VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2016-08-16 22:45:58 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 5
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 2
avast 150725-1 4.7.4 2015-07-25 Found nothing 60
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 3
baidusd 1.0 1.0 2014-04-02 Found nothing 1
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
clamav 19861 0.97.5 2014-12-31 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
gdata 25.7888 25.7888 2016-08-14 Found nothing 11
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 44
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2013-09-22 Found nothing 7
mcafee 7638 5400.1158 2014-11-30 Found nothing 60
nod32 0920 3.0.21 2014-12-23 Found nothing 60
panda 9.05.01 9.05.01 2015-07-26 Found nothing 4
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
quickheal 14.00 14.00 2015-07-25 Found nothing 2
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 2
sophos 5.08 3.55.0 2014-12-01 Found nothing 60
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 7
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 2
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 15
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.ACCESS_SUPERUSER
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
com.android.vending.CHECK_LICENSE
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.CAMERA 访问照相机设备
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:bfc9876e899b4e94a2a15343e2f516ac
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:com.iwobanas.screenrecorder.pro
最低运行环境:Android 4.0.3, 4.0.4
版权:Android
关键行为
VirSCANVirSCAN
行为描述: 设置消息钩子
详情信息: C:\WINDOWS\system32\DINPUT8.dll
行为描述: 获取TickCount值
详情信息: TickCount = 5357326, SleepMilliseconds = 30.
TickCount = 5357358, SleepMilliseconds = 30.
TickCount = 5357389, SleepMilliseconds = 30.
TickCount = 5357545, SleepMilliseconds = 30.
TickCount = 5357561, SleepMilliseconds = 30.
TickCount = 5357670, SleepMilliseconds = 30.
TickCount = 5357686, SleepMilliseconds = 30.
TickCount = 5358811, SleepMilliseconds = 30.
TickCount = 5358873, SleepMilliseconds = 30.
TickCount = 5358889, SleepMilliseconds = 30.
TickCount = 5358905, SleepMilliseconds = 30.
TickCount = 5358920, SleepMilliseconds = 30.
TickCount = 5359092, SleepMilliseconds = 30.
TickCount = 5359406, SleepMilliseconds = 250.
TickCount = 5359734, SleepMilliseconds = 250.
进程行为
VirSCANVirSCAN
行为描述: 设置消息钩子
详情信息: C:\WINDOWS\system32\DINPUT8.dll
行为描述: 获取TickCount值
详情信息: TickCount = 5357326, SleepMilliseconds = 30.
TickCount = 5357358, SleepMilliseconds = 30.
TickCount = 5357389, SleepMilliseconds = 30.
TickCount = 5357545, SleepMilliseconds = 30.
TickCount = 5357561, SleepMilliseconds = 30.
TickCount = 5357670, SleepMilliseconds = 30.
TickCount = 5357686, SleepMilliseconds = 30.
TickCount = 5358811, SleepMilliseconds = 30.
TickCount = 5358873, SleepMilliseconds = 30.
TickCount = 5358889, SleepMilliseconds = 30.
TickCount = 5358905, SleepMilliseconds = 30.
TickCount = 5358920, SleepMilliseconds = 30.
TickCount = 5359092, SleepMilliseconds = 30.
TickCount = 5359406, SleepMilliseconds = 250.
TickCount = 5359734, SleepMilliseconds = 250.
文件行为
VirSCANVirSCAN
行为描述: 覆盖已有文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
C:\Documents and Settings\Administrator\Application Data\Adobe\Flash Player\NativeCache\NativeCache.directory
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT ---> Offset = 0
行为描述: 查找文件
详情信息: FileName = \\?\C:\WINDOWS\system32\Macromed\Flash\ss.cfg
FileName = \\?\C:\WINDOWS\system32\Macromed\Flash\ss.sgn
FileName = \\?\C:\Documents and Settings\Administrator\Application Data\Adobe\Flash Player\NativeCache
FileName = C:\DOCUME~1
FileName = C:\DOCUME~1\ADMINI~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
FileName = C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\ADOBE
FileName = \\?\C:\Documents and Settings\Administrator\Application Data\Adobe\Flash Player\AssetCache
FileName = \\?\C:\Documents and Settings\Administrator\Application Data\Adobe\Flash Player\AssetCache\*
FileName = C:\Documents and Settings\Administrator\Application Data\Macromedia\Flash Player\#SharedObjects\*
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
\REGISTRY\MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\ID
其他行为
VirSCANVirSCAN
行为描述: 获取光标位置
详情信息: CursorPos = (71,18468), SleepMilliseconds = 250.
CursorPos = (6364,26501), SleepMilliseconds = 250.
行为描述: 创建互斥体
详情信息: CTF.LBES.MutexDefaultS-*
CTF.Compart.MutexDefaultS-*
CTF.Asm.MutexDefaultS-*
CTF.Layouts.MutexDefaultS-*
CTF.TMD.MutexDefaultS-*
CTF.TimListCache.FMPDefaultS-*MUTEX.DefaultS-*
MSCTF.Shared.MUTEX.ELH
DirectSound DllMain mutex (0x00000994)
{1B655094-FE2A-433c-A877-FF9793445069}
DDrawWindowListMutex
DDrawDriverObjectListMutex
__DDrawExclMode__
__DDrawCheckExclMode__
Local\ZonesCounterMutex
Local\ZoneAttributeCacheCounterMutex
行为描述: 创建事件对象
详情信息: EventName = DINPUTWINMM
EventName = Global\crypt32LogoffEvent
EventName = MSCTF.SendReceiveConection.Event.IJJ.IC
EventName = MSCTF.SendReceive.Event.IJJ.IC
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [Shell_TrayWnd,]
NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
行为描述: 打开事件
详情信息: HookSwitchHookEnabledEvent
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000041
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000041
MSCTF.SendReceiveConection.Event.ELH.IC
MSCTF.SendReceive.Event.ELH.IC
Global\crypt32LogoffEvent
Global\SvcctrlStartEvent_A3752DX
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
CTF.ThreadMIConnectionEvent.000007B4.00000000.00000042
CTF.ThreadMarshalInterfaceEvent.000007B4.00000000.00000042
行为描述: 获取TickCount值
详情信息: TickCount = 5357326, SleepMilliseconds = 30.
TickCount = 5357358, SleepMilliseconds = 30.
TickCount = 5357389, SleepMilliseconds = 30.
TickCount = 5357545, SleepMilliseconds = 30.
TickCount = 5357561, SleepMilliseconds = 30.
TickCount = 5357670, SleepMilliseconds = 30.
TickCount = 5357686, SleepMilliseconds = 30.
TickCount = 5358811, SleepMilliseconds = 30.
TickCount = 5358873, SleepMilliseconds = 30.
TickCount = 5358889, SleepMilliseconds = 30.
TickCount = 5358905, SleepMilliseconds = 30.
TickCount = 5358920, SleepMilliseconds = 30.
TickCount = 5359092, SleepMilliseconds = 30.
TickCount = 5359406, SleepMilliseconds = 250.
TickCount = 5359734, SleepMilliseconds = 250.
行为描述: 调整进程token权限
详情信息: SE_INC_BASE_PRIORITY_PRIVILEGE
行为描述: 窗口信息
详情信息: Pid = 2452, Hwnd=0x503b0, Text = 成功率计算器, ClassName = WTWindow.
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = 250.
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,WindowEx]
[Window,Class] = [,PictureEx]
[Window,Class] = [,ButtonEx]
[Window,Class] = [,SelectthefolderEx]
[Window,Class] = [,LabelEx]
行为描述: 打开互斥体
详情信息: ShimCacheMutex
Local\!IETld!Mutex
Activities
VirSCANVirSCAN
活动名 类型
com.iwobanas.screenrecorder.RecorderActivity android.intent.action.MAIN
com.iwobanas.screenrecorder.RecorderActivity android.intent.category.LAUNCHER
危险函数
VirSCANVirSCAN
函数名称 信息
HttpClient;->execute 请求远程服务器
android/app/NotificationManager;->notify 信息通知栏
getRuntime 获取命令行环境
java/lang/Runtime;->exec 执行字符串命令
Camera;->open 开启相机
启动方式
VirSCANVirSCAN
名称 信息
com.google.analytics.tracking.android.CampaignTrackingReceiver
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.ACCESS_SUPERUSER
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.READ_EXTERNAL_STORAGE 读外部存储器(如:SD卡)
android.permission.INTERNET 连接网络(2G或3G)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
com.android.vending.CHECK_LICENSE
android.permission.WRITE_SETTINGS 读写系统设置项
android.permission.CAMERA 访问照相机设备
服务列表
VirSCANVirSCAN
名称
com.iwobanas.screenrecorder.RecorderService
com.google.analytics.tracking.android.CampaignTrackingService
文件列表
VirSCANVirSCAN
文件名 校验码
META-INF/MANIFEST.MF 0x5126f2ab
META-INF/CERT.SF 0xc7ed172d
META-INF/CERT.RSA 0xc7078ade
AndroidManifest.xml 0xca401f00
classes.dex 0x52be65a
res/anim/blink.xml 0x136ce4a1
res/drawable-hdpi-v4/bg.9.png 0x7b1ec0ec
res/drawable-hdpi-v4/bg_h.9.png 0x555f6654
res/drawable-hdpi-v4/ic_exit_normal.png 0x88e37275
res/drawable-hdpi-v4/ic_exit_pressed.png 0x1a8d8a0f
res/drawable-hdpi-v4/ic_launcher.png 0x52c08e78
res/drawable-hdpi-v4/ic_menu_share.png 0x1149b080
res/drawable-hdpi-v4/ic_notification.png 0x6d330303
res/drawable-hdpi-v4/ic_notification_saved.png 0x167dc36c
res/drawable-hdpi-v4/ic_settings_normal.png 0xf6688ae8
res/drawable-hdpi-v4/ic_settings_pressed.png 0xf29f680d
res/drawable-hdpi-v4/ic_start.png 0x7dd42bf0
res/drawable-hdpi-v4/watermark.png 0xc489138a
res/drawable-hdpi-v4/watermark_h.png 0x6fbe3ff2
res/drawable-ldpi-v4/ic_launcher.png 0x29cf504e
res/drawable-mdpi-v4/bg.9.png 0xcff4b6b3
res/drawable-mdpi-v4/bg_h.9.png 0x63a13850
res/drawable-mdpi-v4/ic_exit_normal.png 0xf98de724
res/drawable-mdpi-v4/ic_exit_pressed.png 0x16655b1e
res/drawable-mdpi-v4/ic_launcher.png 0x8e1b68a
res/drawable-mdpi-v4/ic_menu_share.png 0xa5f8c173
res/drawable-mdpi-v4/ic_notification.png 0xc61ccab0
res/drawable-mdpi-v4/ic_notification_saved.png 0xeb02c191
res/drawable-mdpi-v4/ic_settings_normal.png 0x5d58fd0
res/drawable-mdpi-v4/ic_settings_pressed.png 0x90bd963d
res/drawable-mdpi-v4/ic_start.png 0xa665d50e
res/drawable-mdpi-v4/watermark.png 0x74027e43
res/drawable-xhdpi-v4/bg.9.png 0x69744af6
res/drawable-xhdpi-v4/bg_h.9.png 0xda07a5a1
res/drawable-xhdpi-v4/ic_exit_normal.png 0x7b72d544
res/drawable-xhdpi-v4/ic_exit_pressed.png 0xabba77f
res/drawable-xhdpi-v4/ic_launcher.png 0xd68e07bd
res/drawable-xhdpi-v4/ic_menu_share.png 0xd8b6c226
res/drawable-xhdpi-v4/ic_notification.png 0xc81d2a6d
res/drawable-xhdpi-v4/ic_notification_saved.png 0x362172ad
res/drawable-xhdpi-v4/ic_settings_normal.png 0x8e7a6c52
res/drawable-xhdpi-v4/ic_settings_pressed.png 0xf3027f98
res/drawable-xhdpi-v4/ic_start.png 0xb60f54d1
res/drawable-xhdpi-v4/separator.png 0x278b9d4f
res/drawable-xhdpi-v4/watermark.png 0xb47af575
res/drawable-xhdpi-v4/watermark_h.png 0xcd6d764a
res/drawable-xxhdpi-v4/bg.9.png 0x324ec41
res/drawable-xxhdpi-v4/bg_h.9.png 0xc2490df
res/drawable-xxhdpi-v4/ic_exit_normal.png 0xcf1853b0
res/drawable-xxhdpi-v4/ic_exit_pressed.png 0x3c95f500
res/drawable-xxhdpi-v4/ic_launcher.png 0xbe43c4ac
res/drawable-xxhdpi-v4/ic_menu_share.png 0xcf1f6a45
res/drawable-xxhdpi-v4/ic_notification.png 0xa940b0c2
res/drawable-xxhdpi-v4/ic_notification_saved.png 0x25ff75da
res/drawable-xxhdpi-v4/ic_settings_normal.png 0xf8e64f7c
res/drawable-xxhdpi-v4/ic_settings_pressed.png 0x7ac4e362
res/drawable-xxhdpi-v4/ic_start.png 0x7e40f229
res/drawable-xxhdpi-v4/watermark.png 0xa877f48b
res/drawable-xxhdpi-v4/watermark_h.png 0x5e0b333c
res/drawable/ic_exit.xml 0x728d91c0
res/drawable/ic_settings.xml 0xed83a574
res/drawable/transparent.png 0x52825fdc
res/layout/camera.xml 0x4f848d23
res/layout/directory_chooser.xml 0x528dd520
res/layout/recorder.xml 0x3ae99491
res/layout/settings.xml 0x8f2d0cba
res/layout/slider_preference.xml 0xbcec962d
res/layout/watermark.xml 0x36cc51eb
res/menu/directory_chooser.xml 0xbf2d163a
res/menu/settings.xml 0xe51025b7
res/raw-v15/audio 0x55e472c9
res/raw-v15/audio_x86 0x8c315d8b
res/raw-v15/screenrec 0x4b942760
res/raw-v15/screenrec_x86 0x2287fad7
res/raw-v16/audio 0x454a8d5e
res/raw-v16/audio_x86 0xcb45cf7a
res/raw-v16/screenrec 0x6f91d9c5
res/raw-v16/screenrec_x86 0x62de39e3
res/raw-v17/audio 0xe1ff80cf
res/raw-v17/audio_x86 0xa1049b7d
res/raw-v17/screenrec 0x5af63a72
res/raw-v17/screenrec_x86 0xde3fd126
res/raw-v18/audio 0x278b6e47
res/raw-v18/audio_x86 0xfea4b901
res/raw-v18/screenrec 0xa2ae4cfc
res/raw-v18/screenrec_x86 0x80e51211
res/raw-v19/audio 0x562ce8c1
res/raw-v19/audio_x86 0x6140b5b9
res/raw-v19/screenrec 0x60384874
res/raw-v19/screenrec_x86 0x40feb62e
res/raw-v21/audio 0x1f246608
res/raw-v21/screenrec 0x35e0ab10
res/xml/settings.xml 0xd51c1ee7
resources.arsc 0x91e1ab7a
运行截图
VirSCANVirSCAN
VirSCAN