VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Scanner(s) (0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2017-07-11 11:41:57 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 5
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 1
avast 170303-1 4.7.4 2017-03-03 Found nothing 60
avg 2109/14149 10.0.1405 2017-07-04 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 8
baidusd 1.0 1.0 2017-03-22 Found nothing 1
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 23551 0.97.5 2017-07-10 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2017-06-18 Found nothing 60
fortinet 50.090, 49.961, 49.970 5.4.247 2017-07-11 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.13300 25.13300 2017-07-09 Found nothing 12
ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2017-07-05 Found nothing 2
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2017-07-10 Found nothing 4
mcafee 8261 5400.1158 2016-08-18 Found nothing 60
nod32 1777 3.0.21 2015-06-12 Found nothing 60
panda 9.05.01 9.05.01 2017-07-09 Found nothing 4
pcc 13.302.06 9.500-1005 2017-03-27 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 6
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2017-07-10 Found nothing 3
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 2
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 3
thehacker 6.8.0.5 6.8.0.5 2017-07-09 Found nothing 2
tws 17.47.17308 1.0.2.2108 2017-07-10 Found nothing 14
vba 3.12.29.5 beta 3.12.29.5 beta 2017-07-10 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:eaf7d9b922023c4c62f432a2677c19b0
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.chaoxing
最低运行环境:Android 2.1.x
版权:Android
进程行为
VirSCANVirSCAN
文件行为
VirSCANVirSCAN
行为描述: 查找文件
详情信息: FileName = C:\Program Files
FileName = C:\Program Files\Microsoft Office
FileName = C:\Program Files\Microsoft Office\OFFICE11\Normal.dot
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Templates\Normal.dot
FileName = C:\Documents and Settings\Administrator\Local Settings\%temp%\****.exe_7zdump\Normal.dot
FileName = C:\WINDOWS
FileName = C:\WINDOWS\WinSxS
FileName = C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
FileName = C:/Documents and Settings/Administrator/Local Settings/Temp/EB93A6/%temp%\****.exe_7zdump\神奇男侠将在手机机领域抗衡苹果为什么航空品牌应该投资聊天机器人,而且就是现在?.doc
FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\桌面
FileName = C:\//Documents%20and%20Settings/Administrator/Local%20Settings/Temp/EB93A6/%temp%\****.exe_7zdump/神奇男侠将在手机机领域抗衡苹果为什么航空品牌应该投资聊天机器人,而且就是现在?.doc
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Word\STARTUP\*.*
FileName = C:\Program Files\Microsoft Office\OFFICE11\STARTUP\*.*
行为描述: 复制文件
详情信息: C:\Program Files\Microsoft Office\OFFICE11\opa11.bak ---> C:\Program Files\Microsoft Office\OFFICE11\opa11.dat
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\}I
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\M
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\MTTT
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\MTTF
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\MTTA
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\=N
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\O
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\O
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\wO
\REGISTRY\USER\S-*\Software\Microsoft\Office\Common\Assistant\CurrAsstState
行为描述: 删除注册表键值
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\MTTT
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\M
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\=N
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\O
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\O
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\wO
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\}I
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\WordName
行为描述: 删除注册表键
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: Local\Mutex_MSOSharedMem
CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
Local\Mso97SharedDg19211108221Mutex
Local\Mso97SharedDg20321108221Mutex
MSCTF.GCompartListMUTEX.DefaultS-*
Local\Mso97SharedDg19521108221Mutex
MSCTF.Shared.MUTEX.IOH
Local\Mso97SharedDg19531108221Mutex
Local\Mso97SharedDg19541108221Mutex
OfficeAssistantStateMutex
行为描述: 创建事件对象
详情信息: EventName = Local\MsoTestEvent_a08c7d05-2046-4191-b1e9-2c8e1958e0cd
EventName = PrimaryWord11Mutex
EventName = MSCTF.SendReceive.Event.AMJ.IC
EventName = MSCTF.SendReceiveConection.Event.AMJ.IC
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [MSOBALLOON,]
NtUserFindWindowEx: [Class,Window] = [MsoHelp10,]
NtUserFindWindowEx: [Class,Window] = [AgentAnim,]
NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [MsoHelp11,]
行为描述: 窗口信息
详情信息: Pid = 2492, Hwnd=0x1034c, Text = MsoDockTop, ClassName = MsoCommandBarDock.
Pid = 2492, Hwnd=0x10354, Text = 格式, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x10352, Text = 常用, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x10356, Text = 菜单栏, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x20346, Text = 文档 1, ClassName = _WwB.
Pid = 2492, Hwnd=0x10368, Text = MSO Generic Control Container, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x1036c, Text = MSO Generic Control Container, ClassName = MsoCommandBar.
Pid = 2492, Hwnd=0x10362, Text = Microsoft Word 文档, ClassName = _WwG.
Pid = 2492, Hwnd=0x2033e, Text = 文档 1 - Microsoft Word, ClassName = OpusApp.
行为描述: 调整进程token权限
详情信息: SE_LOAD_DRIVER_PRIVILEGE
行为描述: 打开事件
详情信息: Global\MsoTestEvent_a08c7d05-2046-4191-b1e9-2c8e1958e0cd
MSFT.VSA.COM.DISABLE.2492
MSFT.VSA.IEC.STATUS.6c736db0
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
_fCanRegisterWithShellService
CTF.ThreadMIConnectionEvent.000007E8.00000000.0000000F
CTF.ThreadMarshalInterfaceEvent.000007E8.00000000.0000000F
MSCTF.SendReceiveConection.Event.IOH.IC
MSCTF.SendReceive.Event.IOH.IC
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,ThunderRT6Main]
行为描述: 打开互斥体
详情信息: ShimCacheMutex
Local\Mutex_MSOSharedMem
Local\Mso97SharedDg19211108221Mutex
Local\Mso97SharedDg20321108221Mutex
Local\MU_ACBPIDS08
CtfmonInstMutexDefaultS-*
Local\Mso97SharedDg19521108221Mutex
Local\Mso97SharedDg19531108221Mutex
Local\Mso97SharedDg19541108221Mutex
OfficeAssistantStateMutex
Activities
VirSCANVirSCAN
活动名 类型
.widget.BookShelf android.intent.action.MAIN
.widget.BookShelf com.chaoxing.widget.BookShelf
.widget.BookShelf android.intent.category.LAUNCHER
.widget.BookShelf android.intent.category.DEFAULT
.widget.CWebView com.chaoxing.widget.CWebView
.widget.CWebView android.intent.category.DEFAULT
com.chaoxing.widget.Reader com.chaoxing.widget.Reader
com.chaoxing.widget.Reader android.intent.category.DEFAULT
com.chaoxing.widget.PathRequestActivity com.chaoxing.widget.PathRequestActivity
com.chaoxing.widget.PathRequestActivity android.intent.category.DEFAULT
危险函数
VirSCANVirSCAN
函数名称 信息
android/app/NotificationManager;->notify 信息通知栏
HttpClient;->execute 请求远程服务器
ContentResolver;->delete 删除短信、联系人
ContentResolver;->query 读取联系人、短信等数据库
java/net/URL;->openConnection 连接URL
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.READ_PHONE_STATE 读取电话状态
服务列表
VirSCANVirSCAN
名称
com.chaoxing.HttpAsyncService
com.chaoxing.BookDownloadManager
Providers
VirSCANVirSCAN
名称 信息
com.chaoxing.HttpAsyncService
com.chaoxing.BookDownloadManager
文件列表
VirSCANVirSCAN
文件名 校验码
assets/ext-min.css 0x1f55cab8
assets/ext4-compoent-min.js 0x66e480ab
res/anim/fadein.xml 0x234b07db
res/anim/fadeout.xml 0x35b06ba3
res/anim/layout_grid_fade.xml 0xc6fa5f31
res/anim/rotate.xml 0xe3ceb2
res/anim/slide_in_top.xml 0xd13a2b59
res/anim/slide_out_top.xml 0xfad0c194
res/drawable/bk_style_list0.png 0xe9ce2609
res/drawable/bk_style_list1.png 0x9098468
res/drawable/bk_style_shelf0.png 0x63791f7
res/drawable/bk_style_shelf1.png 0xe7c4f9b4
res/drawable/book_dl_complete.png 0xaa9e957a
res/drawable/book_dl_error.png 0x24cce7e1
res/drawable/book_dl_notify.png 0x5bf8fe4e
res/drawable/book_json_dlg_abs_bg.xml 0xb865430d
res/drawable/book_json_dlg_bg.xml 0xb3a9eee1
res/drawable/book_json_dlg_btn.xml 0x619a0e0a
res/drawable/book_json_dlg_btn_bg.9.png 0x55fc8cf1
res/drawable/book_json_dlg_btn_bg_press.9.png 0xfa982cbc
res/drawable/book_proccess_bg.xml 0xf2073c3e
res/drawable/book_shadow.png 0x21355049
res/drawable/bookmarks_list.png 0x6adf4541
res/drawable/bookshelf_bg.xml 0x5d270d65
res/drawable/bookshelftoolbar_bg.png 0xf7a9f6de
res/drawable/bright_dark.png 0x4d4283d5
res/drawable/bright_wood.xml 0xd1f8346c
res/drawable/bright_wood_pic.png 0x33eb9017
res/drawable/category_all.png 0x93b627fb
res/drawable/default_cover.png 0x65b4219b
res/drawable/delete.png 0xc9beeb7
res/drawable/go_category.png 0x67c55aa6
res/drawable/ico1.png 0x2b016d9b
res/drawable/ico3.png 0xffe490b5
res/drawable/ico4.png 0x65a7ad72
res/drawable/icon.png 0x179eb318
res/drawable/loading_bg.xml 0x2a9f87cc
res/drawable/loading_pic.png 0xa3c41311
res/drawable/onlinelib.png 0x4a6b0efd
res/drawable/onlinelib_btn.xml 0xff596508
res/drawable/onlinelib_selected.png 0x15eb3101
res/drawable/outline_list_collapse.png 0x50e9898
res/drawable/outline_list_expand.png 0x65ada1ec
res/drawable/page_type.png 0xd96bd140
res/drawable/picture_frame.9.png 0x3a5e9b24
res/drawable/popwindow_bg.xml 0x3ade5aa2
res/drawable/progress_horizontal.xml 0xf5dc93e4
res/drawable/progress_horizontal_error.xml 0x6e73ecce
res/drawable/read_back.png 0x3f373a24
res/drawable/reader_bg.png 0xf1481935
res/drawable/recent_view.png 0x336c236d
res/drawable/refresh.png 0x2b199c3d
res/drawable/refresh_btn.xml 0x4edbec41
res/drawable/refresh_selected.png 0x59b50d21
res/drawable/searchbook.9.png 0x83fee13d
res/drawable/tab_bg_selected.xml 0x83d6f1f7
res/drawable/toolbar_back.png 0xb67c9908
res/drawable/web_lib.png 0x535312c
res/drawable/web_lib_btn.xml 0x236be835
res/drawable/web_lib_selected.png 0x86d54a8a
res/drawable/webbottom_bg.xml 0xaff183ba
res/drawable/webtoolbar_bg.xml 0x662e49ce
res/layout/add_bookmarks.xml 0x1d00d12f
res/layout/book.xml 0xe5827fd
res/layout/book_dl_process.xml 0xb49d9e37
res/layout/book_json_dlg.xml 0xad8e7279
res/layout/bookmark_listitem.xml 0x7c26e84c
res/layout/bookshelf.xml 0x7b8fbb07
res/layout/catalog_listitem.xml 0xb162d741
res/layout/classify.xml 0x9b9f6e6e
res/layout/classify_list.xml 0xe5e31561
res/layout/classify_mask.xml 0xe11661fa
res/layout/loading.xml 0xb881b04
res/layout/pagetype_item.xml 0x8a123ea7
res/layout/popup_bookmarks_window.xml 0x71ac25ee
res/layout/popup_cacatalog_window.xml 0xffde965a
res/layout/popup_pagetype_window.xml 0x58818c35
res/layout/reader.xml 0x6acc464a
res/layout/reader_container.xml 0x4eb6ee77
res/layout/web_bottom_tab.xml 0x41924f2f
res/layout/webview.xml 0xfac99200
AndroidManifest.xml 0xd03d5fe2
resources.arsc 0x2b6f9cab
res/drawable-hdpi/book_json_dlg_btn_bg.9.png 0xcc73e4a7
res/drawable-hdpi/book_json_dlg_btn_bg_press.9.png 0xfa982cbc
res/drawable-hdpi/last_lev_shelf.png 0x6be63bf7
res/drawable-hdpi/recent_view.png 0x336c236d
res/drawable-hdpi/searchbook.9.png 0x83fee13d
res/drawable-ldpi/book_json_dlg_btn_bg.9.png 0xcc73e4a7
res/drawable-ldpi/book_json_dlg_btn_bg_press.9.png 0xfa982cbc
res/drawable-ldpi/last_lev_shelf.png 0x6be63bf7
res/drawable-ldpi/recent_view.png 0x336c236d
res/drawable-ldpi/searchbook.9.png 0x83fee13d
res/drawable-mdpi/book_json_dlg_btn_bg.9.png 0xcc73e4a7
res/drawable-mdpi/book_json_dlg_btn_bg_press.9.png 0xfa982cbc
res/drawable-mdpi/last_lev_shelf.png 0x6be63bf7
res/drawable-mdpi/recent_view.png 0x336c236d
res/drawable-mdpi/searchbook.9.png 0x83fee13d
classes.dex 0xb7b0072f
lib/armeabi/libpdgparser.so 0x5ce324ef
lib/armeabi/libSecurity.so 0x789f873b
META-INF/MANIFEST.MF 0x833d28a4
META-INF/CERT.SF 0xba45489b
META-INF/CERT.RSA 0x48ad856d
运行截图
VirSCANVirSCAN
VirSCAN