VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Scanner(s) (0/39)found malware!
Behavior analysis report:         Habo file analysis
Time: 2014-10-29 21:14:24 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
ahnlab 9.9.9 9.9.9 2013-05-28 Found nothing 3
antivir 1.9.2.0 1.9.159.0 7.11.181.228 Found nothing 16
antiy 114701 AVL141003 2014-10-04 Found nothing 5
arcavir 1.0 2011 2014-05-30 Found nothing 8
asquared 9.0.0.4157 9.0.0.4157 2014-07-30 Found nothing 1
avast 141028-0 4.7.4 2014-10-28 Found nothing 28
avg 2109/7906 10.0.1405 2014-10-17 Found nothing 1
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 4
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.57413 7.90123 2014-10-29 Found nothing 7
clamav 19544 0.97.5 2014-10-27 Found nothing 1
comodo 15023 5.1 2014-10-03 Found nothing 3
ctch 4.6.5 5.3.14 2013-12-01 Found nothing 1
drweb 5.0.2.3300 5.0.1.1 2014-10-20 Found nothing 30
fortinet 23.070, 23.070 5.1.158 2014-10-29 Found nothing 1
fprot 4.6.2.117 6.5.1.5418 2014-10-28 Found nothing 1
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 2
gdata 24.3819 24.3819 2014-08-29 Found nothing 7
hauri 2.73 2.73 2014-06-13 Found nothing 1
ikarus 1.06.01 V1.32.31.0 2014-10-28 Found nothing 13
jiangmin 16.0.100 1.0.0.0 2014-07-28 Found nothing 14
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 20
kingsoft 2.1 2.1 2013-09-22 Found nothing 14
mcafee 7520 5400.1158 2014-08-04 Found nothing 8
nod32 0436 3.0.21 2014-09-18 Found nothing 1
panda 9.05.01 9.05.01 2014-06-15 Found nothing 3
pcc 11.240.06 9.500-1005 2014-10-28 Found nothing 1
qh360 1.0.1 1.0.1 1.0.1 Found nothing 12
qqphone 1.0.0.0 1.0.0.0 2014-10-29 Found nothing 1
quickheal 14.00 14.00 2014-06-14 Found nothing 2
rising 25.17.00.04 25.17.00.04 2014-06-02 Found nothing 1
sophos 5.04 3.51.0 2014-08-05 Found nothing 8
sunbelt 3.9.2589.2 3.9.2589.2 2014-06-13 Found nothing 1
symantec 20141027.001 1.3.0.24 2014-10-27 Found nothing 1
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2014-06-12 Found nothing 1
tws 17.47.17308 1.0.2.2108 2014-06-16 Found nothing 6
vba 3.12.26.3 3.12.26.3 2014-10-28 Found nothing 3
virusbuster 15.0.951.0 5.5.2.13 2014-10-27 Found nothing 14
权限列表
许可名称 信息
android.permission.FORCE_STOP_PACKAGES
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.KILL_BACKGROUND_PROCESSES 关闭后台进程
android.permission.READ_SETTINGS
android.permission.READ_SECURE_SETTINGS
文件信息
VirSCANVirSCAN
安全评分 :71
基本信息
VirSCANVirSCAN
MD5:12d620865f8ece075d5766fbdf448178
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.htc.taskmanager
最低运行环境:Android 4.1, 4.1.1
版权:Android
关键行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
[Window,Class] = [安装向导,TApplication]
[Window,Class] = [,FD2B0E87767D4EC3948988BF4D043067]
[Window,Class] = [,995D92B2-4ED9-43A7-9338-8CC7D1746F96]
[Window,Class] = [,Auto-Suggest Dropdown]
[Window,Class] = [,TNewNotebookPage]
行为描述: 按名称获取主机地址
详情信息: api.opencandy.com
进程行为
VirSCANVirSCAN
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
[Window,Class] = [安装向导,TApplication]
[Window,Class] = [,FD2B0E87767D4EC3948988BF4D043067]
[Window,Class] = [,995D92B2-4ED9-43A7-9338-8CC7D1746F96]
[Window,Class] = [,Auto-Suggest Dropdown]
[Window,Class] = [,TNewNotebookPage]
行为描述: 按名称获取主机地址
详情信息: api.opencandy.com
文件行为
VirSCANVirSCAN
行为描述: 写权限映射文件
详情信息: F8F677DE3D594D7CB6102B7574921884
85426876-4F81-491C-848D-C7BA755E6DFA
DfSharedHeapDCAC0
\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DFCAC5.tmp
DfRoot0000DCAC0
行为描述: 创建可执行文件
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-FRUGF.tmp\sample.tmp
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-JITL7.tmp\_isetup\_shfoldr.dll
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\is-JITL7.tmp\OCSetupHlp.dll
行为描述: 修改文件内容
详情信息: C:\WINDOWS\system32\wbem\Logs\wbemprox.log---> Offset = 0
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
网络行为
VirSCANVirSCAN
行为描述: 建立到一个指定的套接字连接
详情信息: 127.0.0.1:1040
127.0.0.1:1041
127.0.0.1:1042
127.0.0.1:1043
127.0.0.1:1044
127.0.0.1:1045
127.0.0.1:1046
127.0.0.1:1047
127.0.0.1:1048
127.0.0.1:1049
127.0.0.1:1050
127.0.0.1:1051
127.0.0.1:1052
127.0.0.1:1053
127.0.0.1:1054
行为描述: 按名称获取主机地址
详情信息: api.opencandy.com
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-1-5-21-1482476501-1645522239-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\X\BaseClass
行为描述: 删除注册表键
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW
行为描述: 删除注册表键值
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\DW\DWFileTreeRoot
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: DEFINED_LoadSDKDLL
CRemoteProcApiCalls::m_bShowLoadingScreen
CRemoteProcApiCalls::m_nMaxLoadingScreenOffers
Global\426F00E8-A1B3-4EB2-8FF8-0950920F5D6E
SHIMLIB_LOG_MUTEX
CSDKApi::m_bSkipAllOffersTriggered
CSDKApi::m_bDeclineOfferTriggered
CSDKApi::m_bShowSkipAllButton
CSDKApi::m_bShowDeclineButton
Global\223CEB62-A2BC-4E33-BA9B-FCAC6DAAB1BE
m_wndDummyAPIMsgWindow
CTrackingCalls::m_bIsRunningFromReboot
CSDKApi::GetTimeMSFromStartup
CSDKApi::DevModeMessage
CSDKApi::m_strClientSessionID
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
[Window,Class] = [安装向导,TApplication]
[Window,Class] = [,FD2B0E87767D4EC3948988BF4D043067]
[Window,Class] = [,995D92B2-4ED9-43A7-9338-8CC7D1746F96]
[Window,Class] = [,Auto-Suggest Dropdown]
[Window,Class] = [,TNewNotebookPage]
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [FD2B0E87767D4EC3948988BF4D043067,]
NtUserFindWindowEx: [Class,Window] = [995D92B2-4ED9-43A7-9338-8CC7D1746F96,]
行为描述: 窗口信息
详情信息: Pid = 1288, Hwnd=0xa018c, Text = 选择安装期间要使用的语言:, ClassName = TNewStaticText.
Pid = 1288, Hwnd=0xb01c6, Text = 中文(简体), ClassName = TNewComboBox.
Pid = 1288, Hwnd=0xb01b0, Text = 确定, ClassName = TNewButton.
Pid = 1288, Hwnd=0xa01aa, Text = 取消, ClassName = TNewButton.
Pid = 1288, Hwnd=0xd01c2, Text = 选择安装语言, ClassName = TSelectLanguageForm.
Pid = 1288, Hwnd=0xc03b4, Text = 欢迎使用 BurnAware Free 安装向导 , ClassName = TNewStaticText.
Pid = 1288, Hwnd=0xa0342, Text = 安装向导将在你的电脑上安装 BurnAware Free 7.5。 建议你在继续之前关闭所有其它应用程序。 单击“下一步”继续,或单击“取消”退, ClassName = TNewStaticText.
Pid = 1288, Hwnd=0xb01ce, Text = Important Notice: The use of BurnAware Free within any commercial organization or distribution as pre-installed software is stri, ClassName = TRichEditViewer.
Pid = 1288, Hwnd=0xf016e, Text = C:\Program Files\BurnAware Free, ClassName = TEdit.
Pid = 1288, Hwnd=0x80334, Text = 下一步(&N) >, ClassName = TNewButton.
Pid = 1288, Hwnd=0xb03ac, Text = 取消, ClassName = TNewButton.
Pid = 1288, Hwnd=0xc01aa, Text = 安装向导 - BurnAware Free, ClassName = TWizardForm.
Pid = 1288, Hwnd=0x903fa, Text = BurnAware? , ClassName = TNewStaticText.
Pid = 1288, Hwnd=0x9036c, Text = 许可协议, ClassName = TNewStaticText.
Pid = 1288, Hwnd=0x903f6, Text = 请在继续之前阅读以下重要信息。, ClassName = TNewStaticText.
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 枚举窗口
详情信息: N/A
异常崩溃
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: DEFINED_LoadSDKDLL
CRemoteProcApiCalls::m_bShowLoadingScreen
CRemoteProcApiCalls::m_nMaxLoadingScreenOffers
Global\426F00E8-A1B3-4EB2-8FF8-0950920F5D6E
SHIMLIB_LOG_MUTEX
CSDKApi::m_bSkipAllOffersTriggered
CSDKApi::m_bDeclineOfferTriggered
CSDKApi::m_bShowSkipAllButton
CSDKApi::m_bShowDeclineButton
Global\223CEB62-A2BC-4E33-BA9B-FCAC6DAAB1BE
m_wndDummyAPIMsgWindow
CTrackingCalls::m_bIsRunningFromReboot
CSDKApi::GetTimeMSFromStartup
CSDKApi::DevModeMessage
CSDKApi::m_strClientSessionID
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ComboLBox]
[Window,Class] = [安装向导,TApplication]
[Window,Class] = [,FD2B0E87767D4EC3948988BF4D043067]
[Window,Class] = [,995D92B2-4ED9-43A7-9338-8CC7D1746F96]
[Window,Class] = [,Auto-Suggest Dropdown]
[Window,Class] = [,TNewNotebookPage]
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [FD2B0E87767D4EC3948988BF4D043067,]
NtUserFindWindowEx: [Class,Window] = [995D92B2-4ED9-43A7-9338-8CC7D1746F96,]
行为描述: 窗口信息
详情信息: Pid = 1288, Hwnd=0xa018c, Text = 选择安装期间要使用的语言:, ClassName = TNewStaticText.
Pid = 1288, Hwnd=0xb01c6, Text = 中文(简体), ClassName = TNewComboBox.
Pid = 1288, Hwnd=0xb01b0, Text = 确定, ClassName = TNewButton.
Pid = 1288, Hwnd=0xa01aa, Text = 取消, ClassName = TNewButton.
Pid = 1288, Hwnd=0xd01c2, Text = 选择安装语言, ClassName = TSelectLanguageForm.
Pid = 1288, Hwnd=0xc03b4, Text = 欢迎使用 BurnAware Free 安装向导 , ClassName = TNewStaticText.
Pid = 1288, Hwnd=0xa0342, Text = 安装向导将在你的电脑上安装 BurnAware Free 7.5。 建议你在继续之前关闭所有其它应用程序。 单击“下一步”继续,或单击“取消”退, ClassName = TNewStaticText.
Pid = 1288, Hwnd=0xb01ce, Text = Important Notice: The use of BurnAware Free within any commercial organization or distribution as pre-installed software is stri, ClassName = TRichEditViewer.
Pid = 1288, Hwnd=0xf016e, Text = C:\Program Files\BurnAware Free, ClassName = TEdit.
Pid = 1288, Hwnd=0x80334, Text = 下一步(&N) >, ClassName = TNewButton.
Pid = 1288, Hwnd=0xb03ac, Text = 取消, ClassName = TNewButton.
Pid = 1288, Hwnd=0xc01aa, Text = 安装向导 - BurnAware Free, ClassName = TWizardForm.
Pid = 1288, Hwnd=0x903fa, Text = BurnAware? , ClassName = TNewStaticText.
Pid = 1288, Hwnd=0x9036c, Text = 许可协议, ClassName = TNewStaticText.
Pid = 1288, Hwnd=0x903f6, Text = 请在继续之前阅读以下重要信息。, ClassName = TNewStaticText.
行为描述: 获取系统权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 枚举窗口
详情信息: N/A
动态列表行为
VirSCANVirSCAN
行为描述: 启动服务
详情信息: com.android.musicfx.Compatibility$Service
com.android.mms.transaction.SmsReceiverService
行为描述: 读取文件
详情信息: path:/proc/783/cmdline length:105
path:/proc/799/cmdline length:105
path:/proc/811/cmdline length:105
path:/proc/841/cmdline length:105
path:/proc/853/cmdline length:105
行为描述: 类加载
详情信息: path:/system/app/PicoTts.apk
path:/system/app/MusicFX.apk
path:/system/framework/am.jar
path:/data/app/com.htc.taskmanager-1.apk
行为描述: 写入文件
详情信息: path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
path:/data/data/com.android.musicfx/shared_prefs/musicfx.xml length:105
path:/data/data/com.android.gallery3d/shared_prefs/com.android.gallery3d_preferences.xml length:105
Activities
VirSCANVirSCAN
活动名 类型
.MainActivity android.intent.action.MAIN
.MainActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
ContentResolver;->query 读取联系人、短信等数据库
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.FORCE_STOP_PACKAGES
android.permission.GET_TASKS 获取有关当前或最近运行的任务信息
android.permission.KILL_BACKGROUND_PROCESSES 关闭后台进程
android.permission.READ_SETTINGS
android.permission.READ_SECURE_SETTINGS
Providers
VirSCANVirSCAN
名称 信息
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/ 0x0
res/layout-iw/ 0x0
res/layout-ar/ 0x0
res/layout/ 0x0
res/drawable-xxhdpi/ 0x0
res/ 0x0
res/drawable-xxhdpi/icon_launcher_task_manager.png 0x8577e9e8
AndroidManifest.xml 0x826fc955
res/drawable-xxhdpi/icon_btn_sort_dark.png 0x2c61492
res/layout-ar/list_item.xml 0x17a0eb2a
res/layout-iw/list_item.xml 0x17a0eb2a
res/layout/fragment_view.xml 0x1f566516
res/layout/list_item.xml 0xf3f1802b
res/layout/main.xml 0x3eaff4ac
resources.arsc 0xf8f70495
META-INF/MANIFEST.MF 0xaff657f3
META-INF/CERT.SF 0xd2760da3
META-INF/CERT.RSA 0x38028d9a
classes.dex 0xf39d593f
运行截图
VirSCANVirSCAN
VirSCAN