VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2016-08-19 06:07:01 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 2
avast 150725-1 4.7.4 2015-07-25 Found nothing 60
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 9
baidusd 1.0 1.0 2014-04-02 Found nothing 2
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
clamav 19861 0.97.5 2014-12-31 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
gdata 25.7937 25.7937 2016-08-18 Found nothing 13
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 44
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2013-09-22 Found nothing 18
mcafee 7638 5400.1158 2014-11-30 Found nothing 60
nod32 0920 3.0.21 2014-12-23 Found nothing 60
panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 6
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
quickheal 14.00 14.00 2015-07-25 Found nothing 3
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 6
sophos 5.08 3.55.0 2014-12-01 Found nothing 60
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 9
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 4
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 18
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:e24b08080a4403149a577724393850a0
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.maxim.watchappx
最低运行环境:Android 2.2.x
版权:
关键行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00400000, Size = 0x00000400
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00404000, Size = 0x00000e00
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00405000, Size = 0x00000a00
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00406000, Size = 0x00000200
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00407000, Size = 0x00000200
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00408000, Size = 0x00000400
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00400000, Size = 0x00000400
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00404000, Size = 0x00000e00
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00405000, Size = 0x00000a00
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00406000, Size = 0x00000200
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00407000, Size = 0x00000200
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00408000, Size = 0x00000400
行为描述: 设置线程上下文
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe
C:\Documents and Settings\Administrator\WinHost32.exe
行为描述: 获取TickCount值
详情信息: TickCount = 347215, SleepMilliseconds = 200.
TickCount = 357393, SleepMilliseconds = 50.
TickCount = 357471, SleepMilliseconds = 50.
TickCount = 357487, SleepMilliseconds = 50.
TickCount = 357503, SleepMilliseconds = 50.
TickCount = 357831, SleepMilliseconds = 50.
TickCount = 357878, SleepMilliseconds = 50.
TickCount = 357893, SleepMilliseconds = 50.
TickCount = 357925, SleepMilliseconds = 50.
TickCount = 357940, SleepMilliseconds = 50.
TickCount = 357956, SleepMilliseconds = 50.
TickCount = 357971, SleepMilliseconds = 50.
TickCount = 357987, SleepMilliseconds = 50.
TickCount = 358003, SleepMilliseconds = 50.
TickCount = 358034, SleepMilliseconds = 50.
行为描述: 跨进程写代码段数据
详情信息: TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00401000, Size = 0x00002c00
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00401000, Size = 0x00002c00
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 修改注册表_启动项
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Run\WinHost32
进程行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00400000, Size = 0x00000400
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00404000, Size = 0x00000e00
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00405000, Size = 0x00000a00
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00406000, Size = 0x00000200
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00407000, Size = 0x00000200
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00408000, Size = 0x00000400
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00400000, Size = 0x00000400
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00404000, Size = 0x00000e00
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00405000, Size = 0x00000a00
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00406000, Size = 0x00000200
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00407000, Size = 0x00000200
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00408000, Size = 0x00000400
行为描述: 设置线程上下文
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe
C:\Documents and Settings\Administrator\WinHost32.exe
行为描述: 获取TickCount值
详情信息: TickCount = 347215, SleepMilliseconds = 200.
TickCount = 357393, SleepMilliseconds = 50.
TickCount = 357471, SleepMilliseconds = 50.
TickCount = 357487, SleepMilliseconds = 50.
TickCount = 357503, SleepMilliseconds = 50.
TickCount = 357831, SleepMilliseconds = 50.
TickCount = 357878, SleepMilliseconds = 50.
TickCount = 357893, SleepMilliseconds = 50.
TickCount = 357925, SleepMilliseconds = 50.
TickCount = 357940, SleepMilliseconds = 50.
TickCount = 357956, SleepMilliseconds = 50.
TickCount = 357971, SleepMilliseconds = 50.
TickCount = 357987, SleepMilliseconds = 50.
TickCount = 358003, SleepMilliseconds = 50.
TickCount = 358034, SleepMilliseconds = 50.
行为描述: 跨进程写代码段数据
详情信息: TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00401000, Size = 0x00002c00
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00401000, Size = 0x00002c00
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 修改注册表_启动项
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Run\WinHost32
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\~DFC2F1.tmp
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.doc
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.Word\~WRF0001.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFDA75.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\VBE\MSForms.exd
C:\Documents and Settings\Administrator\Application Data\Microsoft\Forms\WINWORD.box
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE4B2.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE4CC.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\ge537.exe
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\%temp%\****.doc.LNK
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\EB93A6.LNK
C:\Documents and Settings\Administrator\WinHost32.exe
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\wpad[1].dat
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\VB11.pip
行为描述: 创建可执行文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\ge537.exe
C:\Documents and Settings\Administrator\WinHost32.exe
行为描述: 覆盖已有文件
详情信息: C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Word11.pip
行为描述: 复制文件
详情信息: C:\DOCUME~1\ALLUSE~1\APPLIC~1\MICROS~1\OFFICE\DATA\OPA11.BAK ---> C:\DOCUME~1\ALLUSE~1\APPLIC~1\MICROS~1\OFFICE\DATA\opa11.dat
行为描述: 删除文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\~DFC2F1.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFDA75.tmp
C:\Documents and Settings\Administrator\Application Data\Microsoft\Forms\WINWORD.box
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE4CC.tmp
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\wpad[1].dat
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE4B2.tmp
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.doc
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.Word\~WRS0000.tmp
C:\Documents and Settings\Administrator\Application Data\Microsoft\Templates\~$Normal.dot
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.Word\~WRF0001.tmp
行为描述: 查找文件
详情信息: FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\Administrator\Application Data
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Templates
FileName = Normal
FileName = C:\Program Files\Microsoft Office 2007\Office12
FileName = C:\DOCUME~1
FileName = C:\DOCUME~1\ADMINI~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\VBE
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\VBE\MSForms.exd
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\****.doc ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.doc ---> Offset = 54
C:\Documents and Settings\Administrator\Local Settings\Temp\VBE\MSForms.exd ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\VBE\MSForms.exd ---> Offset = 4
C:\Documents and Settings\Administrator\Local Settings\Temp\VBE\MSForms.exd ---> Offset = 8
C:\Documents and Settings\Administrator\Local Settings\Temp\VBE\MSForms.exd ---> Offset = 12
C:\Documents and Settings\Administrator\Local Settings\Temp\VBE\MSForms.exd ---> Offset = 16
C:\Documents and Settings\Administrator\Local Settings\Temp\ge537.exe ---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\%temp%\****.doc.LNK ---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\index.dat ---> Offset = 55
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\EB93A6.LNK ---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\index.dat ---> Offset = 28
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\index.dat ---> Offset = 0
C:\Documents and Settings\Administrator\WinHost32.exe ---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\VB11.pip ---> Offset = 0
网络行为
VirSCANVirSCAN
行为描述: 联网打开网址
详情信息: InternetOpenUrlA: http://**.133.40.**:128/wpad.dat, hInternet = 0x00cc0010, Flags = 0x00000010
行为描述: 连接指定站点
详情信息: InternetConnectA: ServerName = go****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
InternetConnectA: ServerName = **.133.40.**, PORT = 128, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000010
行为描述: 打开HTTP连接
详情信息: InternetOpenA: UserAgent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0, hSession = 0x00cc0004
InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0), hSession = 0x00cc0010
行为描述: 建立到一个指定的套接字连接
详情信息: URL: wpad, IP: **.133.40.**:128, SOCKET = 0x000002ac
URL: go****om, IP: **.133.40.**:80, SOCKET = 0x000002b8
行为描述: 读取网络文件
详情信息: hFile = 0x00cc0018, BytesToRead =4010, BytesRead = 4010.
hFile = 0x00cc000c, BytesToRead =256, BytesRead = 256.
行为描述: 发送HTTP包
详情信息: GET /wpad.dat HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0) Host: **.133.40.**:128
GET / HTTP/1.1 Accept: */* Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0 Host: go****om Cache-Control: no-cache
行为描述: 打开HTTP请求
详情信息: HttpOpenRequestA: **.133.40.**:128/wpad.dat, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: GET, Referer: , Flags = 0x00000010
行为描述: 按名称获取主机地址
详情信息: GetAddrInfoW: computer
GetAddrInfoW: wpad
GetAddrInfoW: go****om
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4080110900063D11C8EF10054038389C\Usage\VBAFiles
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Common\ReviewCycle\ReviewToken
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\DocumentRecovery\4F6A2\4F6A2
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4080110900063D11C8EF10054038389C\Usage\WordEngWizDotFiles2
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{42D84CC3-5636-4BF9-8CB0-4DF7C22AD5C4}\2.0\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{42D84CC3-5636-4BF9-8CB0-4DF7C22AD5C4}\2.0\FLAGS\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{42D84CC3-5636-4BF9-8CB0-4DF7C22AD5C4}\2.0\0\win32\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{42D84CC3-5636-4BF9-8CB0-4DF7C22AD5C4}\2.0\HELPDIR\
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4080110900063D11C8EF10054038389C\Usage\WORDHelpFiles
\REGISTRY\USER\S-*\Software\Microsoft\Office\Common\Assistant\CurrAsstState
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4080110900063D11C8EF10054038389C\Usage\SpellingAndGrammarFiles_2052
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
\REGISTRY\MACHINE\SOFTWARE\Microsoft\ESENT\Process\WinHost32\DEBUG\Trace Level
\REGISTRY\USER\S-*\Software\Microsoft\VBA\6.0\Common\PropertiesWindow
\REGISTRY\USER\S-*\Software\Microsoft\VBA\6.0\Common\MainWindow
行为描述: 删除注册表键值
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\t
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\Es
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\MSSCIPY\Keyboard Mapping Version
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\MSSCIPY\Keyboard Mapping
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
\REGISTRY\MACHINE\SOFTWARE\Microsoft\ESENT\Process\WinHost32\DEBUG\Trace Level
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\DocumentRecovery\4F6A2\4F6A2
\REGISTRY\USER\S-*\Software\Microsoft\Office\Common\Assistant\CurrAsstState
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\MTTT
行为描述: 删除注册表键
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\DocumentRecovery\4F6A2\
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\DocumentRecovery\
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\
行为描述: 修改注册表_启动项
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Run\WinHost32
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: Global\MTX_MSO_Formal1_S-*
Global\MTX_MSO_AdHoc1_S-*
Local\Mso97SharedDg19521108172Mutex
LocalMutex2341MSPYhld23qwe2529
mscandui20.mutexDefault
GlobalUserFileMappingEudcMSPYhld23qwe_lock_SYNCROOT
_lock_SYNCROOT
GlobalUserFileMappingEudpMSPYhld23qwe_lock_SYNCROOT
PAdministratorLx.DAT!_SYNCROOT
CfgSyncMSPYqeuir9hj_SYNCROOT
PAdministratorSx.DAT!_SYNCROOT
MSCTF.Shared.MUTEX.APH
Local\Mso97SharedDg19531108172Mutex
Local\Mso97SharedDg19541108172Mutex
OfficeAssistantStateMutex
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,_WwB]
[Window,Class] = [,ComboLBox]
[Window,Class] = [lund,ThunderDFrame]
[Window,Class] = [,DesignerWindow]
[Window,Class] = [UserForm2,ThunderDFrame]
[Window,Class] = [,ThunderRT6Main]
[Window,Class] = [,Edit]
[Window,Class] = [,Button]
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [MSOBALLOON,]
NtUserFindWindowEx: [Class,Window] = [MsoHelp10,]
NtUserFindWindowEx: [Class,Window] = [AgentAnim,]
NtUserFindWindowEx: [Class,Window] = [MsoHelp11,]
行为描述: 窗口信息
详情信息: Pid = 1524, Hwnd=0x130184, Text = MsoDockTop, ClassName = MsoCommandBarDock.
Pid = 1524, Hwnd=0x1201c8, Text = 格式, ClassName = MsoCommandBar.
Pid = 1524, Hwnd=0x120172, Text = 常用, ClassName = MsoCommandBar.
Pid = 1524, Hwnd=0x90260, Text = 菜单栏, ClassName = MsoCommandBar.
Pid = 1524, Hwnd=0xf01f0, Text = %temp%\****.doc, ClassName = _WwB.
Pid = 1524, Hwnd=0xe0216, Text = MSO Generic Control Container, ClassName = MsoCommandBar.
Pid = 1524, Hwnd=0x120160, Text = MSO Generic Control Container, ClassName = MsoCommandBar.
Pid = 1524, Hwnd=0xf01e6, Text = Microsoft Word 文档, ClassName = _WwG.
Pid = 1524, Hwnd=0x1001dc, Text = %temp%\****.doc - Microsoft Word, ClassName = OpusApp.
Pid = 1524, Hwnd=0x102f8, Text = 小四, ClassName = RichEdit20W.
Pid = 1524, Hwnd=0x102f6, Text = Times New Roman, ClassName = RichEdit20W.
Pid = 1524, Hwnd=0x102f4, Text = 正文, ClassName = RichEdit20W.
Pid = 1524, Hwnd=0x102f2, Text = 100%, ClassName = RichEdit20W.
Pid = 1524, Hwnd=0x202f0, Text = 键入需要帮助的问题, ClassName = RichEdit20W.
行为描述: 获取TickCount值
详情信息: TickCount = 347215, SleepMilliseconds = 200.
TickCount = 357393, SleepMilliseconds = 50.
TickCount = 357471, SleepMilliseconds = 50.
TickCount = 357487, SleepMilliseconds = 50.
TickCount = 357503, SleepMilliseconds = 50.
TickCount = 357831, SleepMilliseconds = 50.
TickCount = 357878, SleepMilliseconds = 50.
TickCount = 357893, SleepMilliseconds = 50.
TickCount = 357925, SleepMilliseconds = 50.
TickCount = 357940, SleepMilliseconds = 50.
TickCount = 357956, SleepMilliseconds = 50.
TickCount = 357971, SleepMilliseconds = 50.
TickCount = 357987, SleepMilliseconds = 50.
TickCount = 358003, SleepMilliseconds = 50.
TickCount = 358034, SleepMilliseconds = 50.
行为描述: 打开事件
详情信息: MSPY Non-PC softkbd
CTF.ThreadMIConnectionEvent.000007F0.00000000.0000001E
CTF.ThreadMarshalInterfaceEvent.000007F0.00000000.0000001E
CTF.ThreadMIConnectionEvent.000007F0.00000000.0000001F
CTF.ThreadMarshalInterfaceEvent.000007F0.00000000.0000001F
MSCTF.SendReceiveConection.Event.APH.IC
MSCTF.SendReceive.Event.APH.IC
HookSwitchHookEnabledEvent
AtlTraceModuleManager_ProcessAddedStatic3
CTF.ThreadMIConnectionEvent.000007F0.00000000.00000020
CTF.ThreadMarshalInterfaceEvent.000007F0.00000000.00000020
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Global\SvcctrlStartEvent_A3752DX
\INSTALLATION_SECURITY_HOLD
Global\crypt32LogoffEvent
行为描述: 枚举窗口
详情信息: N/A
行为描述: 可执行文件签名信息
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\ge537.exe(签名验证: 未通过)
C:\Documents and Settings\Administrator\WinHost32.exe(签名验证: 未通过)
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = 200.
[2]: MilliSeconds = 200.
[3]: MilliSeconds = 200.
[4]: MilliSeconds = 200.
[5]: MilliSeconds = 200.
[6]: MilliSeconds = 200.
[7]: MilliSeconds = 200.
[8]: MilliSeconds = 200.
[9]: MilliSeconds = 200.
[10]: MilliSeconds = 200.
[1]: MilliSeconds = 60000.
[2]: MilliSeconds = 60000.
[3]: MilliSeconds = 60000.
[4]: MilliSeconds = 60000.
[5]: MilliSeconds = 60000.
行为描述: 创建事件对象
详情信息: EventName = MSPY Non-PC softkbd
EventName = Global\userenv: User Profile setup event
EventName = MSCTF.SendReceive.Event.ABF.IC
EventName = MSCTF.SendReceiveConection.Event.ABF.IC
EventName = DINPUTWINMM
EventName = Global\crypt32LogoffEvent
行为描述: 可执行文件MD5
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\ge537.exe ---> 19d360946bffa9b52662888f0524e3d5
C:\Documents and Settings\Administrator\WinHost32.exe ---> 19d360946bffa9b52662888f0524e3d5
行为描述: 打开互斥体
详情信息: Global\MTX_MSO_Formal1_S-*
Global\MTX_MSO_AdHoc1_S-*
Local\Mso97SharedDg19521108172Mutex
Local\Mso97SharedDg19531108172Mutex
Local\Mso97SharedDg19541108172Mutex
OfficeAssistantStateMutex
ShimCacheMutex
Local\_!MSFTHISTORY!_
Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
Local\c:!documents and settings!administrator!cookies!
Local\c:!documents and settings!administrator!local settings!history!history.ie5!
Local\WininetStartupMutex
Local\WininetConnectionMutex
Local\WininetProxyRegistryMutex
RasPbFile
Activities
VirSCANVirSCAN
活动名 类型
com.maxim.watchappx.TVActivity android.intent.action.MAIN
com.maxim.watchappx.TVActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
ContentResolver;->query 读取联系人、短信等数据库
getRuntime 获取命令行环境
广告信息
VirSCANVirSCAN
名称 信息
com.google.ads AdMob
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
文件列表
VirSCANVirSCAN
文件名 校验码
assets/html/about_file/colorschememapping.xml 0x57c7ceda
assets/html/about_file/filelist.xml 0x5191ce82
assets/html/about_file/item0006.xml 0xb07eda85
assets/html/about_file/props007.xml 0x73507c29
assets/html/about_file/themedata.thmx 0x27f04655
assets/html/images/icon.png 0x2929af6d
assets/html/about.html 0x5e271da0
res/color/abs__primary_text_disable_only_holo_dark.xml 0xc5d3cebf
res/color/abs__primary_text_disable_only_holo_light.xml 0x56ccb1c5
res/color/abs__primary_text_holo_dark.xml 0x21b70068
res/color/abs__primary_text_holo_light.xml 0xf84d9d9c
res/drawable/abs__activated_background_holo_dark.xml 0x102e5561
res/drawable/abs__activated_background_holo_light.xml 0x102e5561
res/drawable/abs__btn_cab_done_holo_dark.xml 0xc24c9042
res/drawable/abs__btn_cab_done_holo_light.xml 0xe97abee3
res/drawable/abs__ic_clear.xml 0x8f7653b8
res/drawable/abs__ic_clear_holo_light.xml 0x37ece0bc
res/drawable/abs__ic_menu_moreoverflow_holo_dark.xml 0x66d0a17c
res/drawable/abs__ic_menu_moreoverflow_holo_light.xml 0xe8921042
res/drawable/abs__item_background_holo_dark.xml 0xc31b42a5
res/drawable/abs__item_background_holo_light.xml 0x70cbba2a
res/drawable/abs__list_selector_background_transition_holo_dark.xml 0xf608a136
res/drawable/abs__list_selector_background_transition_holo_light.xml 0xd1eef3fa
res/drawable/abs__list_selector_holo_dark.xml 0xcda71110
res/drawable/abs__list_selector_holo_light.xml 0x3a517dee
res/drawable/abs__progress_horizontal_holo_dark.xml 0xe8581af0
res/drawable/abs__progress_horizontal_holo_light.xml 0x7ddd3f2c
res/drawable/abs__progress_medium_holo.xml 0x3ef71653
res/drawable/abs__search_dropdown_dark.xml 0x7923a890
res/drawable/abs__search_dropdown_light.xml 0x84407795
res/drawable/abs__spinner_ab_holo_dark.xml 0x6c2a08e5
res/drawable/abs__spinner_ab_holo_light.xml 0xd0fc0199
res/drawable/abs__tab_indicator_ab_holo.xml 0xf2255851
res/drawable/abs__textfield_searchview_holo_dark.xml 0x1d7607f7
res/drawable/abs__textfield_searchview_holo_light.xml 0x27bf4e03
res/drawable/abs__textfield_searchview_right_holo_dark.xml 0x2b397a49
res/drawable/abs__textfield_searchview_right_holo_light.xml 0xdaf0b6b6
res/layout/abs__action_bar_home.xml 0xbfc69f66
res/layout/abs__action_bar_tab.xml 0x4a594413
res/layout/abs__action_bar_tab_bar_view.xml 0x7fd4bb99
res/layout/abs__action_bar_title_item.xml 0x7944ad2b
res/layout/abs__action_menu_item_layout.xml 0xa0791687
res/layout/abs__action_menu_layout.xml 0x83290ce6
res/layout/abs__action_mode_bar.xml 0x86c6e959
res/layout/abs__action_mode_close_item.xml 0x2219cc94
res/layout/abs__activity_chooser_view.xml 0xc8ab4f3b
res/layout/abs__activity_chooser_view_list_item.xml 0xda7136ef
res/layout/abs__dialog_title_holo.xml 0xa8663366
res/layout/abs__list_menu_item_checkbox.xml 0x97e8538d
res/layout/abs__list_menu_item_icon.xml 0x39506412
res/layout/abs__list_menu_item_layout.xml 0x21a6a514
res/layout/abs__list_menu_item_radio.xml 0x84300d8a
res/layout/abs__popup_menu_item_layout.xml 0xa5265761
res/layout/abs__screen_action_bar.xml 0xfaff688
res/layout/abs__screen_action_bar_overlay.xml 0x7eed69d4
res/layout/abs__screen_simple.xml 0x8d07be0a
res/layout/abs__screen_simple_overlay_action_mode.xml 0xd05a5825
res/layout/abs__search_dropdown_item_icons_2line.xml 0x7ecbb316
res/layout/abs__search_view.xml 0x8ea683fe
res/layout/abs__simple_dropdown_hint.xml 0x5921c5af
res/layout/activity_login.xml 0x886ee2ba
res/layout/activity_movies_detail.xml 0x47b97892
res/layout/activity_play.xml 0xba6ef04d
res/layout/activity_sports_detail.xml 0xb7594d03
res/layout/activity_tv.xml 0x40bcc727
res/layout/activity_tv_detail.xml 0xd080e54f
res/layout/activity_webview.xml 0x2cea15ea
res/layout/movies_list.xml 0xa7a59c73
res/layout/movies_list_item.xml 0x7df68c33
res/layout/sherlock_spinner_dropdown_item.xml 0x61ffc9b9
res/layout/sherlock_spinner_item.xml 0x67fe7128
res/layout/sports_list.xml 0xa7a59c73
res/layout/sports_list_item.xml 0x7df68c33
res/layout/station_list.xml 0xa7a59c73
res/layout/stations_list_item.xml 0x7df68c33
res/menu/main_menu.xml 0xff5e64eb
AndroidManifest.xml 0x25ce5528
resources.arsc 0xb05cbca1
res/drawable-v11/abs__progress_medium_holo.xml 0xeae7cfb
res/layout-v14/sherlock_spinner_dropdown_item.xml 0x1381a68d
res/layout-v14/sherlock_spinner_item.xml 0x391eef8e
res/drawable-hdpi/abs__ab_bottom_solid_dark_holo.9.png 0x2a5170de
res/drawable-hdpi/abs__ab_bottom_solid_inverse_holo.9.png 0xbd09653b
res/drawable-hdpi/abs__ab_bottom_solid_light_holo.9.png 0x29355cf7
res/drawable-hdpi/abs__ab_bottom_transparent_dark_holo.9.png 0x18c6edaa
res/drawable-hdpi/abs__ab_bottom_transparent_light_holo.9.png 0xe9136d
res/drawable-hdpi/abs__ab_share_pack_holo_dark.9.png 0x4455af4d
res/drawable-hdpi/abs__ab_share_pack_holo_light.9.png 0x7bcbfef7
res/drawable-hdpi/abs__ab_solid_dark_holo.9.png 0xa39d484f
res/drawable-hdpi/abs__ab_solid_light_holo.9.png 0xb6e03b91
res/drawable-hdpi/abs__ab_solid_shadow_holo.9.png 0x8663aad3
res/drawable-hdpi/abs__ab_stacked_solid_dark_holo.9.png 0x909db13
res/drawable-hdpi/abs__ab_stacked_solid_light_holo.9.png 0xde0e075f
res/drawable-hdpi/abs__ab_stacked_transparent_dark_holo.9.png 0x2eb3885a
res/drawable-hdpi/abs__ab_stacked_transparent_light_holo.9.png 0x5e205a10
res/drawable-hdpi/abs__ab_transparent_dark_holo.9.png 0xfca261e7
res/drawable-hdpi/abs__ab_transparent_light_holo.9.png 0xe7ff01af
res/drawable-hdpi/abs__btn_cab_done_default_holo_dark.9.png 0x4fe60e82
res/drawable-hdpi/abs__btn_cab_done_default_holo_light.9.png 0x95037a54
res/drawable-hdpi/abs__btn_cab_done_focused_holo_dark.9.png 0x41ae12a8
res/drawable-hdpi/abs__btn_cab_done_focused_holo_light.9.png 0x1bdcb021
res/drawable-hdpi/abs__btn_cab_done_pressed_holo_dark.9.png 0xe68cf03e
res/drawable-hdpi/abs__btn_cab_done_pressed_holo_light.9.png 0xa437f1eb
res/drawable-hdpi/abs__cab_background_bottom_holo_dark.9.png 0x6f320319
res/drawable-hdpi/abs__cab_background_bottom_holo_light.9.png 0x178e620c
res/drawable-hdpi/abs__cab_background_top_holo_dark.9.png 0x5cfcf75c
res/drawable-hdpi/abs__cab_background_top_holo_light.9.png 0xffd6c088
res/drawable-hdpi/abs__dialog_full_holo_dark.9.png 0x9aa304b6
res/drawable-hdpi/abs__dialog_full_holo_light.9.png 0x97d9f6dc
res/drawable-hdpi/abs__ic_ab_back_holo_dark.png 0x174488a8
res/drawable-hdpi/abs__ic_ab_back_holo_light.png 0x4dcc2ed8
res/drawable-hdpi/abs__ic_cab_done_holo_dark.png 0x32a65180
res/drawable-hdpi/abs__ic_cab_done_holo_light.png 0x91f0698a
res/drawable-hdpi/abs__ic_clear_disabled.png 0x4d21628f
res/drawable-hdpi/abs__ic_clear_normal.png 0xfc69de1a
res/drawable-hdpi/abs__ic_clear_search_api_disabled_holo_light.png 0x2e310e0e
res/drawable-hdpi/abs__ic_clear_search_api_holo_light.png 0x87e64891
res/drawable-hdpi/abs__ic_go.png 0xe6ccea3f
res/drawable-hdpi/abs__ic_go_search_api_holo_light.png 0xe21362f7
res/drawable-hdpi/abs__ic_menu_moreoverflow_normal_holo_dark.png 0x13804a99
res/drawable-hdpi/abs__ic_menu_moreoverflow_normal_holo_light.png 0x3a4b4477
res/drawable-hdpi/abs__ic_menu_share_holo_dark.png 0x2a6c5116
res/drawable-hdpi/abs__ic_menu_share_holo_light.png 0x3e081d60
res/drawable-hdpi/abs__ic_search.png 0xa3ccea1e
res/drawable-hdpi/abs__ic_search_api_holo_light.png 0x333d525b
res/drawable-hdpi/abs__ic_voice_search.png 0xcf92a5d3
res/drawable-hdpi/abs__ic_voice_search_api_holo_light.png 0x75ab2e6a
res/drawable-hdpi/abs__list_activated_holo.9.png 0x9ee3dd42
res/drawable-hdpi/abs__list_divider_holo_dark.9.png 0xe4823600
res/drawable-hdpi/abs__list_divider_holo_light.9.png 0xb0dc2b05
res/drawable-hdpi/abs__list_focused_holo.9.png 0x4706c1df
res/drawable-hdpi/abs__list_longpressed_holo.9.png 0x9ee3dd42
res/drawable-hdpi/abs__list_pressed_holo_dark.9.png 0x816ffde7
res/drawable-hdpi/abs__list_pressed_holo_light.9.png 0x816ffde7
res/drawable-hdpi/abs__list_selector_disabled_holo_dark.9.png 0x5f501b8d
res/drawable-hdpi/abs__list_selector_disabled_holo_light.9.png 0x63f15616
res/drawable-hdpi/abs__menu_dropdown_panel_holo_dark.9.png 0xa9304852
res/drawable-hdpi/abs__menu_dropdown_panel_holo_light.9.png 0x780099d8
res/drawable-hdpi/abs__progress_bg_holo_dark.9.png 0x7b6f1c96
res/drawable-hdpi/abs__progress_bg_holo_light.9.png 0xf5f73187
res/drawable-hdpi/abs__progress_primary_holo_dark.9.png 0x3f8a1a53
res/drawable-hdpi/abs__progress_primary_holo_light.9.png 0x3f8a1a53
res/drawable-hdpi/abs__progress_secondary_holo_dark.9.png 0xd86939a
res/drawable-hdpi/abs__progress_secondary_holo_light.9.png 0xd86939a
res/drawable-hdpi/abs__spinner_48_inner_holo.png 0xd4056310
res/drawable-hdpi/abs__spinner_48_outer_holo.png 0xd3f129c3
res/drawable-hdpi/abs__spinner_ab_default_holo_dark.9.png 0xf06791f5
res/drawable-hdpi/abs__spinner_ab_default_holo_light.9.png 0xa673dd59
res/drawable-hdpi/abs__spinner_ab_disabled_holo_dark.9.png 0x6b43deb3
res/drawable-hdpi/abs__spinner_ab_disabled_holo_light.9.png 0xc5e8f706
res/drawable-hdpi/abs__spinner_ab_focused_holo_dark.9.png 0xb5ea16c1
res/drawable-hdpi/abs__spinner_ab_focused_holo_light.9.png 0x45d13548
res/drawable-hdpi/abs__spinner_ab_pressed_holo_dark.9.png 0xfedc1188
res/drawable-hdpi/abs__spinner_ab_pressed_holo_light.9.png 0x7c7c4bb4
res/drawable-hdpi/abs__tab_selected_focused_holo.9.png 0x18146f4e
res/drawable-hdpi/abs__tab_selected_holo.9.png 0xc88b0629
res/drawable-hdpi/abs__tab_selected_pressed_holo.9.png 0x3461add3
res/drawable-hdpi/abs__tab_unselected_pressed_holo.9.png 0x3f9a3680
res/drawable-hdpi/abs__textfield_search_default_holo_dark.9.png 0x26a9a88a
res/drawable-hdpi/abs__textfield_search_default_holo_light.9.png 0xef7abffe
res/drawable-hdpi/abs__textfield_search_right_default_holo_dark.9.png 0x51617422
res/drawable-hdpi/abs__textfield_search_right_default_holo_light.9.png 0xa243c65b
res/drawable-hdpi/abs__textfield_search_right_selected_holo_dark.9.png 0x248ccaa4
res/drawable-hdpi/abs__textfield_search_right_selected_holo_light.9.png 0x5a47eb9b
res/drawable-hdpi/abs__textfield_search_selected_holo_dark.9.png 0xdeca3ad0
res/drawable-hdpi/abs__textfield_search_selected_holo_light.9.png 0xdeca3ad0
res/drawable-hdpi/ic_launcher.png 0x3e2ab77f
res/drawable-mdpi/abs__ab_bottom_solid_dark_holo.9.png 0x7b47c4fe
res/drawable-mdpi/abs__ab_bottom_solid_inverse_holo.9.png 0x8aedf99a
res/drawable-mdpi/abs__ab_bottom_solid_light_holo.9.png 0x8a943208
res/drawable-mdpi/abs__ab_bottom_transparent_dark_holo.9.png 0x897aedcb
res/drawable-mdpi/abs__ab_bottom_transparent_light_holo.9.png 0xf44d2d39
res/drawable-mdpi/abs__ab_share_pack_holo_dark.9.png 0xb2a3b4f2
res/drawable-mdpi/abs__ab_share_pack_holo_light.9.png 0x7864e502
res/drawable-mdpi/abs__ab_solid_dark_holo.9.png 0xbc71f7a7
res/drawable-mdpi/abs__ab_solid_light_holo.9.png 0xd8cd9429
res/drawable-mdpi/abs__ab_solid_shadow_holo.9.png 0x9d505404
res/drawable-mdpi/abs__ab_stacked_solid_dark_holo.9.png 0xeacbecce
res/drawable-mdpi/abs__ab_stacked_solid_light_holo.9.png 0xde0f77d5
res/drawable-mdpi/abs__ab_stacked_transparent_dark_holo.9.png 0x14d06f11
res/drawable-mdpi/abs__ab_stacked_transparent_light_holo.9.png 0xc4c6064f
res/drawable-mdpi/abs__ab_transparent_dark_holo.9.png 0x659932db
res/drawable-mdpi/abs__ab_transparent_light_holo.9.png 0x77592f84
res/drawable-mdpi/abs__btn_cab_done_default_holo_dark.9.png 0x67d6a12b
res/drawable-mdpi/abs__btn_cab_done_default_holo_light.9.png 0xaddfa3f4
res/drawable-mdpi/abs__btn_cab_done_focused_holo_dark.9.png 0x8ca91c4c
res/drawable-mdpi/abs__btn_cab_done_focused_holo_light.9.png 0x6f46a285
res/drawable-mdpi/abs__btn_cab_done_pressed_holo_dark.9.png 0xcd15c524
res/drawable-mdpi/abs__btn_cab_done_pressed_holo_light.9.png 0xb8819bcf
res/drawable-mdpi/abs__cab_background_bottom_holo_dark.9.png 0xa8873073
res/drawable-mdpi/abs__cab_background_bottom_holo_light.9.png 0x23b67c99
res/drawable-mdpi/abs__cab_background_top_holo_dark.9.png 0xfb2e5f57
res/drawable-mdpi/abs__cab_background_top_holo_light.9.png 0x5818ab75
res/drawable-mdpi/abs__dialog_full_holo_dark.9.png 0x79dbb2d3
res/drawable-mdpi/abs__dialog_full_holo_light.9.png 0xfdb061df
res/drawable-mdpi/abs__ic_ab_back_holo_dark.png 0xfcab22b6
res/drawable-mdpi/abs__ic_ab_back_holo_light.png 0x8b88c538
res/drawable-mdpi/abs__ic_cab_done_holo_dark.png 0x73c5de5f
res/drawable-mdpi/abs__ic_cab_done_holo_light.png 0x8e10da0a
res/drawable-mdpi/abs__ic_clear_disabled.png 0x31c22a50
res/drawable-mdpi/abs__ic_clear_normal.png 0x86297e78
res/drawable-mdpi/abs__ic_clear_search_api_disabled_holo_light.png 0x61c26545
res/drawable-mdpi/abs__ic_clear_search_api_holo_light.png 0xa4331b55
res/drawable-mdpi/abs__ic_go.png 0xd1b50114
res/drawable-mdpi/abs__ic_go_search_api_holo_light.png 0x74a702db
res/drawable-mdpi/abs__ic_menu_moreoverflow_normal_holo_dark.png 0x46183a6
res/drawable-mdpi/abs__ic_menu_moreoverflow_normal_holo_light.png 0xe0a776a7
res/drawable-mdpi/abs__ic_menu_share_holo_dark.png 0x7f93973c
res/drawable-mdpi/abs__ic_menu_share_holo_light.png 0xe576f47
res/drawable-mdpi/abs__ic_search.png 0xa3ccea1e
res/drawable-mdpi/abs__ic_search_api_holo_light.png 0x1ece718b
res/drawable-mdpi/abs__ic_voice_search.png 0x33a1251c
res/drawable-mdpi/abs__ic_voice_search_api_holo_light.png 0xc9db478c
res/drawable-mdpi/abs__list_activated_holo.9.png 0xc09562f2
res/drawable-mdpi/abs__list_divider_holo_dark.9.png 0xe4823600
res/drawable-mdpi/abs__list_divider_holo_light.9.png 0xb0dc2b05
res/drawable-mdpi/abs__list_focused_holo.9.png 0x77cc9de1
res/drawable-mdpi/abs__list_longpressed_holo.9.png 0xc09562f2
res/drawable-mdpi/abs__list_pressed_holo_dark.9.png 0x449401f4
res/drawable-mdpi/abs__list_pressed_holo_light.9.png 0x449401f4
res/drawable-mdpi/abs__list_selector_disabled_holo_dark.9.png 0x9d81afe3
res/drawable-mdpi/abs__list_selector_disabled_holo_light.9.png 0xa481684d
res/drawable-mdpi/abs__menu_dropdown_panel_holo_dark.9.png 0xfd12b60b
res/drawable-mdpi/abs__menu_dropdown_panel_holo_light.9.png 0x91b31d69
res/drawable-mdpi/abs__progress_bg_holo_dark.9.png 0x7b7862a3
res/drawable-mdpi/abs__progress_bg_holo_light.9.png 0xf1ed1112
res/drawable-mdpi/abs__progress_primary_holo_dark.9.png 0x4e645825
res/drawable-mdpi/abs__progress_primary_holo_light.9.png 0x4e645825
res/drawable-mdpi/abs__progress_secondary_holo_dark.9.png 0x61da65aa
res/drawable-mdpi/abs__progress_secondary_holo_light.9.png 0x61da65aa
res/drawable-mdpi/abs__spinner_48_inner_holo.png 0xc28e776
res/drawable-mdpi/abs__spinner_48_outer_holo.png 0xffe6b371
res/drawable-mdpi/abs__spinner_ab_default_holo_dark.9.png 0xddcdb41
res/drawable-mdpi/abs__spinner_ab_default_holo_light.9.png 0x6f5deb99
res/drawable-mdpi/abs__spinner_ab_disabled_holo_dark.9.png 0x46b2d154
res/drawable-mdpi/abs__spinner_ab_disabled_holo_light.9.png 0xf5f84309
res/drawable-mdpi/abs__spinner_ab_focused_holo_dark.9.png 0xec027107
res/drawable-mdpi/abs__spinner_ab_focused_holo_light.9.png 0xbea22dc0
res/drawable-mdpi/abs__spinner_ab_pressed_holo_dark.9.png 0x7a0d1968
res/drawable-mdpi/abs__spinner_ab_pressed_holo_light.9.png 0x4e6034a7
res/drawable-mdpi/abs__tab_selected_focused_holo.9.png 0x6f51e593
res/drawable-mdpi/abs__tab_selected_holo.9.png 0x2ab487a
res/drawable-mdpi/abs__tab_selected_pressed_holo.9.png 0xc0728d80
res/drawable-mdpi/abs__tab_unselected_pressed_holo.9.png 0xd59cc9e6
res/drawable-mdpi/abs__textfield_search_default_holo_dark.9.png 0x992cf4b8
res/drawable-mdpi/abs__textfield_search_default_holo_light.9.png 0xee0d6e1a
res/drawable-mdpi/abs__textfield_search_right_default_holo_dark.9.png 0x15e0405b
res/drawable-mdpi/abs__textfield_search_right_default_holo_light.9.png 0x26fb1df7
res/drawable-mdpi/abs__textfield_search_right_selected_holo_dark.9.png 0x1e180986
res/drawable-mdpi/abs__textfield_search_right_selected_holo_light.9.png 0x1e180986
res/drawable-mdpi/abs__textfield_search_selected_holo_dark.9.png 0xf29f6f89
res/drawable-mdpi/abs__textfield_search_selected_holo_light.9.png 0xf29f6f89
res/drawable-mdpi/btn_play.xml 0x40f4261c
res/drawable-mdpi/btn_play_active.png 0xc08781c
res/drawable-mdpi/btn_play_click.png 0xe853d5f9
res/drawable-mdpi/ic_launcher.png 0x2a8c2ba3
res/drawable-mdpi/mov_1.png 0x41aa8869
res/drawable-mdpi/mov_10.png 0x1371d6c0
res/drawable-mdpi/mov_11.png 0x47f0cce8
res/drawable-mdpi/mov_12.png 0x3fde28ea
res/drawable-mdpi/mov_13.png 0x68df4bc5
res/drawable-mdpi/mov_14.png 0x32b7d5b9
res/drawable-mdpi/mov_15.png 0xec372d55
res/drawable-mdpi/mov_16.png 0x1c9a4512
res/drawable-mdpi/mov_17.png 0xe83d0d71
res/drawable-mdpi/mov_18.png 0x7bc8da94
res/drawable-mdpi/mov_19.png 0x592e856b
res/drawable-mdpi/mov_2.png 0x143d6b5
res/drawable-mdpi/mov_20.png 0x51bda012
res/drawable-mdpi/mov_21.png 0xfcf103a2
res/drawable-mdpi/mov_22.png 0x25142689
res/drawable-mdpi/mov_23.png 0x41a3067b
res/drawable-mdpi/mov_24.png 0x809a5867
res/drawable-mdpi/mov_25.png 0x1c5bbc0d
res/drawable-mdpi/mov_26.png 0xed42d1b2
res/drawable-mdpi/mov_27.png 0x7e3ae207
res/drawable-mdpi/mov_28.png 0x35194937
res/drawable-mdpi/mov_29.png 0x7a74cf46
res/drawable-mdpi/mov_3.png 0xd2374f63
res/drawable-mdpi/mov_30.png 0x1eda8519
res/drawable-mdpi/mov_31.png 0xad6f1ab7
res/drawable-mdpi/mov_32.png 0x372030f4
res/drawable-mdpi/mov_33.png 0xe4b87572
res/drawable-mdpi/mov_34.png 0xecff2ace
res/drawable-mdpi/mov_35.png 0xff112330
res/drawable-mdpi/mov_36.png 0x19991325
res/drawable-mdpi/mov_37.png 0xc4c4be0e
res/drawable-mdpi/mov_38.png 0xdf3e1766
res/drawable-mdpi/mov_39.png 0x7dd2f6ba
res/drawable-mdpi/mov_4.png 0xd82b11b
res/drawable-mdpi/mov_40.png 0xe615d2f3
res/drawable-mdpi/mov_41.png 0xa6a6c42a
res/drawable-mdpi/mov_42.png 0x3548fa2
res/drawable-mdpi/mov_5.png 0x4bb7f866
res/drawable-mdpi/mov_6.png 0xad7d78d9
res/drawable-mdpi/mov_7.png 0xa13f46fc
res/drawable-mdpi/mov_8.png 0xed3f0b31
res/drawable-mdpi/mov_9.png 0xd5a605c7
res/drawable-mdpi/sport_1.png 0xdd411d0d
res/drawable-mdpi/sport_10.png 0xc1481911
res/drawable-mdpi/sport_11.png 0x32c14224
res/drawable-mdpi/sport_12.png 0x1787bad6
res/drawable-mdpi/sport_13.png 0x505d2c5d
res/drawable-mdpi/sport_14.png 0xd0f63d
res/drawable-mdpi/sport_15.png 0x3b1b9373
res/drawable-mdpi/sport_16.png 0x52dd15cf
res/drawable-mdpi/sport_17.png 0x7bc632eb
res/drawable-mdpi/sport_18.png 0x564d62ac
res/drawable-mdpi/sport_19.png 0xd9a7ad5a
res/drawable-mdpi/sport_2.png 0x82a2a2e7
res/drawable-mdpi/sport_20.png 0x28b322d5
res/drawable-mdpi/sport_21.png 0x6407178a
res/drawable-mdpi/sport_22.png 0xe400f1fe
res/drawable-mdpi/sport_23.png 0xcaeb5985
res/drawable-mdpi/sport_24.png 0xa43343c0
res/drawable-mdpi/sport_25.png 0xab291a03
res/drawable-mdpi/sport_26.png 0xc8d206f1
res/drawable-mdpi/sport_27.png 0x516df372
res/drawable-mdpi/sport_28.png 0xcad6ebb6
res/drawable-mdpi/sport_3.png 0x1fb0292b
res/drawable-mdpi/sport_4.png 0x370dbf93
res/drawable-mdpi/sport_5.png 0xe670864
res/drawable-mdpi/sport_6.png 0x51e4d493
res/drawable-mdpi/sport_7.png 0x41689e31
res/drawable-mdpi/sport_8.png 0x1327be4a
res/drawable-mdpi/sport_9.png 0x1d718d69
res/drawable-mdpi/station_1.png 0xd85eb7f7
res/drawable-mdpi/station_10.png 0x4bd022d4
res/drawable-mdpi/station_11.png 0x3cadbb40
res/drawable-mdpi/station_12.png 0x78853910
res/drawable-mdpi/station_13.png 0x19cf4df7
res/drawable-mdpi/station_14.png 0xd51d828
res/drawable-mdpi/station_15.png 0xd0ba590f
res/drawable-mdpi/station_16.png 0xe09f8fb4
res/drawable-mdpi/station_17.png 0x7ea393cd
res/drawable-mdpi/station_18.png 0x9e2c93f1
res/drawable-mdpi/station_19.png 0xf418d61d
res/drawable-mdpi/station_2.png 0x4bb3fd3d
res/drawable-mdpi/station_20.png 0x4da1a392
res/drawable-mdpi/station_21.png 0x11216736
res/drawable-mdpi/station_22.png 0xd8ce0919
res/drawable-mdpi/station_23.png 0x485ea1e8
res/drawable-mdpi/station_24.png 0xe036c3db
res/drawable-mdpi/station_25.png 0xec61e27c
res/drawable-mdpi/station_26.png 0xacb4a377
res/drawable-mdpi/station_27.png 0xb0fbf126
res/drawable-mdpi/station_28.png 0xb1cf4f25
res/drawable-mdpi/station_29.png 0x540306a0
res/drawable-mdpi/station_3.png 0x1a86c07d
res/drawable-mdpi/station_30.png 0x8db7a379
res/drawable-mdpi/station_31.png 0x6e3344f8
res/drawable-mdpi/station_32.png 0x8755fe5b
res/drawable-mdpi/station_33.png 0x77e89f78
res/drawable-mdpi/station_34.png 0x50108f30
res/drawable-mdpi/station_35.png 0x81e5e4bf
res/drawable-mdpi/station_36.png 0x4ae7a1a0
res/drawable-mdpi/station_37.png 0xd78aca4a
res/drawable-mdpi/station_38.png 0xaac1c21b
res/drawable-mdpi/station_39.png 0x66781351
res/drawable-mdpi/station_4.png 0x52d40c89
res/drawable-mdpi/station_40.png 0xc2a14071
res/drawable-mdpi/station_41.png 0x93b79c62
res/drawable-mdpi/station_42.png 0xb5c0e23c
res/drawable-mdpi/station_43.png 0x6fa84685
res/drawable-mdpi/station_44.png 0xe3b1b79a
res/drawable-mdpi/station_45.png 0x7db4ed17
res/drawable-mdpi/station_46.png 0x7c4357f0
res/drawable-mdpi/station_47.png 0x1dd70f99
res/drawable-mdpi/station_48.png 0xedfd952e
res/drawable-mdpi/station_49.png 0x141c3eb0
res/drawable-mdpi/station_5.png 0xe7fe3cc2
res/drawable-mdpi/station_50.png 0xacd68670
res/drawable-mdpi/station_51.png 0x50d9f9f4
res/drawable-mdpi/station_52.png 0xad8e137
res/drawable-mdpi/station_53.png 0x61d326ea
res/drawable-mdpi/station_54.png 0xd3770af4
res/drawable-mdpi/station_55.png 0x9915c8ca
res/drawable-mdpi/station_56.png 0xb28a99f5
res/drawable-mdpi/station_57.png 0xd07e934a
res/drawable-mdpi/station_58.png 0x33d85380
res/drawable-mdpi/station_59.png 0x93b79c62
res/drawable-mdpi/station_6.png 0xe7686ee5
res/drawable-mdpi/station_60.png 0xb5c0e23c
res/drawable-mdpi/station_61.png 0xd85eb7f7
res/drawable-mdpi/station_62.png 0x4bb3fd3d
res/drawable-mdpi/station_63.png 0x1a86c07d
res/drawable-mdpi/station_64.png 0x52d40c89
res/drawable-mdpi/station_65.png 0xe7fe3cc2
res/drawable-mdpi/station_66.png 0xe7686ee5
res/drawable-mdpi/station_67.png 0x65ef4105
res/drawable-mdpi/station_68.png 0x96371d46
res/drawable-mdpi/station_69.png 0x4bd022d4
res/drawable-mdpi/station_7.png 0x65ef4105
res/drawable-mdpi/station_70.png 0x3cadbb40
res/drawable-mdpi/station_71.png 0x19cf4df7
res/drawable-mdpi/station_72.png 0xe09f8fb4
res/drawable-mdpi/station_73.png 0x7ea393cd
res/drawable-mdpi/station_74.png 0x9e2c93f1
res/drawable-mdpi/station_75.png 0xb0fbf126
res/drawable-mdpi/station_76.png 0x6e3344f8
res/drawable-mdpi/station_77.png 0xd33bce55
res/drawable-mdpi/station_78.png 0xffb99f48
res/drawable-mdpi/station_79.png 0x8147b065
res/drawable-mdpi/station_8.png 0x96371d46
res/drawable-mdpi/station_80.png 0x51f4a530
res/drawable-mdpi/station_81.png 0x8270cc9c
res/drawable-mdpi/station_82.png 0x7fe240e6
res/drawable-mdpi/station_83.png 0x96e8661c
res/drawable-mdpi/station_84.png 0x28a59bda
res/drawable-mdpi/station_9.png 0x4a6a53b
res/drawable-mdpi/station_default.png 0x450a46cd
res/drawable-xhdpi/abs__ab_bottom_solid_dark_holo.9.png 0x89c634b3
res/drawable-xhdpi/abs__ab_bottom_solid_inverse_holo.9.png 0xb1418c5c
res/drawable-xhdpi/abs__ab_bottom_solid_light_holo.9.png 0x1053168
res/drawable-xhdpi/abs__ab_bottom_transparent_dark_holo.9.png 0x5a6affd1
res/drawable-xhdpi/abs__ab_bottom_transparent_light_holo.9.png 0x8dc2ee5f
res/drawable-xhdpi/abs__ab_share_pack_holo_dark.9.png 0x8c9897ae
res/drawable-xhdpi/abs__ab_share_pack_holo_light.9.png 0x4e421ce8
res/drawable-xhdpi/abs__ab_solid_dark_holo.9.png 0x5b0c1e70
res/drawable-xhdpi/abs__ab_solid_light_holo.9.png 0x86f0155a
res/drawable-xhdpi/abs__ab_solid_shadow_holo.9.png 0xe3f746fa
res/drawable-xhdpi/abs__ab_stacked_solid_dark_holo.9.png 0x45995026
res/drawable-xhdpi/abs__ab_stacked_solid_light_holo.9.png 0x4fa1423
res/drawable-xhdpi/abs__ab_stacked_transparent_dark_holo.9.png 0xf3c72c9b
res/drawable-xhdpi/abs__ab_stacked_transparent_light_holo.9.png 0xed5a755d
res/drawable-xhdpi/abs__ab_transparent_dark_holo.9.png 0xe5266da1
res/drawable-xhdpi/abs__ab_transparent_light_holo.9.png 0xa2a434df
res/drawable-xhdpi/abs__btn_cab_done_default_holo_dark.9.png 0xa1d76dbb
res/drawable-xhdpi/abs__btn_cab_done_default_holo_light.9.png 0xdcd1843b
res/drawable-xhdpi/abs__btn_cab_done_focused_holo_dark.9.png 0x2e24d381
res/drawable-xhdpi/abs__btn_cab_done_focused_holo_light.9.png 0x8fe910b5
res/drawable-xhdpi/abs__btn_cab_done_pressed_holo_dark.9.png 0x35c763a
res/drawable-xhdpi/abs__btn_cab_done_pressed_holo_light.9.png 0xd601a063
res/drawable-xhdpi/abs__cab_background_bottom_holo_dark.9.png 0xc9ae8fde
res/drawable-xhdpi/abs__cab_background_bottom_holo_light.9.png 0xaf26e5ea
res/drawable-xhdpi/abs__cab_background_top_holo_dark.9.png 0xc6079444
res/drawable-xhdpi/abs__cab_background_top_holo_light.9.png 0x3396b7e2
res/drawable-xhdpi/abs__dialog_full_holo_dark.9.png 0x24a74876
res/drawable-xhdpi/abs__dialog_full_holo_light.9.png 0x1481309e
res/drawable-xhdpi/abs__ic_ab_back_holo_dark.png 0xfda7dde0
res/drawable-xhdpi/abs__ic_ab_back_holo_light.png 0xbffc39b3
res/drawable-xhdpi/abs__ic_cab_done_holo_dark.png 0x72b10371
res/drawable-xhdpi/abs__ic_cab_done_holo_light.png 0x8791c4c4
res/drawable-xhdpi/abs__ic_clear_disabled.png 0xa5bd47fa
res/drawable-xhdpi/abs__ic_clear_search_api_disabled_holo_light.png 0x15f5e76a
res/drawable-xhdpi/abs__ic_clear_search_api_holo_light.png 0x89cd0d44
res/drawable-xhdpi/abs__ic_go.png 0x53dcc19f
res/drawable-xhdpi/abs__ic_go_search_api_holo_light.png 0xc1b35918
res/drawable-xhdpi/abs__ic_menu_moreoverflow_normal_holo_dark.png 0x3201d039
res/drawable-xhdpi/abs__ic_menu_moreoverflow_normal_holo_light.png 0xc2a9ad8e
res/drawable-xhdpi/abs__ic_menu_share_holo_dark.png 0x94b0462d
res/drawable-xhdpi/abs__ic_menu_share_holo_light.png 0x93f40272
res/drawable-xhdpi/abs__ic_search.png 0xfa0e764a
res/drawable-xhdpi/abs__ic_search_api_holo_light.png 0xa33e22e0
res/drawable-xhdpi/abs__ic_voice_search.png 0x3940d715
res/drawable-xhdpi/abs__ic_voice_search_api_holo_light.png 0xee58532f
res/drawable-xhdpi/abs__list_activated_holo.9.png 0xf31ffc88
res/drawable-xhdpi/abs__list_divider_holo_dark.9.png 0xde176f71
res/drawable-xhdpi/abs__list_divider_holo_light.9.png 0x3cad70fb
res/drawable-xhdpi/abs__list_focused_holo.9.png 0xfbeaf70c
res/drawable-xhdpi/abs__list_longpressed_holo.9.png 0xf31ffc88
res/drawable-xhdpi/abs__list_pressed_holo_dark.9.png 0xb9cef664
res/drawable-xhdpi/abs__list_pressed_holo_light.9.png 0xb9cef664
res/drawable-xhdpi/abs__list_selector_disabled_holo_dark.9.png 0xbd51fa51
res/drawable-xhdpi/abs__list_selector_disabled_holo_light.9.png 0x819deaae
res/drawable-xhdpi/abs__menu_dropdown_panel_holo_dark.9.png 0x66b89807
res/drawable-xhdpi/abs__menu_dropdown_panel_holo_light.9.png 0xea3a3f5
res/drawable-xhdpi/abs__progress_bg_holo_dark.9.png 0x41ee9e52
res/drawable-xhdpi/abs__progress_bg_holo_light.9.png 0x1f61ce1f
res/drawable-xhdpi/abs__progress_primary_holo_dark.9.png 0xd67380c5
res/drawable-xhdpi/abs__progress_primary_holo_light.9.png 0xd67380c5
res/drawable-xhdpi/abs__progress_secondary_holo_dark.9.png 0x955f18c2
res/drawable-xhdpi/abs__progress_secondary_holo_light.9.png 0x955f18c2
res/drawable-xhdpi/abs__spinner_48_inner_holo.png 0x28386199
res/drawable-xhdpi/abs__spinner_48_outer_holo.png 0x6cceb634
res/drawable-xhdpi/abs__spinner_ab_default_holo_dark.9.png 0xf5c94e84
res/drawable-xhdpi/abs__spinner_ab_default_holo_light.9.png 0x89892045
res/drawable-xhdpi/abs__spinner_ab_disabled_holo_dark.9.png 0x11b0dbfa
res/drawable-xhdpi/abs__spinner_ab_disabled_holo_light.9.png 0xbdcae3a1
res/drawable-xhdpi/abs__spinner_ab_focused_holo_dark.9.png 0x72b0dfd8
res/drawable-xhdpi/abs__spinner_ab_focused_holo_light.9.png 0x982777a1
res/drawable-xhdpi/abs__spinner_ab_pressed_holo_dark.9.png 0xa0f38fda
res/drawable-xhdpi/abs__spinner_ab_pressed_holo_light.9.png 0x27bb37be
res/drawable-xhdpi/abs__tab_selected_focused_holo.9.png 0x7c3f77bc
res/drawable-xhdpi/abs__tab_selected_holo.9.png 0x20fb759a
res/drawable-xhdpi/abs__tab_selected_pressed_holo.9.png 0xbb04ca93
res/drawable-xhdpi/abs__tab_unselected_pressed_holo.9.png 0x313d81a3
res/drawable-xhdpi/abs__textfield_search_default_holo_dark.9.png 0xd4977908
res/drawable-xhdpi/abs__textfield_search_default_holo_light.9.png 0x9dd3f918
res/drawable-xhdpi/abs__textfield_search_right_default_holo_dark.9.png 0xbbd47d
res/drawable-xhdpi/abs__textfield_search_right_default_holo_light.9.png 0x386c91c4
res/drawable-xhdpi/abs__textfield_search_right_selected_holo_dark.9.png 0x63357d8e
res/drawable-xhdpi/abs__textfield_search_right_selected_holo_light.9.png 0x63357d8e
res/drawable-xhdpi/abs__textfield_search_selected_holo_dark.9.png 0xf856a124
res/drawable-xhdpi/abs__textfield_search_selected_holo_light.9.png 0x8b354482
res/drawable-xhdpi/ic_launcher.png 0x597e44ed
res/drawable-xxhdpi/ic_launcher.png 0x88cbfaab
res/layout-large/abs__action_mode_close_item.xml 0x22a11ab5
res/layout-xlarge/abs__screen_action_bar.xml 0xbfe0fd44
res/layout-xlarge/abs__screen_action_bar_overlay.xml 0x2bbb1af9
classes.dex 0x8771008a
jsr305_annotations/Jsr305_annotations.gwt.xml 0x8d4f3e59
jsr305_annotations/v0_r47/V0_r47.gwt.xml 0x8b4479b0
META-INF/MANIFEST.MF 0x24ffd6ae
META-INF/CERT.SF 0x1d7e2a1e
META-INF/CERT.RSA 0x865641c1
运行截图
VirSCANVirSCAN
VirSCAN