\sM
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\QN
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\MN
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\+O
\REGISTRY\USER\S-*\Software\Microsoft\Office\Common\Assistant\CurrAsstState
行为描述: 删除注册表键值
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\MTTT
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\]L
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\sM
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\QN
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\MN
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\+O
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\I
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\WordName
行为描述: 删除注册表键
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: Local\Mutex_MSOSharedMem
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
Local\Mso97SharedDg19211108221Mutex
Local\Mso97SharedDg20321108221Mutex
MSCTF.GCompartListMUTEX.DefaultS-*
Local\Mso97SharedDg19521108221Mutex
Local\Mso97SharedDg19531108221Mutex
MSCTF.Shared.MUTEX.IOH
Local\Mso97SharedDg19541108221Mutex
OfficeAssistantStateMutex
行为描述: 创建事件对象
详情信息: EventName = Local\MsoTestEvent_0ac070bf-2def-4578-bb10-97bf6ceede50
EventName = PrimaryWord11Mutex
EventName = MSCTF.SendReceive.Event.AMJ.IC
EventName = MSCTF.SendReceiveConection.Event.AMJ.IC
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [MSOBALLOON,]
NtUserFindWindowEx: [Class,Window] = [MsoHelp10,]
NtUserFindWindowEx: [Class,Window] = [AgentAnim,]
NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [MsoHelp11,]
行为描述: 窗口信息
详情信息: Pid = 2492, Hwnd=0x10350, Text = MsoDockTop, ClassName = MsoCommandBarDock.
Pid = 2492, Hwnd=0x10358, Text = 格式, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x10356, Text = 常用, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x1035a, Text = 菜单栏, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x2034a, Text = 文档 1, ClassName = _WwB.
Pid = 2492, Hwnd=0x1036c, Text = MSO Generic Control Container, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x10370, Text = MSO Generic Control Container, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x10366, Text = Microsoft Word 文档, ClassName = _WwG.
Pid = 2492, Hwnd=0x20342, Text = 文档 1 - Microsoft Word, ClassName = OpusApp.
行为描述: 调整进程token权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 打开事件
详情信息: Global\MsoTestEvent_0ac070bf-2def-4578-bb10-97bf6ceede50
MSFT.VSA.COM.DISABLE.2492
MSFT.VSA.IEC.STATUS.6c736db0
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
_fCanRegisterWithShellService
CTF.ThreadMIConnectionEvent.000007E8.00000000.00000010
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.00000010
MSCTF.SendReceiveConection.Event.IOH.IC
MSCTF.SendReceive.Event.IOH.IC
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ThunderRT6Main]
行为描述: 打开互斥体
详情信息: ShimCacheMutex
Local\Mutex_MSOSharedMem
Local\Mso97SharedDg19211108221Mutex
Local\Mso97SharedDg20321108221Mutex
Local\MU_ACBPIDS08
CtfmonInstMutexDefaultS-*
Local\Mso97SharedDg19521108221Mutex
Local\Mso97SharedDg19531108221Mutex
Local\Mso97SharedDg19541108221Mutex
OfficeAssistantStateMutex
Activities
VirSCANVirSCAN
活动名 类型
.Main qoie.sfware.mermyso.com.tomain
.Main android.intent.category.DEFAULT
fm.sva.Aq android.intent.action.MAIN
fm.sva.Aq android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
ContentResolver;->query 读取联系人、短信等数据库
HttpClient;->execute 请求远程服务器
DefaultHttpClient;->execute 发送HTTP请求
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
TelephonyManager;->getSimSerialNumber 获取SIM序列号
LocationManager;->getLastKnownLocation 获取地址位置
TelephonyManager;->getLine1Number 获取手机号
启动方式
VirSCANVirSCAN
名称 信息
ytl.ycbgk.ad.Rbwpt 网络连接改变时启动服务
ytl.ycbgk.ad.Rbwpt 屏幕解锁启动服务
ytl.ycbgk.ad.Rbwpt
ytl.ycbgk.ad.Rbwpt
ytl.ycbgk.ad.Rbwpt
ytl.ycbgk.ad.Rbwpt
ytl.ycbgk.ad.Rbwpt 应用卸载时启动服务
ytl.ycbgk.ad.Rbwpt 应用安装时启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
com.android.launcher.permission.INSTALL_SHORTCUT 创建快捷方式
android.permission.READ_PHONE_STATE 读取电话状态
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_WIFI_STATE 读取wifi网络状态
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
服务列表
VirSCANVirSCAN
名称
qoie.sfware.mermyso.service.Receiver
fm.nil.Hjdfus
fm.nil.SimInsService
fm.nil.Cwkbs
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0x3349871d
META-INF/GAMEKEY.SF 0xe69731f8
META-INF/GAMEKEY.RSA 0x14a9ae96
assets/ck 0x6469fa95
assets/contr 0xa15d25e1
res/drawable/about.png 0x6e72ef50
res/drawable/btn_green.xml 0x7e92ae7e
res/drawable/button.png 0x69158835
res/drawable/help.png 0x9d354173
res/drawable/icon.png 0xbde61b86
res/drawable/info.png 0xd87c0b83
res/drawable/mainbar.xml 0x94a0416b
res/drawable/option.png 0x128f552e
res/drawable/pressedbutton.png 0xacef7d4
res/drawable/quit.png 0xe50a27f1
res/drawable/s_bg_frame.xml 0xefed8de2
res/drawable/s_bg_frame_point.xml 0xa6fbbb34
res/drawable/s_btn_close.xml 0x82e83d57
res/drawable/s_btn_download.xml 0x287f502a
res/drawable/s_btn_list_download.xml 0x35e6ec88
res/drawable/s_btn_more.xml 0x34d7d698
res/drawable/s_btn_more_point.xml 0x7dc1e04e
res/drawable/s_moveviewimage.xml 0x8a071ddc
res/drawable/s_progress.xml 0x4a2f53f9
res/drawable/stylebutton.xml 0x476de7f1
res/drawable/wallpaper.jpg 0x63eaaf61
res/drawable-hdpi/back.png 0xc80de51a
res/drawable-hdpi/bg_orange.9.png 0x80c5a3ae
res/drawable-hdpi/btn_green_1.9.png 0xa30c2ada
res/drawable-hdpi/btn_green_2.9.png 0xdbe9303f
res/drawable-hdpi/devide.png 0xce3a5675
res/drawable-hdpi/dot0.9.png 0xdf3051b1
res/drawable-hdpi/dot1.9.png 0x960e8959
res/drawable-hdpi/download.png 0xc100ba42
res/drawable-hdpi/icon.png 0xbde61b86
res/drawable-hdpi/s_bg.png 0xa461a103
res/drawable-hdpi/s_click.png 0xb2c44ae5
res/drawable-hdpi/s_close_0.png 0x8d181f3b
res/drawable-hdpi/s_close_1.png 0xa35b1910
res/drawable-hdpi/s_d_close.png 0x1fe6078c
res/drawable-hdpi/s_devide.png 0xce3a5675
res/drawable-hdpi/s_frame_c_0.png 0x59722be1
res/drawable-hdpi/s_frame_c_1.png 0xb9c30954
res/drawable-hdpi/s_frame_p_0.png 0xf73130a7
res/drawable-hdpi/s_frame_p_1.png 0x33887472
res/drawable-hdpi/s_loading.png 0xabfb4190
res/drawable-hdpi/s_more_c_0.png 0xd10b984
res/drawable-hdpi/s_more_c_1.png 0x72546437
res/drawable-hdpi/s_more_d_0.png 0x15c361fb
res/drawable-hdpi/s_more_d_1.png 0xa6aef16d
res/drawable-hdpi/s_more_down_0.png 0x656ccf8b
res/drawable-hdpi/s_more_down_1.png 0xb8ef7f51
res/drawable-hdpi/s_move_0.png 0x87232ba6
res/drawable-hdpi/s_move_1.png 0x122653a6
res/drawable-hdpi/s_move_2.png 0xb17f8119
res/drawable-hdpi/s_slected.png 0x551fb87e
res/drawable-hdpi/s_unselected.png 0xf7223412
res/drawable-hdpi/titlebg.png 0x371ea550
res/drawable-ldpi/icon.png 0xbde61b86
res/drawable-mdpi/icon.png 0xbde61b86
res/layout/adapter_app_item.xml 0x24cc0901
res/layout/help.xml 0xed779b59
res/layout/list_activity.xml 0xfbf84c84
res/layout/main.xml 0xdb1235ed
res/layout/mainbar.xml 0x2e5a546c
res/layout/maincontent.xml 0x4fded45b
res/layout/s_app_detail.xml 0x81fff893
res/layout/s_download_dialog.xml 0xe6adb922
res/layout/s_mover.xml 0x78839e4
res/layout/s_progress_dialog.xml 0xa840c982
res/layout/s_show.xml 0xf269d144
res/layout/s_update.xml 0xe7742b57
res/layout/web_activity.xml 0x1df76c9f
res/xml/preferences.xml 0x7cb9c72f
AndroidManifest.xml 0xf95f5730
classes.dex 0xfb8964af
resources.arsc 0x8e9425b8
运行截图
VirSCANVirSCAN
VirSCAN