VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2016-12-22 23:42:46 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 2.0 1970-01-01 Found nothing 6
asquared 9.0.0.4799 9.0.0.4799 2015-03-08 Found nothing 6
avast 161221-0 4.7.4 2016-12-21 Found nothing 60
avg 2109/13100 10.0.1405 2016-12-16 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 3
baidusd 1.0 1.0 2014-04-02 Found nothing 3
bitdefender 7.58879 7.90123 2015-01-16 Found nothing 60
clamav 22739 0.97.5 2016-12-19 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2016-12-09 Found nothing 60
fortinet 41.578, 41.578, 41.578 5.4.233 2016-12-22 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2016-02-05 Found nothing 60
fsecure 2015-08-01-02 9.13 2015-08-01 Found nothing 60
gdata 25.9667 25.9667 2016-12-22 Found nothing 13
ikarus 1.06.01 V1.32.31.0 2016-11-28 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2016-12-19 Found nothing 46
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2013-09-22 Found nothing 12
mcafee 8254 5400.1158 2016-08-11 Found nothing 60
nod32 1777 3.0.21 2015-06-12 Found nothing 60
panda 9.05.01 9.05.01 2016-12-21 Found nothing 5
pcc 13.108.07 9.500-1005 2016-12-21 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 3
qqphone 1.0.0.0 1.0.0.0 2015-12-30 Found nothing 60
quickheal 14.00 14.00 2016-12-21 Found nothing 5
rising 26.28.00.01 26.28.00.01 2016-07-18 Found nothing 13
sophos 5.32 3.65.2 2016-10-10 Found nothing 60
symantec 20151230.005 1.3.0.24 2015-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 19
thehacker 6.8.0.5 6.8.0.5 2016-12-19 Found nothing 5
tws 17.47.17308 1.0.2.2108 2016-12-21 Found nothing 19
vba 3.12.29.3 beta 3.12.29.3 beta 2016-12-15 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
com.android.vending.BILLING
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:1a47ba2b03e79bda1ef4b39a48b9291f
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:roman10.media.converterv2
最低运行环境:Android 4.1, 4.1.1
版权:Android
关键行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe, WriteAddress = 0x00050000, Size = 0x00000020
TargetProcess = C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe, WriteAddress = 0x00050020, Size = 0x00000034
TargetProcess = C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe, WriteAddress = 0x7ffdc238, Size = 0x00000004
TargetProcess = C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\HSoftDoloEx.exe, WriteAddress = 0x00170000, Size = 0x00000020
TargetProcess = C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\HSoftDoloEx.exe, WriteAddress = 0x00170020, Size = 0x00000034
TargetProcess = C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\HSoftDoloEx.exe, WriteAddress = 0x7ffde238, Size = 0x00000004
TargetProcess = C:\Windows\System32\cmd.exe, WriteAddress = 0x00050000, Size = 0x00000020
TargetProcess = C:\Windows\System32\cmd.exe, WriteAddress = 0x00050020, Size = 0x00000034
TargetProcess = C:\Windows\System32\cmd.exe, WriteAddress = 0x7ffdb238, Size = 0x00000004
TargetProcess = C:\Windows\System32\cmd.exe, WriteAddress = 0x7ffd4238, Size = 0x00000004
行为描述: 查找杀软驱动文件
详情信息: FileName = \\?\C:\Windows\System32\360Safe.exe (360安全卫士)
FileName = C:\Windows\System32\360Safe.exe (360安全卫士)
行为描述: 常规加载驱动
详情信息: \??\C:\Windows\system32\drivers\LcScience.sys
\??\C:\Windows\system32\drivers\WaNdFilter.sys
行为描述: 获取TickCount值
详情信息: TickCount = 825062, SleepMilliseconds = 60000.
TickCount = 825078, SleepMilliseconds = 60000.
TickCount = 825093, SleepMilliseconds = 60000.
TickCount = 825109, SleepMilliseconds = 60000.
TickCount = 825125, SleepMilliseconds = 60000.
TickCount = 825140, SleepMilliseconds = 60000.
TickCount = 825156, SleepMilliseconds = 60000.
TickCount = 825171, SleepMilliseconds = 60000.
TickCount = 825187, SleepMilliseconds = 60000.
TickCount = 825203, SleepMilliseconds = 60000.
TickCount = 825218, SleepMilliseconds = 60000.
TickCount = 825281, SleepMilliseconds = 60000.
TickCount = 825296, SleepMilliseconds = 60000.
TickCount = 769010, SleepMilliseconds = 10.
TickCount = 769025, SleepMilliseconds = 10.
行为描述: 自删除
详情信息: C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0x41010a3b.
Foreground window Info: HWND = 0x00000000, DC = 0xfc0108c5.
Foreground window Info: HWND = 0x00000000, DC = 0xc301028f.
Foreground window Info: HWND = 0x00000000, DC = 0xfe010a48.
Foreground window Info: HWND = 0x00000000, DC = 0x8b010a17.
Foreground window Info: HWND = 0x00000000, DC = 0xa2010a5c.
行为描述: 设置特殊文件夹属性
详情信息: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies
C:\Users\Administrator\AppData\Local\Microsoft\Windows\History\History.IE5
行为描述: 创建系统服务
详情信息: [服务创建成功]: LcScience, C:\Windows\system32\drivers\LcScience.sys
[服务创建成功]: WaNdFilter, C:\Windows\system32\drivers\WaNdFilter.sys
进程行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe, WriteAddress = 0x00050000, Size = 0x00000020
TargetProcess = C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe, WriteAddress = 0x00050020, Size = 0x00000034
TargetProcess = C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe, WriteAddress = 0x7ffdc238, Size = 0x00000004
TargetProcess = C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\HSoftDoloEx.exe, WriteAddress = 0x00170000, Size = 0x00000020
TargetProcess = C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\HSoftDoloEx.exe, WriteAddress = 0x00170020, Size = 0x00000034
TargetProcess = C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\HSoftDoloEx.exe, WriteAddress = 0x7ffde238, Size = 0x00000004
TargetProcess = C:\Windows\System32\cmd.exe, WriteAddress = 0x00050000, Size = 0x00000020
TargetProcess = C:\Windows\System32\cmd.exe, WriteAddress = 0x00050020, Size = 0x00000034
TargetProcess = C:\Windows\System32\cmd.exe, WriteAddress = 0x7ffdb238, Size = 0x00000004
TargetProcess = C:\Windows\System32\cmd.exe, WriteAddress = 0x7ffd4238, Size = 0x00000004
行为描述: 查找杀软驱动文件
详情信息: FileName = \\?\C:\Windows\System32\360Safe.exe (360安全卫士)
FileName = C:\Windows\System32\360Safe.exe (360安全卫士)
行为描述: 常规加载驱动
详情信息: \??\C:\Windows\system32\drivers\LcScience.sys
\??\C:\Windows\system32\drivers\WaNdFilter.sys
行为描述: 获取TickCount值
详情信息: TickCount = 825062, SleepMilliseconds = 60000.
TickCount = 825078, SleepMilliseconds = 60000.
TickCount = 825093, SleepMilliseconds = 60000.
TickCount = 825109, SleepMilliseconds = 60000.
TickCount = 825125, SleepMilliseconds = 60000.
TickCount = 825140, SleepMilliseconds = 60000.
TickCount = 825156, SleepMilliseconds = 60000.
TickCount = 825171, SleepMilliseconds = 60000.
TickCount = 825187, SleepMilliseconds = 60000.
TickCount = 825203, SleepMilliseconds = 60000.
TickCount = 825218, SleepMilliseconds = 60000.
TickCount = 825281, SleepMilliseconds = 60000.
TickCount = 825296, SleepMilliseconds = 60000.
TickCount = 769010, SleepMilliseconds = 10.
TickCount = 769025, SleepMilliseconds = 10.
行为描述: 自删除
详情信息: C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0x41010a3b.
Foreground window Info: HWND = 0x00000000, DC = 0xfc0108c5.
Foreground window Info: HWND = 0x00000000, DC = 0xc301028f.
Foreground window Info: HWND = 0x00000000, DC = 0xfe010a48.
Foreground window Info: HWND = 0x00000000, DC = 0x8b010a17.
Foreground window Info: HWND = 0x00000000, DC = 0xa2010a5c.
行为描述: 设置特殊文件夹属性
详情信息: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies
C:\Users\Administrator\AppData\Local\Microsoft\Windows\History\History.IE5
行为描述: 创建系统服务
详情信息: [服务创建成功]: LcScience, C:\Windows\system32\drivers\LcScience.sys
[服务创建成功]: WaNdFilter, C:\Windows\system32\drivers\WaNdFilter.sys
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Users\Administrator\AppData\Roaming\Microsoft\Crypto\RSA\S-*\a18ca4003deb042bbee7a40f15e1970b_2f8e854c-b3b2-42a4-9df2-1e8ea361c12c
C:\Users\Administrator\AppData\Local\%temp%\countly.sqlite
C:\Users\Administrator\AppData\Local\%temp%\countly.sqlite-journal
C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\dtmp.zd
C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\dtmp.z
C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\npJuziPlugin.dll
C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe
C:\Users\Administrator\AppData\LocalLow\JuziPlugin\1.0.0.1020\npjuziplugin.dll
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\Encrypt.7z
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\Decrypt.7z
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\HSoftDoloEx.exe
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\bime.dll
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\bime64.dll
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\LcScience.sys
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\LcScience64.sys
行为描述: 查找杀软驱动文件
详情信息: FileName = \\?\C:\Windows\System32\360Safe.exe (360安全卫士)
FileName = C:\Windows\System32\360Safe.exe (360安全卫士)
行为描述: 创建可执行文件
详情信息: C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\npJuziPlugin.dll
C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe
C:\Users\Administrator\AppData\LocalLow\JuziPlugin\1.0.0.1020\npjuziplugin.dll
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\HSoftDoloEx.exe
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\bime.dll
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\bime64.dll
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\LcScience.sys
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\LcScience64.sys
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\WaNdFilter.sys
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\WaNdFilter64.sys
C:\Windows\System32\drivers\LcScience.sys
C:\Windows\System32\drivers\WaNdFilter.sys
C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\HSoftDoloEx.exe
C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\bime.dll
C:\Users\Administrator\AppData\Roaming\Temp\-1586472857.tmp
行为描述: 复制文件
详情信息: C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\npJuziPlugin.dll ---> C:\Users\Administrator\AppData\LocalLow\JuziPlugin\1.0.0.1020\npjuziplugin.dll
C:\Users\ADMINI~1\AppData\Local\Temp\nvMultitasking\LcScience.sys ---> C:\Windows\system32\drivers\LcScience.sys
C:\Users\ADMINI~1\AppData\Local\Temp\nvMultitasking\WaNdFilter.sys ---> C:\Windows\system32\drivers\WaNdFilter.sys
C:\Users\ADMINI~1\AppData\Local\Temp\nvMultitasking\HSoftDoloEx.exe ---> C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\HSoftDoloEx.exe
C:\Users\ADMINI~1\AppData\Local\Temp\nvMultitasking\bime.dll ---> C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\bime.dll
C:\Users\Administrator\AppData\Roaming\Temp\-1552109052.tmp ---> C:\Users\Administrator\AppData\Roaming\Temp\-1552109052.tmp.png
行为描述: 删除文件
详情信息: C:\Users\Administrator\AppData\Local\%temp%\countly.sqlite-journal
C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\dtmp.zd
C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\dtmp.z
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\bime.dll
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\bime64.dll
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\Decrypt.7z
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\Encrypt.7z
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\HSoftDoloEx.exe
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\LcScience.sys
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\LcScience64.sys
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\WaNdFilter.sys
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\WaNdFilter64.sys
C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\countly.sqlite-journal
C:\Users\Administrator\AppData\Roaming\Temp\-1586472857.tmp
C:\Users\Administrator\AppData\Roaming\Temp\-1573998435.tmp
行为描述: 查找文件
详情信息: FileName = C:\Users\Administrator\AppData\Roaming\Microsoft\Crypto\RSA\S-*\a18ca4003deb042bbee7a40f15e1970b_*
FileName = C:\Users\Administrator\AppData\Roaming\Microsoft\Crypto\RSA\*
FileName = C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\\*.*
FileName = C:\Users
FileName = C:\Users\Administrator\AppData
FileName = C:\Users\Administrator\AppData\Roaming
FileName = C:\Users\Administrator\AppData\Roaming\Temp
FileName = C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\*.*
FileName = C:\Users\ADMINI~1\AppData\Local\Temp\nvMultitasking\*
FileName = C:\Users\ADMINI~1\AppData\Local\Temp\nvMultitasking\*.sys
FileName = C:\Users\ADMINI~1\AppData\Local\Temp\nvMultitasking\*.exe
FileName = C:\Users\ADMINI~1\AppData\Local\Temp\nvMultitasking\*.dll
FileName = C:\Users\ADMINI~1\AppData\Local\Temp\nvMultitasking\*.dat
FileName = C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\*.*
FileName = \\?\C:\Users
行为描述: 设置特殊文件夹属性
详情信息: C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Cookies
C:\Users\Administrator\AppData\Local\Microsoft\Windows\History\History.IE5
行为描述: 修改文件内容
详情信息: C:\Users\Administrator\AppData\Roaming\Microsoft\Crypto\RSA\S-*\a18ca4003deb042bbee7a40f15e1970b_2f8e854c-b3b2-42a4-9df2-1e8ea361c12c ---> Offset = 0
C:\Users\Administrator\AppData\Local\%temp%\countly.sqlite-journal ---> Offset = 0
C:\Users\Administrator\AppData\Local\%temp%\countly.sqlite ---> Offset = 0
C:\Users\Administrator\AppData\Local\%temp%\countly.sqlite ---> Offset = 1024
C:\Users\Administrator\AppData\Local\%temp%\countly.sqlite-journal ---> Offset = 512
C:\Users\Administrator\AppData\Local\%temp%\countly.sqlite-journal ---> Offset = 516
C:\Users\Administrator\AppData\Local\%temp%\countly.sqlite-journal ---> Offset = 1540
C:\Users\Administrator\AppData\Local\%temp%\countly.sqlite ---> Offset = 2048
C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\dtmp.zd ---> Offset = 0
C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\dtmp.z ---> Offset = 0
C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\dtmp.z ---> Offset = 1376256
C:\Users\Administrator\AppData\Local\%temp%\countly.sqlite-journal ---> Offset = 1544
C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\npJuziPlugin.dll ---> Offset = 0
C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe ---> Offset = 0
C:\Users\Administrator\AppData\LocalLow\JuziPlugin\1.0.0.1020\npjuziplugin.dll ---> Offset = 0
行为描述: 自删除
详情信息: C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe
网络行为
VirSCANVirSCAN
行为描述: 下载文件
详情信息: C:\Users\Administrator\AppData\Roaming\Temp\-1586472857.tmp
C:\Users\Administrator\AppData\Roaming\Temp\-1573998435.tmp
C:\Users\Administrator\AppData\Roaming\Temp\-1563010257.tmp
C:\Users\Administrator\AppData\Roaming\Temp\-1552109052.tmp
C:\Users\Administrator\AppData\Roaming\Temp\-1552109052.tmp.png
C:\Users\Administrator\AppData\Roaming\Temp\-1564080773.tmp
C:\Users\Administrator\AppData\Roaming\Temp\-1586158488.tmp
C:\Users\Administrator\AppData\Roaming\Temp\-1604560792.tmp
C:\Users\Administrator\AppData\Roaming\Temp\-1579222034.tmp
C:\Users\Administrator\AppData\Roaming\Temp\-1603438482.tmp
C:\Users\Administrator\AppData\Local\Temp\dhC648.tmp
C:\Users\Administrator\AppData\Roaming\Temp\-1493922372.tmp
C:\Users\Administrator\AppData\Roaming\Temp\-1530162921.tmp
行为描述: 连接指定站点
详情信息: InternetConnectA: ServerName = se****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
InternetConnectA: ServerName = up****et, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
InternetConnectA: ServerName = so****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000000
InternetConnectA: ServerName = or****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
InternetConnectA: ServerName = up****et, PORT = 80, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000000
InternetConnectA: ServerName = lo****et, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
InternetConnectA: ServerName = to****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
行为描述: 打开HTTP连接
详情信息: InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0), hSession = 0x00cc0004
InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0), hSession = 0x00cc0010
行为描述: 建立到一个指定的套接字连接
详情信息: URL: se****om, IP: **.133.40.**:80, SOCKET = 0x00000320
URL: se****om, IP: **.133.40.**:80, SOCKET = 0x0000031c
URL: up****et, IP: **.133.40.**:80, SOCKET = 0x000003b0
URL: so****om, IP: **.133.40.**:80, SOCKET = 0x000003c8
URL: or****om, IP: **.133.40.**:80, SOCKET = 0x000003cc
URL: se****om, IP: **.133.40.**:80, SOCKET = 0x0000012c
URL: up****et, IP: **.133.40.**:80, SOCKET = 0x0000012c
URL: lo****et, IP: **.133.40.**:80, SOCKET = 0x0000012c
URL: to****om, IP: **.133.40.**:80, SOCKET = 0x00000308
URL: se****om, IP: **.133.40.**:80, SOCKET = 0x0000038c
URL: se****om, IP: **.133.40.**:80, SOCKET = 0x000001e4
行为描述: 读取网络文件
详情信息: hFile = 0x00cc000c, BytesToRead =32768, BytesRead = 32768.
hFile = 0x00cc0018, BytesToRead =32768, BytesRead = 32768.
行为描述: 发送HTTP包
详情信息: GET /i?app_key=e131e8b51bc9c4bb395446794bfdcef9e115b082&device_id=0000246f00005eb500001ebe00007cc400000842&sdk_version=16.02&begin_session=1&metrics=%7b%0a%22_os%22%3a%22Windows%207%22%2c%0a%22_device%22%3a%22PC%22%2c%0a%22_resolution%22%3a%221920x973%22%2c%0a%22_carrier%22%3a%22Free%22%2c%0a%22_app_version%22%3a%221.0.0.8%22%0a%7d HTTP/1.1 Accept: */* Pragma: no-cache Cache-Control: no-cache Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: se****om Connection: Close
GET /i?app_key=e131e8b51bc9c4bb395446794bfdcef9e115b082&device_id=0000246f00005eb500001ebe00007cc400000842&session_duration=300000 HTTP/1.1 Accept: */* Pragma: no-cache Cache-Control: no-cache Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: se****om Connection: Close
GET /ntflp.php HTTP/1.1 Accept: */* Pragma: no-cache Cache-Control: no-cache Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: up****et Connection: Close
GET /uploads/preview/soft/f4/30906/26b75e7f03a3c4b1af22b8bac7519b40.png HTTP/1.1 Accept: */* Pragma: no-cache Cache-Control: no-cache Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: so****om Connection: Close
GET /common/cmsone?cms=soft_dl&keys=class_soft_task HTTP/1.1 Accept: */* Pragma: no-cache Cache-Control: no-cache Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: or****om Connection: Close
GET /i?app_key=b6b8c04109716276048a7ab0c2908f7becedf903&device_id=00004a4f00004f0800006d43000022cf00005126&sdk_version=16.02&begin_session=1&metrics=%7b%0a%22_os%22%3a%22Windows%207%22%2c%0a%22_device%22%3a%22PC%22%2c%0a%22_resolution%22%3a%221920x973%22%2c%0a%22_carrier%22%3a%22Free%22%2c%0a%22_app_version%22%3a%223.2.0.1%22%0a%7d HTTP/1.1 Accept: */* Pragma: no-cache Cache-Control: no-cache Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: se****om Connection: Close
GET /update.php?genre=tsKdx&type=tsKdx_updateCheck&ver=3.2.0.1&cid=&umid=A2FB81A58527C329A5CA83ABD10353DF&os=3&safe=0&ie=8&flash=11.1&ck=254AA6EEB697480F6E1E8E87252C55D5 HTTP/1.1 Accept: */* Pragma: no-cache Cache-Control: no-cache Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: up****et Connection: Close
GET /i?app_key=b6b8c04109716276048a7ab0c2908f7becedf903&device_id=00004a4f00004f0800006d43000022cf00005126&session_duration=300000 HTTP/1.1 Accept: */* Pragma: no-cache Cache-Control: no-cache Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: se****om Connection: Close
GET /log.php?type=tsKdx_updateEnd&ver=3.2.0.1&cid=&umid=A2FB81A58527C329A5CA83ABD10353DF&i=6&ir=0&iec=503&os=3&safe=0&ie=8&flash=11.1&ck=10EF64749FA3085607FD1730E113AEC1 HTTP/1.1 Accept: */* Pragma: no-cache Cache-Control: no-cache Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: lo****et Connection: Close
GET /images/track.gif?pn=jz&tn=&os=3&uuid=C_0-D_42563032363963623731652d3837646230372035-M_080027488980-V_30FD04F0-T_20161222112801&version=3.2.0.1&query=active&set_default=0&interbar=0&type=client&firlaunch=1&frolaunch=0_3 HTTP/1.1 Accept: */* Pragma: no-cache Cache-Control: no-cache Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: to****om Connection: Close
GET /i?app_key=e131e8b51bc9c4bb395446794bfdcef9e115b082&device_id=0000246f00005eb500001ebe00007cc400000842&events=%5b%7b%0a%20%20%22timestamp%22%3a%20%221482377336013%22%2c%0a%20%20%22key%22%3a%20%22Safe_0%22%2c%0a%20%20%22count%22%3a%201%0a%7d%5d HTTP/1.1 Accept: */* Pragma: no-cache Cache-Control: no-cache Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: se****om Connection: Close
GET /i?app_key=e131e8b51bc9c4bb395446794bfdcef9e115b082&device_id=0000246f00005eb500001ebe00007cc400000842&end_session=1 HTTP/1.1 Accept: */* Pragma: no-cache Cache-Control: no-cache Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0) Host: se****om Connection: Close
行为描述: 打开HTTP请求
详情信息: HttpOpenRequestA: se****om:80/i?app_key=e131e8b51bc9c4bb395446794bfdcef9e115b082&device_id=0000246f00005eb500001ebe00007cc400000842&sdk_version=16.02&begin_session=1&metrics=%7b%0a%22_os%22%3a%22windows%207%22%2c%0a%22_device%22%3a%22pc%22%2c%0a%22_resolution%22%3a%, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x8400c300
HttpOpenRequestA: se****om:80/i?app_key=e131e8b51bc9c4bb395446794bfdcef9e115b082&device_id=0000246f00005eb500001ebe00007cc400000842&session_duration=300000, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x8400c300
HttpOpenRequestA: up****et:80/ntflp.php, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x8400c300
HttpOpenRequestA: so****om:80/uploads/preview/soft/f4/30906/26b75e7f03a3c4b1af22b8bac7519b40.png, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: GET, Referer: , Flags = 0x8400c300
HttpOpenRequestA: se****om:80/i?app_key=b6b8c04109716276048a7ab0c2908f7becedf903&device_id=00004a4f00004f0800006d43000022cf00005126&sdk_version=16.02&begin_session=1&metrics=%7b%0a%22_os%22%3a%22windows%207%22%2c%0a%22_device%22%3a%22pc%22%2c%0a%22_resolution%22%3a%, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x8400c300
HttpOpenRequestA: or****om:80/common/cmsone?cms=soft_dl&keys=class_soft_task, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x8400c300
HttpOpenRequestA: up****et:80/update.php?genre=tskdx&type=tskdx_updatecheck&ver=3.2.0.1&cid=&umid=a2fb81a58527c329a5ca83abd10353df&os=3&safe=0&ie=8&flash=11.1&ck=254aa6eeb697480f6e1e8e87252c55d5, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: GET, Referer: , Flags = 0x8400c300
HttpOpenRequestA: se****om:80/i?app_key=b6b8c04109716276048a7ab0c2908f7becedf903&device_id=00004a4f00004f0800006d43000022cf00005126&session_duration=300000, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x8400c300
HttpOpenRequestA: lo****et:80/log.php?type=tskdx_updateend&ver=3.2.0.1&cid=&umid=a2fb81a58527c329a5ca83abd10353df&i=6&ir=0&iec=503&os=3&safe=0&ie=8&flash=11.1&ck=10ef64749fa3085607fd1730e113aec1, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x8400c300
HttpOpenRequestA: to****om:80/images/track.gif?pn=jz&tn=&os=3&uuid=c_0-d_42563032363963623731652d3837646230372035-m_080027488980-v_30fd04f0-t_20161222112801&version=3.2.0.1&query=active&set_default=0&interbar=0&type=client&firlaunch=1&frolaunch=0_3, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x8408c300
HttpOpenRequestA: se****om:80/i?app_key=e131e8b51bc9c4bb395446794bfdcef9e115b082&device_id=0000246f00005eb500001ebe00007cc400000842&events=%5b%7b%0a%20%20%22timestamp%22%3a%20%221482377336013%22%2c%0a%20%20%22key%22%3a%20%22safe_0%22%2c%0a%20%20%22count%22%3a%201%0a, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x8400c300
HttpOpenRequestA: se****om:80/i?app_key=e131e8b51bc9c4bb395446794bfdcef9e115b082&device_id=0000246f00005eb500001ebe00007cc400000842&end_session=1, hConnect = 0x00cc0008, hRequest = 0x00cc000c, Verb: GET, Referer: , Flags = 0x8400c300
行为描述: 按名称获取主机地址
详情信息: GetAddrInfoW: se****om
GetAddrInfoW: up****et
GetAddrInfoW: so****om
GetAddrInfoW: or****om
GetAddrInfoW: lo****et
GetAddrInfoW: to****om
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\USER\S-*\Software\HDwnld\
\REGISTRY\USER\S-*\Software\HDwnld\lastldtime
\REGISTRY\USER\S-*_CLASSES\CLSID\{F552F265-6686-4422-84E5-C695E35D863A}\InprocServer32\
\REGISTRY\USER\S-*_CLASSES\CLSID\{F552F265-6686-4422-84E5-C695E35D863A}\InprocServer32\ThreadingModel
\REGISTRY\USER\S-*_CLASSES\JuziAgent.Agent\CLSID\
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F552F265-6686-4422-84E5-C695E35D863A}\iexplore\Type
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F552F265-6686-4422-84E5-C695E35D863A}\iexplore\Flags
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F552F265-6686-4422-84E5-C695E35D863A}\iexplore\AllowedDomains\baidu.com\
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F552F265-6686-4422-84E5-C695E35D863A}\iexplore\AllowedDomains\hao123.com\
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F552F265-6686-4422-84E5-C695E35D863A}\iexplore\AllowedDomains\123juzi.com\
\REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\TabProcConfig\baidu.com
\REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\TabProcConfig\hao123.com
\REGISTRY\USER\S-*\Software\Microsoft\Internet Explorer\TabProcConfig\123juzi.com
\REGISTRY\USER\S-*\Software\JuziPlugin\cid
\REGISTRY\USER\S-*\Software\MozillaPlugins\@123juzi.com/npJuziAgent\Path
行为描述: 删除注册表键值
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyOverride
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\User_Feed_Synchronization-{DD45CED3-68D4-4258-9DB0-B2D0B36690C9}.job
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\User_Feed_Synchronization-{DD45CED3-68D4-4258-9DB0-B2D0B36690C9}.job.fp
其他行为
VirSCANVirSCAN
行为描述: 检测自身是否被调试
详情信息: N/A
行为描述: 创建互斥体
详情信息: {B5D66703-1AFE-4CBC-910E-7C1191D55777}
RasPbFile
{9A815E77-CE99-4395-BAFB-D139010AC596}
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
行为描述: 常规加载驱动
详情信息: \??\C:\Windows\system32\drivers\LcScience.sys
\??\C:\Windows\system32\drivers\WaNdFilter.sys
行为描述: 启动系统服务
详情信息: [服务启动成功]: , LcScience, \??\C:\Windows\system32\drivers\LcScience.sys
[服务启动成功]: , WaNdFilter, \??\C:\Windows\system32\drivers\WaNdFilter.sys
行为描述: 窗口信息
详情信息: Pid = 572, Hwnd=0x1c0116, Text = Hao123一键安装器, ClassName = jDownloaderMainFrame.
行为描述: 获取TickCount值
详情信息: TickCount = 825062, SleepMilliseconds = 60000.
TickCount = 825078, SleepMilliseconds = 60000.
TickCount = 825093, SleepMilliseconds = 60000.
TickCount = 825109, SleepMilliseconds = 60000.
TickCount = 825125, SleepMilliseconds = 60000.
TickCount = 825140, SleepMilliseconds = 60000.
TickCount = 825156, SleepMilliseconds = 60000.
TickCount = 825171, SleepMilliseconds = 60000.
TickCount = 825187, SleepMilliseconds = 60000.
TickCount = 825203, SleepMilliseconds = 60000.
TickCount = 825218, SleepMilliseconds = 60000.
TickCount = 825281, SleepMilliseconds = 60000.
TickCount = 825296, SleepMilliseconds = 60000.
TickCount = 769010, SleepMilliseconds = 10.
TickCount = 769025, SleepMilliseconds = 10.
行为描述: 调整进程token权限
详情信息: SE_INC_BASE_PRIORITY_PRIVILEGE
SE_ASSIGNPRIMARYTOKEN_PRIVILEGE
SE_AUDIT_PRIVILEGE
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
\KernelObjects\MaximumCommitCondition
MSFT.VSA.COM.DISABLE.572
MSFT.VSA.IEC.STATUS.6c736db0
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Global\SvcctrlStartEvent_A3752DX
MSFT.VSA.COM.DISABLE.428
Local\MSCTF.CtfActivated.Default1
Local\MSCTF.AsmCacheReady.Default1
行为描述: 获取窗口截图信息
详情信息: Foreground window Info: HWND = 0x00000000, DC = 0x41010a3b.
Foreground window Info: HWND = 0x00000000, DC = 0xfc0108c5.
Foreground window Info: HWND = 0x00000000, DC = 0xc301028f.
Foreground window Info: HWND = 0x00000000, DC = 0xfe010a48.
Foreground window Info: HWND = 0x00000000, DC = 0x8b010a17.
Foreground window Info: HWND = 0x00000000, DC = 0xa2010a5c.
行为描述: 可执行文件签名信息
详情信息: C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\npJuziPlugin.dll(签名验证: 通过)
C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe(签名验证: 通过)
C:\Users\Administrator\AppData\LocalLow\JuziPlugin\1.0.0.1020\npjuziplugin.dll(签名验证: 通过)
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\HSoftDoloEx.exe(签名验证: 通过)
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\bime.dll(签名验证: 通过)
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\bime64.dll(签名验证: 通过)
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\LcScience.sys(签名验证: 通过)
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\LcScience64.sys(签名验证: 通过)
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\WaNdFilter64.sys(签名验证: 通过)
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\WaNdFilter.sys(签名验证: 通过)
C:\Windows\System32\drivers\LcScience.sys(签名验证: 通过)
C:\Windows\System32\drivers\WaNdFilter.sys(签名验证: 通过)
C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\HSoftDoloEx.exe(签名验证: 通过)
C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\bime.dll(签名验证: 通过)
C:\Users\Administrator\AppData\Roaming\Temp\-1586472857.tmp(签名验证: 未通过)
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = 60000.
[2]: MilliSeconds = 0.
[3]: MilliSeconds = 10.
[4]: MilliSeconds = 10.
[2]: MilliSeconds = 60000.
[5]: MilliSeconds = 10.
[6]: MilliSeconds = 10.
[3]: MilliSeconds = 60000.
[4]: MilliSeconds = 60000.
[5]: MilliSeconds = 0.
[7]: MilliSeconds = 10.
[8]: MilliSeconds = 10.
[9]: MilliSeconds = 10.
[10]: MilliSeconds = 60000.
行为描述: 可执行文件MD5
详情信息: C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\npJuziPlugin.dll ---> 214e19f5877d25e04b6fb5107bca3e55
C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe ---> 0f8e2fb9a4e33542d46acb93857d9b99
C:\Users\Administrator\AppData\LocalLow\JuziPlugin\1.0.0.1020\npjuziplugin.dll ---> 214e19f5877d25e04b6fb5107bca3e55
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\HSoftDoloEx.exe ---> c7ffa14362cba4dd25f353d12d8e11c1
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\bime.dll ---> 20b47c01a9208860f092b10571643e6c
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\bime64.dll ---> 5eed52d21167aaed8b4b0c7a245587f8
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\LcScience.sys ---> 610b50111b8f5601a8eab45dc1b1d916
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\LcScience64.sys ---> 7d67ce19947d890dd2515d9ade051f2d
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\WaNdFilter64.sys ---> df9cb6061cc59efbe628a7dd3f4543c5
C:\Users\Administrator\AppData\Local\Temp\nvMultitasking\WaNdFilter.sys ---> a93a159323537a15c24e6388b9a8c435
C:\Windows\System32\drivers\LcScience.sys ---> 610b50111b8f5601a8eab45dc1b1d916
C:\Windows\System32\drivers\WaNdFilter.sys ---> a93a159323537a15c24e6388b9a8c435
C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\HSoftDoloEx.exe ---> c7ffa14362cba4dd25f353d12d8e11c1
C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\bime.dll ---> 20b47c01a9208860f092b10571643e6c
C:\Users\Administrator\AppData\Roaming\Temp\-1586472857.tmp ---> d0966601ecd6239a9ce0241c9aa21571
行为描述: 打开互斥体
详情信息: Local\_!MSFTHISTORY!_
Local\c:!users!administrator!appdata!local!microsoft!windows!temporary internet files!content.ie5!
Local\c:!users!administrator!appdata!roaming!microsoft!windows!cookies!
Local\c:!users!administrator!appdata!local!microsoft!windows!history!history.ie5!
Local\WininetStartupMutex
Local\WininetConnectionMutex
Local\WininetProxyRegistryMutex
RasPbFile
Local\!IETld!Mutex
Local\MSCTF.Asm.MutexDefault1
行为描述: 创建系统服务
详情信息: [服务创建成功]: LcScience, C:\Windows\system32\drivers\LcScience.sys
[服务创建成功]: WaNdFilter, C:\Windows\system32\drivers\WaNdFilter.sys
行为描述: 加载新释放的文件
详情信息: Image: C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\npJuziPlugin.dll.
Image: C:\Users\Administrator\AppData\Roaming\Temp\{B518B0F4-A50F-431A-83D9-88FE89F0E2E9}\nvMultitask.exe.
Image: C:\Users\Administrator\AppData\Roaming\HSoftDoloEx\HSoftDoloEx.exe.
Activities
VirSCANVirSCAN
活动名 类型
roman10.media.converterv2.main.ActivityMain android.intent.action.MAIN
roman10.media.converterv2.main.ActivityMain android.intent.category.LAUNCHER
roman10.media.converterv2.options.controllers.ConvertOptionsActivity android.intent.action.SEND
roman10.media.converterv2.options.controllers.ConvertOptionsActivity android.intent.action.SEND_MULTIPLE
roman10.media.converterv2.options.controllers.ConvertOptionsActivity android.intent.category.DEFAULT
roman10.media.converterv2.options.controllers.ConvertOptionsActivity android.intent.category.ALTERNATIVE
roman10.media.converterv2.options.controllers.ConvertOptionsActivity android.intent.category.SELECTED_ALTERNATIVE
roman10.media.converterv2.options.controllers.NewConvertOptionsActivity android.intent.action.SEND
roman10.media.converterv2.options.controllers.NewConvertOptionsActivity android.intent.action.SEND_MULTIPLE
roman10.media.converterv2.options.controllers.NewConvertOptionsActivity android.intent.category.DEFAULT
roman10.media.converterv2.options.controllers.NewConvertOptionsActivity android.intent.category.ALTERNATIVE
roman10.media.converterv2.options.controllers.NewConvertOptionsActivity android.intent.category.SELECTED_ALTERNATIVE
危险函数
VirSCANVirSCAN
函数名称 信息
android/app/NotificationManager;->notify 信息通知栏
ContentResolver;->query 读取联系人、短信等数据库
LocationManager;->getLastKnownLocation 获取地址位置
getRuntime 获取命令行环境
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
HttpClient;->execute 请求远程服务器
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
ContentResolver;->delete 删除短信、联系人
启动方式
VirSCANVirSCAN
名称 信息
roman10.media.converterv2.MediaMountMonitor
roman10.media.converterv2.MediaMountMonitor
com.google.android.gms.analytics.AnalyticsReceiver
com.google.android.gms.analytics.CampaignTrackingReceiver
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
com.android.vending.BILLING
服务列表
VirSCANVirSCAN
名称
roman10.media.converterv2.processing.VideoProcessingService
roman10.media.converterv2.processing.MediaScanService
com.google.android.gms.analytics.AnalyticsService
com.google.android.gms.analytics.CampaignTrackingService
Providers
VirSCANVirSCAN
名称 信息
roman10.media.converterv2.processing.VideoProcessingService
roman10.media.converterv2.processing.MediaScanService
com.google.android.gms.analytics.AnalyticsService
com.google.android.gms.analytics.CampaignTrackingService
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0x48749b0c
META-INF/CERT.SF 0xa0ac9e1a
META-INF/CERT.RSA 0x3000cd88
res/drawable-xxhdpi-v4/ic_stat_alerts_and_states_warning.png 0xc48af3c1
res/drawable-xhdpi-v4/actionbar_menu_play.png 0x504d7ab9
res/anim/design_snackbar_in.xml 0x89444de8
res/drawable-hdpi-v4/common_plus_signin_btn_icon_light_disabled.9.png 0x4d49b4d7
res/drawable-hdpi-v4/abc_list_longpressed_holo.9.png 0x81b12fde
res/drawable-mdpi-v4/common_google_signin_btn_icon_dark_normal.9.png 0x78551383
res/drawable-xhdpi-v4/common_plus_signin_btn_text_dark_normal.9.png 0xc4920467
res/drawable-xhdpi-v4/drawer_menu_browse.png 0xb73e120d
res/drawable-xxhdpi-v4/common_plus_signin_btn_text_dark_pressed.9.png 0xbb24da18
res/layout-v17/select_dialog_singlechoice_material.xml 0xb1a83086
res/layout/activity_media_details_third_card.xml 0xb4a1f904
res/anim-ldrtl/rvfs_fast_scroller_hide_slide_out.xml 0xf0e281a1
res/drawable-xxxhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0xa817850a
res/drawable-hdpi-v4/drawer_menu_processing.png 0xa5226e8a
res/drawable-hdpi-v4/ic_drawer_settings.png 0x870c6031
res/drawable-ldrtl-xxxhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0x6e8728ea
res/layout/appbarlayout_as_actionbar.xml 0xc31e33d2
res/drawable-tvdpi-v4/common_google_signin_btn_text_dark_normal.9.png 0x67ad13e5
res/drawable-mdpi-v4/common_google_signin_btn_text_dark_normal.9.png 0xe909711b
res/drawable-tvdpi-v4/common_plus_signin_btn_text_light_focused.9.png 0x4b1a0de
res/drawable/abc_list_selector_background_transition_holo_light.xml 0x775e7285
res/drawable-mdpi-v4/common_google_signin_btn_text_light_normal.9.png 0x78719499
res/drawable-tvdpi-v4/common_plus_signin_btn_icon_light_focused.9.png 0x36b0c27a
res/color/abc_primary_text_disable_only_material_dark.xml 0x8175712c
res/drawable-xxhdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0x9e0d73d
res/drawable-hdpi-v11/ic_stat_navigation_cancel.png 0x82264086
res/drawable-xhdpi-v4/common_google_signin_btn_text_light_focused.9.png 0xcf589f1d
res/mipmap-hdpi-v4/ic_launcher.png 0x3a30b2f0
res/layout/abc_alert_dialog_button_bar_material.xml 0x85f3efd0
res/drawable-ldrtl-mdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0xf9fb6fee
res/drawable-mdpi-v4/common_full_open_on_phone.png 0xcc72871a
res/drawable-tvdpi-v4/common_google_signin_btn_icon_dark_normal.9.png 0x244a9259
res/drawable-xxhdpi-v4/common_google_signin_btn_icon_light_normal.9.png 0xebcbe2de
res/drawable-mdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0x3a0eb435
res/drawable-hdpi-v4/fab_convert.png 0x6b99bd02
res/drawable-xxxhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x75c455c9
resources.arsc 0x75d453f4
res/drawable-xhdpi-v4/abc_list_selector_disabled_holo_light.9.png 0x1c2ff2be
res/drawable-mdpi-v4/video.png 0xd979c1b2
res/drawable-mdpi-v4/actionbar_menu_cancel.png 0x164542fc
res/menu/menu_history_context.xml 0x1b946073
res/drawable-mdpi-v4/abc_list_pressed_holo_dark.9.png 0x686b7a66
res/drawable-xhdpi-v4/common_google_signin_btn_text_dark_normal.9.png 0xbbdad92d
res/drawable-xxhdpi-v4/abc_list_pressed_holo_dark.9.png 0x823780d0
res/drawable/abc_list_selector_background_transition_holo_dark.xml 0xcf216b79
res/layout/media_details_cards.xml 0xbeb53ef1
res/drawable-xhdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xe6c8339c
res/drawable-hdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0xdad30f71
res/drawable-xhdpi-v4/ic_stat_alerts_and_states_warning.png 0x4345435c
res/layout/dialog_rename.xml 0xd9c8d1a8
res/drawable-xxhdpi-v4/common_google_signin_btn_text_light_pressed.9.png 0x785029ed
res/drawable-hdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0x6c11debe
res/drawable-mdpi-v4/actionbar_menu_move.png 0x8f6145ae
res/drawable/common_plus_signin_btn_text_dark.xml 0xd47c03e5
res/drawable-hdpi-v4/abc_btn_check_to_on_mtrl_015.png 0xd2d6badf
res/drawable/abc_cab_background_top_material.xml 0x789cac73
res/drawable-xhdpi-v4/common_google_signin_btn_icon_light_disabled.9.png 0x40dda853
res/drawable-xxxhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x832ed3dd
res/color/abc_primary_text_material_light.xml 0xeb77b4b7
res/drawable-tvdpi-v4/common_google_signin_btn_text_dark_focused.9.png 0x4fd71d4c
res/layout/abc_screen_simple_overlay_action_mode.xml 0x5248beb0
res/drawable-xxhdpi-v4/common_plus_signin_btn_text_light_pressed.9.png 0xccc82493
res/drawable-hdpi-v4/audio_thumbnail.png 0x3cf062fc
res/drawable-xhdpi-v4/common_google_signin_btn_icon_dark_focused.9.png 0x6d0ac0af
res/drawable-ldrtl-xxxhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0xf5c17862
res/drawable-xhdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0x87505834
res/layout-v17/notification_template_big_media_narrow.xml 0x2f35e09b
res/layout-v17/recycler_fast_scroller_layout_with_section_indicator.xml 0x965c3dc4
res/drawable-xxhdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0x7cd87445
res/drawable-ldrtl-xxxhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0xd09adb59
res/menu/menu_browse_grid.xml 0xca98f9e5
res/color/abc_primary_text_disable_only_material_light.xml 0x126a0e56
res/drawable-mdpi-v11/ic_stat_av_previous.png 0x66eef24c
res/drawable-xxhdpi-v4/ic_menu.png 0x782703c9
res/layout/menu_item.xml 0x84ca5bbe
res/drawable-xhdpi-v4/common_plus_signin_btn_icon_dark_normal.9.png 0xb8c7789
res/anim/abc_fade_in.xml 0x2f94166b
res/layout/activity_main.xml 0x4dcafa7b
res/drawable-xhdpi-v4/common_plus_signin_btn_text_light_normal.9.png 0x5f4b83de
res/drawable-ldrtl-hdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0x38ea5134
res/drawable-xhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xe5098066
res/drawable-mdpi-v4/common_google_signin_btn_icon_dark_disabled.9.png 0xe763f1c2
res/drawable-mdpi-v4/common_plus_signin_btn_icon_dark_pressed.9.png 0x3869a368
res/anim/abc_popup_exit.xml 0xe89a8280
res/drawable-hdpi-v4/common_plus_signin_btn_text_light_pressed.9.png 0xb43177db
res/drawable/blue_button_background.xml 0x3045597e
res/color/abc_search_url_text.xml 0x6bbe1590
res/drawable-mdpi-v4/common_plus_signin_btn_text_light_focused.9.png 0x4f0d8d82
res/drawable-tvdpi-v4/common_google_signin_btn_text_dark_disabled.9.png 0x74f203bd
res/drawable-xhdpi-v11/ic_stat_av_pause.png 0xdf37e37f
res/drawable-xhdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x4853c2d6
res/drawable-xhdpi-v4/common_plus_signin_btn_icon_light_focused.9.png 0xaedf1249
res/drawable-mdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0xd76b7b1e
res/drawable-xxxhdpi-v4/abc_ic_search_api_mtrl_alpha.png 0x840a40da
res/drawable-hdpi-v4/common_google_signin_btn_text_dark_normal.9.png 0x15a2415b
res/drawable-xxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0x9aaa658d
res/drawable-tvdpi-v4/common_google_signin_btn_icon_light_normal.9.png 0xc627a7c1
res/anim-ldrtl/rvfs_fast_scroller_show_slide_in.xml 0xb71395c2
res/drawable-ldrtl-xxxhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x175c7e0d
res/drawable-hdpi-v4/actionbar_menu_delete.png 0x5fc6b145
res/layout/premium_row_title.xml 0x2916dd18
res/drawable-hdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0x3df2f3
res/drawable-xxxhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0x23f1af9d
res/drawable-hdpi-v4/common_plus_signin_btn_text_light_focused.9.png 0x2554b74c
res/drawable-xhdpi-v4/common_google_signin_btn_text_light_normal.9.png 0xeb51462c
res/drawable-xxhdpi-v4/ic_stat_noti_small.png 0xbfd72ea4
res/drawable-xhdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x2c324db4
res/drawable/common_google_signin_btn_icon_light.xml 0x9cad9832
res/layout/design_navigation_item_subheader.xml 0x9cacb140
res/drawable-xxhdpi-v4/common_google_signin_btn_text_dark_normal.9.png 0x40cfed3b
res/layout/settings_activity.xml 0xfdefceb
res/drawable-ldrtl-hdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0xa0f62259
res/layout/design_layout_snackbar.xml 0x6774c869
res/drawable-xxhdpi-v11/ic_stat_av_previous.png 0xf0356ff
res/drawable-hdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0xee0f1fea
res/drawable-ldrtl-mdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0xf82ff236
res/drawable-tvdpi-v4/common_google_signin_btn_text_light_focused.9.png 0x81ccda66
res/drawable-xhdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0xbc17f4b0
res/layout/new_convert_options_activity.xml 0x671d119f
res/drawable-hdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0x4afe65be
res/drawable-xxhdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x7a5bf15e
res/drawable-xxhdpi-v4/common_google_signin_btn_text_dark_pressed.9.png 0x625aa2fa
res/drawable-hdpi-v4/common_plus_signin_btn_icon_light_focused.9.png 0xaabe4d17
res/drawable-mdpi-v4/common_google_signin_btn_icon_dark_focused.9.png 0xd2b29ad9
res/drawable/rotate.xml 0x906b2477
res/layout/abc_dialog_title_material.xml 0x666a663d
res/layout/notification_template_part_time.xml 0x659949f5
res/drawable-hdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0x6b6f6e10
res/drawable-xxhdpi-v4/common_google_signin_btn_text_light_disabled.9.png 0xba5947d5
res/drawable-xxhdpi-v4/ic_stat_action_about.png 0xedc73c12
res/layout/dialog_new_folder.xml 0x328623ea
res/drawable-mdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0x5ceac6c5
res/drawable-mdpi-v4/common_plus_signin_btn_text_dark_focused.9.png 0x8772e064
res/layout/rvfs_section_indicator_with_title.xml 0x66e564ea
fabric/io.fabric.sdk.android.fabric.properties 0x38c6be3a
res/drawable-xhdpi-v4/actionbar_menu_convert.png 0x97ac26dd
res/drawable-xhdpi-v11/ic_stat_av_stop.png 0xb8de64c
res/drawable-xhdpi-v4/ic_stat_noti_small.png 0xdca38c0e
res/drawable-xxxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0xdbb5b067
res/layout/convert_options_card_audio.xml 0xa1d8bc3a
res/drawable-xxhdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0xc57037f7
res/layout/convert_options_card_description.xml 0xc00e6f79
res/anim/abc_popup_enter.xml 0x3151431
res/drawable-xxhdpi-v4/common_google_signin_btn_icon_light_pressed.9.png 0xd900cc4b
res/drawable-hdpi-v4/abc_list_focused_holo.9.png 0x8e4da209
res/drawable-hdpi-v4/common_plus_signin_btn_text_dark_pressed.9.png 0xc80faaa4
res/drawable-xxhdpi-v4/ic_remove.png 0xb6e63f5f
res/color/tab_text_color.xml 0x913c5540
res/mipmap-xhdpi-v4/ic_launcher.png 0xb83fbbe0
res/drawable-hdpi-v4/common_google_signin_btn_icon_light_disabled.9.png 0xcd687a88
res/drawable-xxhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0xe3ff53b2
res/layout-v21/activity_media_details_third_card.xml 0xe9cf4bfa
res/layout-v21/activity_media_details_second_card.xml 0xe1fb2c5f
res/drawable/common_google_signin_btn_icon_dark.xml 0x58875207
res/drawable-xhdpi-v4/common_plus_signin_btn_text_dark_disabled.9.png 0x763012b3
res/layout/design_navigation_item_header.xml 0x97716b3a
res/drawable-xhdpi-v4/common_google_signin_btn_text_light_pressed.9.png 0x502895f
res/menu/menu_processing.xml 0x5b890291
res/drawable-xxhdpi-v4/common_plus_signin_btn_icon_light_pressed.9.png 0xb28f16d7
res/drawable-xhdpi-v4/common_plus_signin_btn_icon_light_disabled.9.png 0x388fbead
res/layout-v17/abc_alert_dialog_material.xml 0xde0d1c6b
res/drawable-tvdpi-v4/common_plus_signin_btn_icon_light_pressed.9.png 0x72e9c593
res/drawable-xxhdpi-v4/common_plus_signin_btn_icon_light_focused.9.png 0xe36454e5
res/drawable-ldrtl-xxhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0x49b8e510
res/drawable-hdpi-v4/common_plus_signin_btn_text_dark_focused.9.png 0xa233eb60
res/color/abc_background_cache_hint_selector_material_dark.xml 0x54bb66cf
res/layout-v17/abc_dialog_title_material.xml 0x5dc233b8
res/menu/menu_video_context.xml 0xf5329430
res/drawable-tvdpi-v4/common_google_signin_btn_icon_dark_pressed.9.png 0x8b11792c
res/drawable-xxhdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xa8af72f3
res/layout/abc_search_view.xml 0xf0c21963
res/layout/folder_list_item.xml 0x5c62ea2f
res/menu/menu_history.xml 0x65cb50a0
fabric/com.crashlytics.sdk.android.answers.properties 0x8b653005
res/menu/menu_media_details.xml 0x4852cfa9
res/drawable-xhdpi-v4/common_plus_signin_btn_text_light_focused.9.png 0x6c49629e
res/drawable-xxhdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0x75e2a0e0
res/drawable-xxhdpi-v4/common_google_signin_btn_text_dark_focused.9.png 0xd1093906
res/drawable/abc_ratingbar_full_material.xml 0xf00f836e
res/drawable-hdpi-v4/common_plus_signin_btn_icon_light_pressed.9.png 0x59c5dd27
fabric/com.crashlytics.sdk.android.beta.properties 0xcfeb2c3d
res/drawable-mdpi-v4/common_google_signin_btn_text_dark_disabled.9.png 0x8c6d7ef6
res/drawable-xhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x9dd9218
res/drawable-xhdpi-v4/fab_play.png 0x11d9cd08
res/drawable-xhdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0xf70ddcc0
res/drawable-ldrtl-xxhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0x66c3b386
res/drawable-mdpi-v4/fab_convert.png 0x4e46bfa0
res/drawable-xxxhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0x4f6e087d
lib/x86/libthumb.so 0x282787cd
res/drawable-ldrtl-mdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x8397446e
res/drawable-xxhdpi-v4/abc_list_focused_holo.9.png 0x19c09c27
res/drawable-xhdpi-v11/ic_stat_av_play.png 0xabb3782f
res/drawable-xhdpi-v4/actionbar_menu_delete.png 0x3a757c09
res/drawable-xxhdpi-v4/common_plus_signin_btn_text_dark_normal.9.png 0xe0e75e61
res/drawable-hdpi-v4/common_google_signin_btn_icon_dark_focused.9.png 0xbc74ff2c
res/drawable-mdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xaa4c4259
res/raw/gtm_analytics 0xe923cb20
res/layout-v17/notification_template_part_time.xml 0xdf45e651
res/drawable-hdpi-v4/actionbar_menu_sort.png 0x581c7c6
res/layout/tab_indicator.xml 0x8eb6c351
lib/x86/libavformat-56.so 0x50ef10d7
res/color/common_google_signin_btn_text_dark.xml 0x405df7a7
res/drawable-xxhdpi-v4/abc_btn_check_to_on_mtrl_015.png 0x47977e9
res/layout/design_menu_item_action_area.xml 0x290eb1a5
res/anim-v21/raise.xml 0x4158c4a9
res/drawable-hdpi-v4/common_google_signin_btn_icon_dark_disabled.9.png 0x453b59b8
res/drawable-xhdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0x4cfa2def
res/drawable-xxhdpi-v4/common_plus_signin_btn_icon_dark_normal.9.png 0xb389c7e
res/layout/editor_item.xml 0xf9f1fe8a
res/drawable-mdpi-v4/drawer_menu_processing.png 0x80a1e076
res/layout/activity_media_conversion_first_card.xml 0xa7b8e90e
res/drawable-mdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0xd393324b
res/drawable-tvdpi-v4/common_plus_signin_btn_icon_light_normal.9.png 0x1591a096
res/layout-v17/notification_template_part_chronometer.xml 0xd6b2437e
res/drawable-hdpi-v4/actionbar_menu_move.png 0x50caa647
res/drawable-xxxhdpi-v4/abc_switch_track_mtrl_alpha.9.png 0x1a7d6c07
res/drawable-xhdpi-v4/common_google_signin_btn_icon_dark_pressed.9.png 0xd4803fe9
res/drawable-xxhdpi-v4/audio_thumbnail.png 0xf2b44411
res/layout/design_layout_snackbar_include.xml 0xc5d920d4
res/drawable-hdpi-v4/common_google_signin_btn_icon_light_normal.9.png 0x53f97810
res/drawable-ldrtl-hdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0x69137c0d
res/drawable-xhdpi-v4/ic_menu.png 0xe28317fc
res/drawable-hdpi-v4/common_google_signin_btn_text_light_pressed.9.png 0x520d2654
res/drawable-mdpi-v4/abc_popup_background_mtrl_mult.9.png 0x3bdea6d1
res/layout/abc_popup_menu_item_layout.xml 0x2e5fcfce
res/drawable-xhdpi-v4/common_plus_signin_btn_icon_light_pressed.9.png 0x6cfb5445
res/drawable-xxhdpi-v4/abc_ic_search_api_mtrl_alpha.png 0xff79dc95
res/drawable-mdpi-v4/common_plus_signin_btn_text_dark_disabled.9.png 0xf7959291
res/layout/abc_expanded_menu_layout.xml 0xc28fdd76
res/layout/folder_row.xml 0xe96e46cf
res/drawable-xhdpi-v4/common_plus_signin_btn_text_light_pressed.9.png 0xd1c29179
res/drawable-xhdpi-v4/fab_convert.png 0x60b0dd25
res/drawable/common_plus_signin_btn_icon_light.xml 0x6ce5f9fb
res/drawable-xhdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0x361544c6
res/drawable-mdpi-v4/drawer_menu_rating.png 0x199a1c63
res/drawable-hdpi-v4/drawer_menu_feedback.png 0x30336867
res/drawable-tvdpi-v4/common_plus_signin_btn_icon_dark_focused.9.png 0xadefd749
res/drawable-xhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0xfbc5d182
res/layout/abc_screen_toolbar.xml 0xa83daa16
res/drawable-xhdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0x3d7b9fee
res/drawable-xxhdpi-v4/common_google_signin_btn_icon_light_focused.9.png 0x411c9f53
res/drawable/abc_btn_borderless_material.xml 0xf341af1c
res/layout/abc_alert_dialog_material.xml 0x5a4dd25e
res/color-v23/abc_color_highlight_material.xml 0x79450c1b
res/drawable-xxhdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0x7758fe71
res/drawable-mdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x3040db64
res/drawable-mdpi-v4/drawer_menu_feedback.png 0x6d8fb5d6
res/drawable-xxhdpi-v4/common_google_signin_btn_text_light_focused.9.png 0x27c6e82b
res/drawable-xxhdpi-v4/common_plus_signin_btn_icon_light_normal.9.png 0x66614d8f
res/drawable-hdpi-v4/ic_drawer_share.png 0xe2aad2b8
res/drawable-xhdpi-v4/common_google_signin_btn_icon_light_pressed.9.png 0xf5c74697
res/drawable-hdpi-v4/ic_dialog_time.png 0xc351b5ff
res/drawable-xxhdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0xd6692ce7
res/drawable/abc_tab_indicator_material.xml 0xd97c71ad
res/layout-land-v21/activity_media_details_first_card.xml 0xefca8807
res/xml/preferences.xml 0xb41bb5ce
res/drawable-mdpi-v4/actionbar_menu_refresh.png 0xcc8b64f4
res/layout-land/activity_media_details_first_card.xml 0x5cd55117
res/drawable-xxxhdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xed039207
res/drawable-xhdpi-v4/common_google_signin_btn_text_dark_pressed.9.png 0xb98a397d
res/drawable-xxhdpi-v11/ic_stat_navigation_cancel.png 0x3807854e
res/drawable-xhdpi-v4/common_plus_signin_btn_text_dark_pressed.9.png 0x6b93ec5d
res/layout/fragment_activity.xml 0xdadb68ee
res/drawable-mdpi-v4/ic_stat_noti_small.png 0x993e054b
res/drawable-xhdpi-v4/common_plus_signin_btn_icon_dark_focused.9.png 0xba3cf6cd
res/drawable-xhdpi-v4/common_google_signin_btn_text_light_disabled.9.png 0x28b7769d
res/drawable-mdpi-v4/common_plus_signin_btn_text_dark_normal.9.png 0xb622aaf9
res/drawable-xhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x77030319
res/drawable-tvdpi-v4/common_plus_signin_btn_text_light_pressed.9.png 0xda28e55f
res/drawable-xhdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0x7a6dbe65
res/drawable-xxhdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0xbf3a37c9
res/drawable-xxhdpi-v4/abc_list_selector_disabled_holo_light.9.png 0x1ff1856f
res/layout/fragment_container.xml 0xc83da358
res/mipmap-mdpi-v4/ic_launcher.png 0x2df4d333
res/drawable-mdpi-v11/ic_stat_navigation_cancel.png 0xbc3e0b8b
res/layout-v17/select_dialog_multichoice_material.xml 0x629dbe5
res/drawable-xhdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0xeaa0434b
res/drawable-xxhdpi-v4/common_plus_signin_btn_text_light_focused.9.png 0xe0f51a0f
res/layout-v17/design_layout_snackbar_include.xml 0x8bf204a3
res/drawable-xhdpi-v4/common_google_signin_btn_text_dark_disabled.9.png 0x7ea73061
res/layout/abc_activity_chooser_view_list_item.xml 0xa793508f
res/drawable-xxhdpi-v4/common_plus_signin_btn_icon_light_disabled.9.png 0x7293e50f
res/drawable-mdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0xb6857dd0
res/drawable-xhdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0xfc9fbf83
res/drawable-xxhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0x4e68b13d
res/layout/abc_action_bar_title_item.xml 0x8775a781
res/drawable/abc_btn_check_material.xml 0xe2f70d0a
res/layout-land/activity_media_details.xml 0x39d4b1fa
res/drawable-ldrtl-mdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x60ba44b
res/drawable-mdpi-v4/ic_stat_action_about.png 0xba9750ed
res/drawable-xhdpi-v4/actionbar_menu_selectall.png 0x54034098
res/drawable-xxxhdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x590aeae3
res/anim/abc_slide_out_bottom.xml 0x51b9c50a
res/drawable-hdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x7c484f23
res/drawable-hdpi-v4/common_google_signin_btn_text_dark_focused.9.png 0x8a4d14ff
res/layout/file_save.xml 0xf3312f24
res/drawable-v21/blue_button_background.xml 0xdc243de2
res/layout-v17/notification_template_lines.xml 0xa16c8486
res/xml/searchable.xml 0x44b6d938
res/drawable/abc_btn_radio_material.xml 0x2960f785
res/drawable-v21/circle_item_selectable.xml 0x8949cfcc
res/drawable-xhdpi-v4/abc_ic_search_api_mtrl_alpha.png 0x3379be17
res/drawable-xxxhdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0x2fc5a011
res/layout/notification_template_big_media.xml 0x71a74178
res/drawable-hdpi-v4/ic_remove.png 0x3bcb8768
res/drawable-ldrtl-xhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x9f9971be
res/drawable-ldrtl-xxhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0xa1a99a93
res/drawable-xxhdpi-v4/abc_list_longpressed_holo.9.png 0x236b6e98
res/drawable-hdpi-v4/common_google_signin_btn_icon_dark_normal.9.png 0x2b6f9709
res/layout/fragment_main.xml 0x99174515
res/drawable-hdpi-v4/abc_list_selector_disabled_holo_light.9.png 0x43f655e6
res/drawable-mdpi-v4/abc_ic_search_api_mtrl_alpha.png 0x22e2cf0d
res/drawable/abc_cab_background_internal_bg.xml 0x9c5b1555
res/drawable/abc_item_background_holo_light.xml 0x2aa4c363
res/drawable-tvdpi-v4/common_google_signin_btn_icon_light_pressed.9.png 0x99ce586e
res/drawable-xhdpi-v4/common_plus_signin_btn_text_light_disabled.9.png 0xdee09baa
res/drawable-xxxhdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0xaeb4ae57
res/drawable-hdpi-v4/common_google_signin_btn_text_light_normal.9.png 0x57fd2299
res/drawable-xxhdpi-v4/common_plus_signin_btn_icon_dark_focused.9.png 0xe82f7fc4
res/layout/recycler_fast_scroller_layout_with_section_indicator.xml 0x8546ea7c
res/drawable-mdpi-v4/actionbar_menu_delete.png 0xfbd91696
res/drawable-mdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x4f16ccfc
res/drawable-mdpi-v4/fab_play.png 0xaa93eafc
res/drawable/abc_seekbar_track_material.xml 0xeee509ed
res/drawable-hdpi-v4/drawer_menu_history.png 0xa4bc2c4d
res/drawable-xxhdpi-v4/actionbar_menu_play.png 0xfa0d52
res/drawable-hdpi-v4/common_plus_signin_btn_icon_dark_pressed.9.png 0xec23cdce
res/drawable-hdpi-v4/ic_stat_alerts_and_states_warning.png 0x8ddc2c98
res/drawable-hdpi-v4/abc_switch_track_mtrl_alpha.9.png 0x18025bff
res/drawable-tvdpi-v4/common_plus_signin_btn_text_dark_pressed.9.png 0x6aa5e317
res/drawable-xhdpi-v4/ic_file_folder.png 0xc7a7ad0c
res/drawable-xxhdpi-v11/ic_stat_av_pause.png 0x7f808683
res/drawable-xhdpi-v4/drawer_menu_video_1.png 0xc219e6dc
res/layout/select_dialog_item_material.xml 0x7a134465
res/drawable-xhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x111fd836
res/drawable-xxhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xad1b7767
res/drawable-xxhdpi-v4/ic_drawer_share.png 0x59a6890d
res/drawable-mdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0xfb4249d4
res/drawable-xhdpi-v4/abc_list_longpressed_holo.9.png 0x84a788a6
res/drawable-xxhdpi-v4/fab_play.png 0xd5045264
res/menu/menu_folder_list.xml 0xcb41e4b5
res/layout-v17/notification_template_media.xml 0x7425f310
res/drawable-xxhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0x6472756a
res/drawable-mdpi-v4/common_plus_signin_btn_icon_dark_normal.9.png 0x7e1172eb
res/drawable-mdpi-v4/drawer_menu_video_1.png 0x4c949b45
res/drawable/abc_text_cursor_material.xml 0x9fd1fc63
res/drawable-mdpi-v4/common_plus_signin_btn_icon_light_pressed.9.png 0x545e879b
res/drawable-mdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0xd1bd1f42
res/layout/design_navigation_menu.xml 0x15a8ef39
res/drawable-xhdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0x1ade56e
res/layout/abc_list_menu_item_layout.xml 0x2bdb36d4
res/color/abc_secondary_text_material_light.xml 0xa8aa5ae1
res/drawable-hdpi-v4/actionbar_menu_check.png 0xe67983b1
res/color/switch_thumb_material_light.xml 0x646bd89c
res/drawable-hdpi-v4/abc_list_pressed_holo_light.9.png 0x7c69f413
res/drawable-mdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0xf4030717
res/drawable/abc_btn_colored_material.xml 0x1522b03
res/anim/abc_slide_out_top.xml 0x4f613364
res/layout/abc_list_menu_item_radio.xml 0xfd368668
lib/x86/libavutil-54.so 0xbcf5d8e2
res/layout/abc_screen_simple.xml 0x4bd5a6c6
res/drawable-mdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0xa852580c
res/drawable-mdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0xb58b040f
res/drawable-hdpi-v4/ic_action_maps_local_grocery_store.png 0xabb37a34
res/drawable-xhdpi-v4/common_google_signin_btn_icon_dark_normal.9.png 0x7a800559
res/drawable-xhdpi-v4/drawer_menu_rating.png 0x9d6d07
res/drawable-hdpi-v4/abc_ic_search_api_mtrl_alpha.png 0x44f0064c
res/drawable/circle_grey.xml 0x66f8a700
lib/x86/libswscale-3.so 0xb03f6e9e
res/drawable/abc_switch_thumb_material.xml 0x88e00ae
res/drawable-hdpi-v4/actionbar_menu_play.png 0x2b98df8
res/layout/abc_action_menu_layout.xml 0x580ff56b
res/drawable-hdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0x7ade9874
res/layout/abc_list_menu_item_icon.xml 0x82ba6b0c
res/drawable-mdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0xf5473b80
res/drawable-xhdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x72ff0f68
res/drawable-xhdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xbeb523af
res/layout-land/activity_media_conversion_first_card.xml 0x33521217
res/drawable-mdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0x19a0052e
res/drawable-xxhdpi-v4/ic_action_action_search.png 0xe98b94bb
res/drawable/circle_red.xml 0x1812f328
res/drawable-mdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xb2b1b258
res/drawable-xxhdpi-v4/common_google_signin_btn_icon_dark_focused.9.png 0xf52fe775
res/layout/design_layout_tab_text.xml 0xb64e76d9
res/drawable-hdpi-v4/common_google_signin_btn_text_light_focused.9.png 0x35e6ea35
res/drawable-hdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x84e76f0
res/drawable-hdpi-v4/ic_menu.png 0xb624f6a1
res/drawable-xxhdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x2d5a2100
res/drawable-hdpi-v11/ic_stat_av_pause.png 0x71c557e8
res/drawable-xxhdpi-v4/ic_drawer_settings.png 0x6b3b0e74
res/drawable-hdpi-v4/common_google_signin_btn_icon_dark_pressed.9.png 0xb2156fc9
res/drawable-xxhdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0x5902ed5c
res/drawable-xhdpi-v4/abc_switch_track_mtrl_alpha.9.png 0x4ebe0617
res/drawable-xxxhdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0x74529d2e
res/layout/abc_action_bar_view_list_nav_layout.xml 0x9d5f762b
res/layout-v21/activity_media_conversion_first_card.xml 0xa7847c71
res/drawable-hdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0x7ebcc8c0
res/anim/abc_slide_in_bottom.xml 0x73663fbe
res/drawable-mdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0xf8dbf6f6
res/layout/notification_template_part_chronometer.xml 0x2a3fc6d5
res/drawable-mdpi-v4/drawer_menu_browse.png 0x593c0644
res/drawable-xhdpi-v4/abc_list_pressed_holo_light.9.png 0x5314692b
res/layout/nav_header.xml 0xacd62dd3
res/drawable-mdpi-v11/ic_stat_av_pause.png 0xf82f2b0d
res/layout/design_navigation_menu_item.xml 0x325f851b
res/layout/abc_action_menu_item_layout.xml 0x884b13a5
res/drawable-tvdpi-v4/common_google_signin_btn_text_light_normal.9.png 0x4623ac4e
res/drawable-xhdpi-v4/abc_list_pressed_holo_dark.9.png 0x98f7c81a
res/drawable-xxhdpi-v4/ic_file_folder.png 0x15d82f60
res/drawable-xxxhdpi-v4/abc_ic_clear_mtrl_alpha.png 0x2db5bf28
res/drawable-xhdpi-v4/common_google_signin_btn_icon_light_normal.9.png 0x72785183
res/drawable-mdpi-v4/actionbar_menu_check.png 0xf41e6bc8
res/drawable-xxhdpi-v4/common_plus_signin_btn_text_light_disabled.9.png 0xb01e7480
AndroidManifest.xml 0xcb04ed4
res/drawable-hdpi-v4/ic_action_action_search.png 0x2c49cac8
res/drawable-mdpi-v4/actionbar_menu_sort.png 0xb2517c2
res/drawable-hdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0x64228504
res/drawable-mdpi-v4/common_google_signin_btn_text_dark_focused.9.png 0x9acb8a73
res/drawable-hdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0x11706987
res/layout/premium_row_benefit.xml 0x544adaee
res/drawable-hdpi-v4/actionbar_menu_refresh.png 0x1d97bbe0
res/drawable-mdpi-v4/common_google_signin_btn_text_light_pressed.9.png 0xf462ef78
res/drawable-xhdpi-v4/common_plus_signin_btn_text_dark_focused.9.png 0x8b765baa
res/layout/abc_search_dropdown_item_icons_2line.xml 0xdfb094c1
res/layout-v17/abc_search_view.xml 0x9d7f35ab
lib/x86/libswresample-1.so 0xf2b5df91
res/drawable-mdpi-v4/common_google_signin_btn_icon_light_disabled.9.png 0x5888ac58
res/color-v11/abc_background_cache_hint_selector_material_dark.xml 0x586c2bc3
res/drawable-xhdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0xaef57259
res/drawable-xhdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0x6cd6529b
res/drawable-xhdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0x41748705
res/anim/rvfs_fast_scroller_hide_slide_out.xml 0x685978f7
res/drawable-xhdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x20eeed76
res/drawable-xxhdpi-v11/ic_stat_av_stop.png 0xec4ef856
res/drawable-xhdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0xcf127e45
res/layout/fragment_browse.xml 0xfa875d71
res/drawable-ldrtl-xxhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x1d1b8dee
res/drawable-xhdpi-v4/actionbar_menu_new_folder.png 0x592a0135
res/drawable-mdpi-v4/ic_action_maps_local_grocery_store.png 0xda035b8
res/menu/menu_library.xml 0xca98f9e5
res/drawable-hdpi-v4/common_google_signin_btn_icon_light_focused.9.png 0x9233fc
res/drawable-tvdpi-v4/common_full_open_on_phone.png 0xfdf4f67
res/drawable-mdpi-v4/common_plus_signin_btn_text_dark_pressed.9.png 0xeae87ded
res/drawable/abc_seekbar_thumb_material.xml 0x498aa30c
res/anim/abc_fade_out.xml 0x396f7a13
res/drawable/roundrect.xml 0xd273e998
res/color/abc_background_cache_hint_selector_material_light.xml 0x1d0db3cc
res/drawable-xhdpi-v4/actionbar_menu_share.png 0x3cde0816
res/drawable-xhdpi-v4/common_google_signin_btn_text_dark_focused.9.png 0x8bc0a607
res/drawable-xxhdpi-v4/common_google_signin_btn_icon_dark_disabled.9.png 0x53d7e177
res/drawable-mdpi-v4/ic_stat_alerts_and_states_warning.png 0x90859020
res/drawable-xxxhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x8151ea77
res/drawable-xhdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0xbf40ca92
res/drawable-xxhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x452007fb
res/layout/convert_options_card_video.xml 0xb6323c56
res/drawable-xxhdpi-v4/common_plus_signin_btn_icon_dark_pressed.9.png 0xc575d26
res/drawable-hdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0x1dd39959
fabric/com.crashlytics.sdk.android.crashlytics.properties 0x188c59dc
res/drawable-xhdpi-v4/video.png 0x1c4415be
res/drawable-xxxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xd1165fc
res/layout-sw600dp-v13/design_layout_snackbar.xml 0x2be98246
res/drawable-hdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0x7b8d7a2b
res/drawable-xxxhdpi-v4/abc_btn_check_to_on_mtrl_000.png 0x23bc6175
res/layout-v21/abc_screen_toolbar.xml 0x44577f25
res/drawable-hdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0x65b9786e
res/drawable-mdpi-v4/actionbar_menu_convert.png 0xf11765be
res/drawable-xxhdpi-v4/ic_action_maps_local_grocery_store.png 0xde282833
res/drawable-hdpi-v4/ic_stat_action_about.png 0x754802e2
res/drawable-hdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xff76aca0
res/drawable-mdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0x73eae450
res/drawable-hdpi-v4/common_plus_signin_btn_icon_dark_disabled.9.png 0xb5768385
res/drawable-hdpi-v4/ic_stat_noti_small.png 0x79ce5f6f
res/drawable-mdpi-v4/common_google_signin_btn_icon_light_normal.9.png 0x919ef744
res/drawable/abc_list_selector_holo_light.xml 0x8e4acec4
res/drawable-mdpi-v11/ic_stat_av_stop.png 0x4d706866
lib/x86/libavfilter-5.so 0xf205a3bb
res/drawable-mdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x1d65dce6
res/drawable-mdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x1bcdcb4b
res/drawable-mdpi-v4/common_plus_signin_btn_text_light_normal.9.png 0xcd69df39
res/anim/design_snackbar_out.xml 0x501bbe4c
res/drawable-xxhdpi-v4/common_google_signin_btn_text_light_normal.9.png 0x3e0ae9ff
res/layout-land-v21/activity_media_conversion_first_card.xml 0x795f39a6
res/drawable-hdpi-v4/common_plus_signin_btn_text_dark_disabled.9.png 0xa3d231a8
res/drawable/circle_item_selectable.xml 0x4784d78f
res/drawable-xhdpi-v4/ic_action_action_search.png 0xfeb1c2f3
res/drawable-tvdpi-v4/common_google_signin_btn_icon_dark_focused.9.png 0x51f170e5
res/drawable-hdpi-v4/abc_popup_background_mtrl_mult.9.png 0x84fecf87
res/drawable-xhdpi-v4/abc_list_focused_holo.9.png 0xbde23956
res/menu/menu_conversion_details.xml 0xf5f608aa
lib/x86/libmetadata.so 0xd471a42d
res/color/common_plus_signin_btn_text_dark.xml 0xd013ee2b
res/drawable-hdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0xafd79c5c
res/drawable-xxhdpi-v4/abc_switch_track_mtrl_alpha.9.png 0xf785991a
res/drawable-xxhdpi-v4/common_plus_signin_btn_icon_dark_disabled.9.png 0xe289dc58
res/drawable-hdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x92a0a882
res/drawable-mdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0xae8da781
res/drawable-v21/abc_action_bar_item_background_material.xml 0xb794af16
res/drawable-mdpi-v4/ic_menu.png 0x37233331
res/drawable-hdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0x6def6654
res/drawable-hdpi-v4/actionbar_menu_cancel.png 0x6162aa39
res/drawable-xhdpi-v4/abc_ic_clear_mtrl_alpha.png 0x6e0b8962
res/drawable-xxhdpi-v4/common_plus_signin_btn_text_dark_disabled.9.png 0x4664aef1
res/drawable-xhdpi-v4/actionbar_menu_sort.png 0x5e63c421
res/drawable-xhdpi-v4/common_plus_signin_btn_icon_dark_pressed.9.png 0x2c2ad16a
res/drawable-xxhdpi-v4/abc_ic_clear_mtrl_alpha.png 0x1caf9b51
res/drawable/abc_dialog_material_background_dark.xml 0x9b1ea07b
res/drawable-xhdpi-v4/common_plus_signin_btn_icon_light_normal.9.png 0xc8e8ee19
res/layout/rvfs_default_vertical_bar_handle_container.xml 0x17c70b2f
res/anim/abc_shrink_fade_out_from_bottom.xml 0x31e02829
res/drawable-hdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0x7d129846
res/drawable-xxhdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0x4467ff45
res/drawable/abc_dialog_material_background_light.xml 0x12accf83
res/layout-v17/abc_alert_dialog_button_bar_material.xml 0xaaa00c54
res/drawable-hdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0xb2779f5c
res/layout/select_dialog_multichoice_material.xml 0x8f408a49
res/drawable-mdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0x9394b434
res/drawable-xxhdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0xadb065b2
res/drawable-mdpi-v4/common_google_signin_btn_icon_light_pressed.9.png 0x91e6717f
res/drawable-xhdpi-v4/abc_popup_background_mtrl_mult.9.png 0x79067b02
res/layout/abc_action_mode_bar.xml 0xe4d42efe
res/anim/design_fab_in.xml 0x4cc1d922
res/layout/notification_media_action.xml 0x18ae5098
res/drawable-xhdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0x364441a6
res/drawable-xhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0x3e9a5317
res/drawable-xxhdpi-v4/abc_list_pressed_holo_light.9.png 0x813ae23c
res/drawable/abc_item_background_holo_dark.xml 0xc71084dc
res/drawable-hdpi-v4/ic_file_folder.png 0xf63020fe
res/drawable-mdpi-v4/actionbar_menu_selectall.png 0x60193c46
res/drawable-xxhdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0x77c42d34
res/drawable-mdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0x478cf27b
res/drawable-tvdpi-v4/common_plus_signin_btn_icon_dark_normal.9.png 0x4a100209
res/layout/video_grid_with_ads_recyclerview.xml 0x3fde0042
lib/x86/libchocolate.so 0xcdd55023
res/drawable/rvfs_fast_scroller_handle.xml 0xc463aee1
res/drawable-tvdpi-v4/common_plus_signin_btn_icon_dark_pressed.9.png 0xf7bc8c0e
res/drawable-hdpi-v11/ic_stat_av_previous.png 0x4eec5c4e
res/drawable-hdpi-v4/video.png 0x97680f95
res/drawable-xxhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x6a35729
res/layout/abc_list_menu_item_checkbox.xml 0x9ee4aa03
res/drawable-mdpi-v11/ic_stat_av_play.png 0x362c32dc
res/anim/rvfs_fast_scroller_show_slide_in.xml 0xb1068b53
res/color/abc_secondary_text_material_dark.xml 0x3bb5259b
res/drawable-tvdpi-v4/common_google_signin_btn_text_light_pressed.9.png 0x2c7ebaac
res/drawable-xxxhdpi-v4/abc_btn_check_to_on_mtrl_015.png 0x2ea066c3
res/drawable-xhdpi-v11/ic_stat_av_previous.png 0x52d2fc3f
res/drawable-xxhdpi-v4/common_google_signin_btn_text_dark_disabled.9.png 0x52571e1e
res/color/common_google_signin_btn_text_light.xml 0xea2b679b
res/drawable/common_plus_signin_btn_text_light.xml 0xfb34e51f
res/drawable-xhdpi-v4/drawer_menu_processing.png 0xc9065f12
res/drawable/rvfs_section_indicator_background_default_rounded.xml 0x364a3901
res/drawable-hdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x40073691
res/drawable-mdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0x9adee595
res/drawable-xxhdpi-v4/abc_popup_background_mtrl_mult.9.png 0x478db1d1
res/drawable-mdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x72ff0f68
res/drawable-v12/rvfs_section_indicator_background_default_rounded.xml 0xb579b573
res/layout/numeric_picker.xml 0x6a5d476c
res/mipmap-xxxhdpi-v4/ic_launcher.png 0xbfab274e
res/drawable-mdpi-v4/common_google_signin_btn_icon_dark_pressed.9.png 0x358c9a4b
res/layout/media_grid_fragment_recyclerview.xml 0x257e7f2d
res/layout/notification_template_media.xml 0xae5b1c62
res/drawable-tvdpi-v4/common_plus_signin_btn_text_dark_disabled.9.png 0x7f1f48f8
res/drawable-mdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0x551f7c98
res/layout/activity_media_details_first_card.xml 0x514285a2
res/drawable-hdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0xe58316f4
res/drawable-hdpi-v4/common_plus_signin_btn_text_light_normal.9.png 0x90fa441a
res/color/common_plus_signin_btn_text_light.xml 0x8511129a
res/drawable-hdpi-v4/abc_ic_clear_mtrl_alpha.png 0xe83d87a7
res/layout/notification_template_lines.xml 0xe3fbefb5
res/menu/menu_convert_options.xml 0x4c3a6268
res/layout/support_simple_spinner_dropdown_item.xml 0xf6bb7021
res/drawable-xxxhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0xbf1479e6
res/layout-v21/activity_media_details_first_card.xml 0xcae12fd9
res/layout/convert_options_card_basic.xml 0x45b86ea0
res/drawable-hdpi-v4/drawer_menu_video_1.png 0x2e3f562d
res/drawable-xxhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0xa21608e2
res/drawable-xxhdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0xdddaae2e
res/drawable-hdpi-v4/common_google_signin_btn_text_dark_disabled.9.png 0x412d513a
res/layout/abc_select_dialog_material.xml 0xce162290
res/anim/abc_slide_in_top.xml 0x41f8f3af
res/drawable-hdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x72ff0f68
res/drawable-hdpi-v4/abc_list_pressed_holo_dark.9.png 0x62993bc8
res/layout-v17/folder_row.xml 0x76743b5a
res/layout/dialog_profile_name.xml 0x41174c0
res/drawable-xhdpi-v4/ic_stat_action_about.png 0x248c5cef
res/drawable-xhdpi-v4/ic_remove.png 0x824d3bdc
res/drawable-xxhdpi-v4/common_google_signin_btn_icon_dark_pressed.9.png 0x532b4c02
res/drawable-mdpi-v4/ic_remove.png 0xc51b750e
res/drawable-hdpi-v4/fab_play.png 0x875bd07d
res/layout/media_grid_item_recyclerview.xml 0xbe510c8
res/layout/premium_row_message.xml 0xb2ad6794
res/drawable-xhdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0x64c03d59
res/drawable-xhdpi-v4/actionbar_menu_cancel.png 0x1c3daea4
res/color/abc_primary_text_material_dark.xml 0x7868cbcd
res/drawable-xxhdpi-v4/common_plus_signin_btn_text_dark_focused.9.png 0xde0e66fb
res/drawable-xxhdpi-v4/ic_stat_navigation_accept.png 0x301f49a6
res/layout/activity_media_details_second_card.xml 0xb3c92268
res/drawable-hdpi-v4/common_google_signin_btn_icon_light_pressed.9.png 0x4d6bac57
res/drawable-mdpi-v4/common_plus_signin_btn_text_light_disabled.9.png 0x59ec0fa9
res/anim/design_fab_out.xml 0x8d676b4b
res/color-v11/abc_background_cache_hint_selector_material_light.xml 0xb640fb24
res/layout/time_picker_dialog.xml 0x653108d2
res/layout/fragment_browse_grid_recyclerview.xml 0xcd9be4fc
res/drawable-hdpi-v11/ic_stat_av_play.png 0x13fadab7
res/drawable-mdpi-v4/common_google_signin_btn_text_light_disabled.9.png 0x949ecbdd
res/layout/toolbar_spinner_item_actionbar.xml 0xb0eb663e
res/drawable-xxhdpi-v4/fab_convert.png 0xfdbc9ebd
res/drawable-tvdpi-v4/common_google_signin_btn_text_dark_pressed.9.png 0xf0febf4b
res/drawable-xhdpi-v4/ic_drawer_share.png 0xf7ed1311
res/drawable-xxhdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0xdbaceef4
res/drawable-hdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0x1764993
res/drawable-hdpi-v4/common_plus_signin_btn_text_light_disabled.9.png 0xc7344df6
res/drawable-xxhdpi-v4/common_plus_signin_btn_text_light_normal.9.png 0xea837720
res/drawable-xhdpi-v4/common_plus_signin_btn_icon_dark_disabled.9.png 0xdbf990fd
res/drawable/common_plus_signin_btn_icon_dark.xml 0xf3ca5ca7
res/drawable-mdpi-v4/common_google_signin_btn_text_light_focused.9.png 0x41bfc9b3
res/xml/app_tracker.xml 0xb3dfd1e0
res/drawable/abc_textfield_search_material.xml 0xc6d2371b
res/drawable-xxhdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0x49556dc6
res/drawable/common_google_signin_btn_text_light.xml 0xf15ebf96
res/layout/activity_media_details.xml 0x66f17253
res/drawable-mdpi-v4/common_google_signin_btn_icon_light_focused.9.png 0x61d711c0
lib/x86/libpostproc-53.so 0x9b0a4f09
res/drawable-v23/abc_control_background_material.xml 0xbd408b37
res/drawable-v21/abc_btn_colored_material.xml 0xbd510abe
res/drawable-xxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0x35329a
res/drawable-mdpi-v4/drawer_menu_history.png 0xa46bc574
res/drawable-xxhdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0xba26ed10
res/drawable/abc_list_selector_holo_dark.xml 0xfa7fd34a
res/drawable-hdpi-v4/actionbar_menu_share.png 0x693865de
res/drawable-mdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0xd66dea06
res/drawable-xxhdpi-v11/ic_stat_av_play.png 0x6db6001a
res/drawable-mdpi-v4/abc_list_longpressed_holo.9.png 0x78c37895
res/drawable-xxhdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xcfc747f2
res/layout-v17/notification_template_big_media.xml 0xbf5607d5
res/drawable-mdpi-v4/common_plus_signin_btn_text_light_pressed.9.png 0x6d0e3bb2
res/drawable-tvdpi-v4/common_plus_signin_btn_text_light_disabled.9.png 0x7bec2810
res/drawable-xhdpi-v4/audio_thumbnail.png 0x505923df
res/drawable/rvfs_section_indicator_background_rect.xml 0x310a95b9
res/drawable-tvdpi-v4/common_plus_signin_btn_text_dark_focused.9.png 0x791921a3
res/drawable-mdpi-v4/common_plus_signin_btn_icon_dark_disabled.9.png 0x408f132a
lib/x86/libavcodec-56.so 0x441f9324
res/drawable-ldrtl/rvfs_section_indicator_background_default_rounded.xml 0x937a6303
res/drawable-mdpi-v4/ic_action_action_search.png 0x2afb3e2b
res/drawable-xhdpi-v4/ic_action_maps_local_grocery_store.png 0x2825ae1b
res/drawable-mdpi-v4/common_plus_signin_btn_icon_dark_focused.9.png 0x124a301c
res/drawable-tvdpi-v4/common_google_signin_btn_icon_light_disabled.9.png 0xa37c177e
res/layout/abc_action_bar_up_container.xml 0x836eb13c
res/menu/drawer_menu.xml 0xbadb35db
res/drawable/abc_spinner_textfield_background_material.xml 0x24d55da7
res/drawable-tvdpi-v4/common_plus_signin_btn_icon_dark_disabled.9.png 0x9ed6fe22
res/drawable-hdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0xf246b608
res/drawable-hdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0x62ba456f
res/drawable-xhdpi-v4/ic_stat_navigation_accept.png 0xd88739b7
res/layout/toolbar_actionbar.xml 0x818e0239
res/drawable-hdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0xeabe78bc
res/drawable-hdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xedd62a7e
res/drawable-mdpi-v4/common_plus_signin_btn_icon_light_normal.9.png 0x55151416
res/layout/notification_media_cancel_action.xml 0x6dff7a7d
res/drawable-hdpi-v4/common_full_open_on_phone.png 0xfdf4f67
res/drawable-ldrtl-xhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0x8e0918ec
res/layout/rvfs_default_vertical_layout.xml 0x1b3facf5
res/drawable-mdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0x7b22bd10
res/mipmap-xxhdpi-v4/ic_launcher.png 0xad01a64d
res/drawable-xxhdpi-v4/common_google_signin_btn_icon_dark_normal.9.png 0x97f55836
res/drawable-mdpi-v4/abc_ic_clear_mtrl_alpha.png 0x448ffef0
res/drawable-xxhdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0x95776bdd
res/drawable-xhdpi-v11/ic_stat_navigation_cancel.png 0x6dab2817
res/menu/activity_main.xml 0x1289516a
res/drawable-hdpi-v4/common_plus_signin_btn_text_dark_normal.9.png 0x7c799d05
res/drawable-xxhdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0x4d07b4a9
res/drawable-hdpi-v4/actionbar_menu_convert.png 0x551885ef
res/drawable-xhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0xecb20e18
res/drawable-hdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0x415336be
res/drawable-hdpi-v4/drawer_menu_rating.png 0xcc6de876
res/drawable-hdpi-v4/ic_stat_navigation_accept.png 0xa76c5f79
res/drawable-mdpi-v4/abc_switch_track_mtrl_alpha.9.png 0xd6b37a0c
res/layout/convert_options.xml 0x628e001f
res/drawable-hdpi-v4/actionbar_menu_new_folder.png 0x9dfa1b17
res/drawable/abc_edit_text_material.xml 0xa959b2d4
res/drawable-ldrtl-xhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0xeeeff9f6
res/drawable-mdpi-v4/abc_btn_check_to_on_mtrl_015.png 0xa32a8346
res/drawable-xhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0xcd563567
res/drawable-hdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0xe50f1648
res/drawable-hdpi-v4/common_plus_signin_btn_icon_light_normal.9.png 0x3c6acb96
res/drawable-xhdpi-v4/abc_btn_check_to_on_mtrl_015.png 0x726c24c9
res/drawable-mdpi-v4/ic_file_folder.png 0x3e679686
res/drawable-xxhdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x2fa093c4
res/drawable-xxhdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0x978987bf
res/drawable-hdpi-v4/common_plus_signin_btn_icon_dark_normal.9.png 0x80f81d1e
res/drawable-mdpi-v4/abc_list_selector_disabled_holo_light.9.png 0xd6426851
res/layout/fragment_video_list_recyclerview.xml 0xec472bf
assets/crashlytics-build.properties 0x37864e02
res/anim/abc_grow_fade_in_from_bottom.xml 0x94d2184b
res/drawable/design_fab_background.xml 0x516623a0
res/drawable-mdpi-v4/abc_list_pressed_holo_light.9.png 0x32efca3
res/layout/design_layout_tab_icon.xml 0x5385fa45
res/drawable/rvfs_fast_scroller_handle_rounded.xml 0xac6f3854
res/layout/convert_options_card_trim.xml 0x9b1b7912
res/color/switch_thumb_material_dark.xml 0xf774a7e6
res/drawable-ldrtl-xhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0xd4c1bd1e
res/drawable-xhdpi-v4/ic_drawer_settings.png 0x7f675473
res/layout/abc_screen_content_include.xml 0x20d2875e
res/drawable-tvdpi-v4/common_plus_signin_btn_text_light_normal.9.png 0x969b048e
res/drawable-hdpi-v4/drawer_menu_browse.png 0x2ef1d567
res/drawable-tvdpi-v4/common_google_signin_btn_icon_light_focused.9.png 0x5eedfd2f
res/drawable-hdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xd03742f2
res/layout/empty_list.xml 0xca8eb898
res/drawable-xxhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0xb888b755
res/drawable-xxxhdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0xeb5b1fdc
res/drawable-mdpi-v4/actionbar_menu_play.png 0x521c8ed7
res/drawable-mdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0xefd6e141
res/drawable-hdpi-v11/ic_stat_av_stop.png 0x3e09154c
res/drawable-mdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xd152fae1
res/drawable/common_google_signin_btn_text_dark.xml 0xdbd36fa3
res/drawable-hdpi-v4/common_ic_googleplayservices.png 0xe5ce58cc
res/drawable-xhdpi-v4/drawer_menu_feedback.png 0xe7711ba
res/drawable-mdpi-v4/actionbar_menu_share.png 0x767caf73
res/layout/select_dialog_singlechoice_material.xml 0x53beb0d
res/drawable-hdpi-v4/common_google_signin_btn_text_dark_pressed.9.png 0xd2173911
fabric/com.crashlytics.sdk.android.crashlytics-core.properties 0xbcf50888
res/drawable-ldrtl-hdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x4285af01
res/drawable-xxhdpi-v4/common_full_open_on_phone.png 0xfdf4f67
res/layout/design_navigation_item_separator.xml 0x3ef5e21
res/drawable-tvdpi-v4/common_plus_signin_btn_text_dark_normal.9.png 0x545c0a3d
res/drawable-mdpi-v4/common_google_signin_btn_text_dark_pressed.9.png 0xc219df72
res/drawable-xhdpi-v4/actionbar_menu_check.png 0xf0061baa
res/layout/abc_action_mode_close_item_material.xml 0xd02d762f
res/drawable/design_snackbar_background.xml 0xbc07c5b6
res/drawable-mdpi-v4/abc_list_focused_holo.9.png 0xb1ab9d03
res/drawable-xhdpi-v4/actionbar_menu_refresh.png 0xf9228473
res/drawable-xhdpi-v4/actionbar_menu_move.png 0x64d1ac71
res/layout/media_conversion_cards.xml 0xbece8d17
res/drawable-tvdpi-v4/common_google_signin_btn_text_light_disabled.9.png 0x774f2c70
res/drawable-mdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0x79c23ff8
res/drawable-tvdpi-v4/common_google_signin_btn_icon_dark_disabled.9.png 0x9eaf7c8c
res/drawable-mdpi-v4/common_plus_signin_btn_icon_light_focused.9.png 0x62670262
res/drawable-xhdpi-v4/common_google_signin_btn_icon_light_focused.9.png 0x111e39a0
res/drawable-mdpi-v4/common_plus_signin_btn_icon_light_disabled.9.png 0xcf3a1d5d
res/drawable-mdpi-v4/actionbar_menu_new_folder.png 0xadd81fae
res/drawable-xxxhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0x9d6b6c53
res/drawable-mdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0xbe76481
res/drawable-xhdpi-v4/common_google_signin_btn_icon_dark_disabled.9.png 0x6d82fc05
res/drawable-mdpi-v4/ic_stat_navigation_accept.png 0x6e7df436
res/drawable-xhdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0x1a186496
res/layout/abc_activity_chooser_view.xml 0xfd3f68ce
res/drawable-xhdpi-v4/drawer_menu_history.png 0xe8910dc
res/drawable-hdpi-v4/common_google_signin_btn_text_light_disabled.9.png 0x31335da5
res/drawable-hdpi-v4/actionbar_menu_selectall.png 0x4eb9ed93
res/drawable/abc_btn_default_mtrl_shape.xml 0xfc065a45
res/drawable-mdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0xa7483509
res/drawable-tvdpi-v4/common_plus_signin_btn_icon_light_disabled.9.png 0xa1d218b2
res/drawable-mdpi-v4/ic_drawer_settings.png 0xa15d7600
res/drawable-xxhdpi-v4/spinner_triangle.png 0xebe740ab
res/drawable-xhdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xcfba78ba
res/drawable-xxhdpi-v4/common_google_signin_btn_icon_light_disabled.9.png 0xc1b7c852
res/drawable-hdpi-v4/common_plus_signin_btn_icon_dark_focused.9.png 0xe3cae4e1
res/drawable-hdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x103aeb6a
res/drawable-xhdpi-v4/common_full_open_on_phone.png 0xfdf4f67
res/layout/notification_template_big_media_narrow.xml 0xd4208e47
res/drawable-mdpi-v4/ic_drawer_share.png 0x8a441c86
res/layout/browse_header_item.xml 0x9fcd9b36
res/layout/design_navigation_item.xml 0x4e1b9dc8
classes.dex 0x7eedb3ae
res/menu/menu_browse.xml 0x539b53d7
res/drawable-mdpi-v4/audio_thumbnail.png 0xf1f91d40
运行截图
VirSCANVirSCAN
VirSCAN