VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

Language
Server load
Server Load

VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

File information

Scanner results
Scanner results:0%Antivirus software(0/32)found malware!
Behavior analysis report:         Habo file analysis
Time: 2016-08-19 21:14:42 (CST)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
antiy AVL SDK 3.0 1970-01-01 Found nothing 8
asquared 9.0.0.4324 9.0.0.4324 2014-07-03 Found nothing 4
avast 150725-1 4.7.4 2015-07-25 Found nothing 60
avg 2109/8133 10.0.1405 2014-11-26 Found nothing 60
baidu 2.0.1.0 4.1.3.52192 2.0.1.0 Found nothing 13
baidusd 1.0 1.0 2014-04-02 Found nothing 3
bitdefender 7.58469 7.90123 2014-12-25 Found nothing 60
clamav 19861 0.97.5 2014-12-31 Found nothing 60
drweb 5.0.2.3300 5.0.1.1 2014-12-31 Found nothing 60
fortinet 23.345, 23.345 5.1.158 2014-12-08 Found nothing 60
fprot 4.6.2.117 6.5.1.5418 2014-12-31 Found nothing 60
fsecure 2014-04-02-01 9.13 2014-04-02 Found nothing 60
gdata 25.7937 25.7937 2016-08-18 Found nothing 17
ikarus 1.06.01 V1.32.31.0 2014-12-08 Found nothing 60
jiangmin 16.0.100 1.0.0.0 2015-07-25 Found nothing 51
kaspersky 5.5.33 5.5.33 2014-04-01 Found nothing 60
kingsoft 2.1 2.1 2013-09-22 Found nothing 20
mcafee 7638 5400.1158 2014-11-30 Found nothing 60
nod32 0920 3.0.21 2014-12-23 Found nothing 60
panda 9.05.01 9.05.01 2015-07-26 Found nothing 5
pcc 11.380.07 9.500-1005 2014-12-31 Found nothing 60
qh360 1.0.1 1.0.1 1.0.1 Found nothing 4
qqphone 1.0.0.0 1.0.0.0 2014-12-09 Found nothing 60
quickheal 14.00 14.00 2015-07-25 Found nothing 5
rising 25.76.04.01 25.76.04.01 2015-07-24 Found nothing 12
sophos 5.08 3.55.0 2014-12-01 Found nothing 60
symantec 20141230.001 1.3.0.24 2014-12-30 Found nothing 60
tachyon 9.9.9 9.9.9 2013-12-27 Found nothing 9
thehacker 6.8.0.5 6.8.0.5 2015-07-23 Found nothing 6
tws 17.47.17308 1.0.2.2108 2014-12-08 Found nothing 19
vba 3.12.26.3 3.12.26.3 2014-12-31 Found nothing 60
virusbuster 15.0.985.0 5.5.2.13 2014-12-05 Found nothing 60
权限列表
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.CAMERA 访问照相机设备
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.RECORD_AUDIO 录音(使用AudioRecord)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.RECEIVE_USER_PRESENT
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.FLASHLIGHT 访问闪光灯
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
文件信息
VirSCANVirSCAN
安全评分 :
基本信息
VirSCANVirSCAN
MD5:ce531c283ca0b862810bf9a17152624d
文件大小:5.58MB
上传时间: 2014-09-22 10:36:30 (CST)
包名:tv.panda.live.broadcast
最低运行环境:Android 4.3
版权:上海熊猫互娱文化有限公司
关键行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00400000, Size = 0x00000400
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00404000, Size = 0x00000e00
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00405000, Size = 0x00000a00
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00406000, Size = 0x00000200
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00407000, Size = 0x00000200
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00408000, Size = 0x00000400
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00400000, Size = 0x00000400
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00404000, Size = 0x00000e00
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00405000, Size = 0x00000a00
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00406000, Size = 0x00000200
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00407000, Size = 0x00000200
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00408000, Size = 0x00000400
行为描述: 设置线程上下文
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe
C:\Documents and Settings\Administrator\WinHost32.exe
行为描述: 获取TickCount值
详情信息: TickCount = 347215, SleepMilliseconds = 200.
TickCount = 357393, SleepMilliseconds = 50.
TickCount = 357471, SleepMilliseconds = 50.
TickCount = 357487, SleepMilliseconds = 50.
TickCount = 357503, SleepMilliseconds = 50.
TickCount = 357831, SleepMilliseconds = 50.
TickCount = 357878, SleepMilliseconds = 50.
TickCount = 357893, SleepMilliseconds = 50.
TickCount = 357925, SleepMilliseconds = 50.
TickCount = 357940, SleepMilliseconds = 50.
TickCount = 357956, SleepMilliseconds = 50.
TickCount = 357971, SleepMilliseconds = 50.
TickCount = 357987, SleepMilliseconds = 50.
TickCount = 358003, SleepMilliseconds = 50.
TickCount = 358034, SleepMilliseconds = 50.
行为描述: 跨进程写代码段数据
详情信息: TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00401000, Size = 0x00002c00
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00401000, Size = 0x00002c00
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 修改注册表_启动项
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Run\WinHost32
进程行为
VirSCANVirSCAN
行为描述: 跨进程写入数据
详情信息: TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00400000, Size = 0x00000400
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00404000, Size = 0x00000e00
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00405000, Size = 0x00000a00
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00406000, Size = 0x00000200
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00407000, Size = 0x00000200
TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00408000, Size = 0x00000400
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00400000, Size = 0x00000400
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00404000, Size = 0x00000e00
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00405000, Size = 0x00000a00
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00406000, Size = 0x00000200
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00407000, Size = 0x00000200
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00408000, Size = 0x00000400
行为描述: 设置线程上下文
详情信息: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe
C:\Documents and Settings\Administrator\WinHost32.exe
行为描述: 获取TickCount值
详情信息: TickCount = 347215, SleepMilliseconds = 200.
TickCount = 357393, SleepMilliseconds = 50.
TickCount = 357471, SleepMilliseconds = 50.
TickCount = 357487, SleepMilliseconds = 50.
TickCount = 357503, SleepMilliseconds = 50.
TickCount = 357831, SleepMilliseconds = 50.
TickCount = 357878, SleepMilliseconds = 50.
TickCount = 357893, SleepMilliseconds = 50.
TickCount = 357925, SleepMilliseconds = 50.
TickCount = 357940, SleepMilliseconds = 50.
TickCount = 357956, SleepMilliseconds = 50.
TickCount = 357971, SleepMilliseconds = 50.
TickCount = 357987, SleepMilliseconds = 50.
TickCount = 358003, SleepMilliseconds = 50.
TickCount = 358034, SleepMilliseconds = 50.
行为描述: 跨进程写代码段数据
详情信息: TargetProcess = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe, WriteAddress = 0x00401000, Size = 0x00002c00
TargetProcess = C:\Documents and Settings\Administrator\WinHost32.exe, WriteAddress = 0x00401000, Size = 0x00002c00
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 修改注册表_启动项
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Run\WinHost32
文件行为
VirSCANVirSCAN
行为描述: 创建文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\~DFC2F1.tmp
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.doc
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.Word\~WRF0001.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFDA75.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\VBE\MSForms.exd
C:\Documents and Settings\Administrator\Application Data\Microsoft\Forms\WINWORD.box
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE4B2.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE4CC.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\ge537.exe
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\%temp%\****.doc.LNK
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\EB93A6.LNK
C:\Documents and Settings\Administrator\WinHost32.exe
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\wpad[1].dat
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\VB11.pip
行为描述: 创建可执行文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\ge537.exe
C:\Documents and Settings\Administrator\WinHost32.exe
行为描述: 覆盖已有文件
详情信息: C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Word11.pip
行为描述: 复制文件
详情信息: C:\DOCUME~1\ALLUSE~1\APPLIC~1\MICROS~1\OFFICE\DATA\OPA11.BAK ---> C:\DOCUME~1\ALLUSE~1\APPLIC~1\MICROS~1\OFFICE\DATA\opa11.dat
行为描述: 删除文件
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\~DFC2F1.tmp
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFDA75.tmp
C:\Documents and Settings\Administrator\Application Data\Microsoft\Forms\WINWORD.box
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE4CC.tmp
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IUKHR8T2\wpad[1].dat
C:\Documents and Settings\Administrator\Local Settings\Temp\~DFE4B2.tmp
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.doc
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.Word\~WRS0000.tmp
C:\Documents and Settings\Administrator\Application Data\Microsoft\Templates\~$Normal.dot
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.Word\~WRF0001.tmp
行为描述: 查找文件
详情信息: FileName = C:\Documents and Settings
FileName = C:\Documents and Settings\Administrator
FileName = C:\Documents and Settings\Administrator\Local Settings
FileName = C:\Documents and Settings\Administrator\Application Data
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft
FileName = C:\Documents and Settings\Administrator\Application Data\Microsoft\Templates
FileName = Normal
FileName = C:\Program Files\Microsoft Office 2007\Office12
FileName = C:\DOCUME~1
FileName = C:\DOCUME~1\ADMINI~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\VBE
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\VBE\MSForms.exd
FileName = C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\ge537.exe
行为描述: 设置特殊文件夹属性
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\Administrator\Local Settings\History
C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
C:\Documents and Settings\Administrator\Cookies
行为描述: 修改文件内容
详情信息: C:\Documents and Settings\Administrator\Local Settings\%temp%\****.doc ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\%temp%\****.doc ---> Offset = 54
C:\Documents and Settings\Administrator\Local Settings\Temp\VBE\MSForms.exd ---> Offset = 0
C:\Documents and Settings\Administrator\Local Settings\Temp\VBE\MSForms.exd ---> Offset = 4
C:\Documents and Settings\Administrator\Local Settings\Temp\VBE\MSForms.exd ---> Offset = 8
C:\Documents and Settings\Administrator\Local Settings\Temp\VBE\MSForms.exd ---> Offset = 12
C:\Documents and Settings\Administrator\Local Settings\Temp\VBE\MSForms.exd ---> Offset = 16
C:\Documents and Settings\Administrator\Local Settings\Temp\ge537.exe ---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\%temp%\****.doc.LNK ---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\index.dat ---> Offset = 55
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\EB93A6.LNK ---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\index.dat ---> Offset = 28
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\Recent\index.dat ---> Offset = 0
C:\Documents and Settings\Administrator\WinHost32.exe ---> Offset = 0
C:\Documents and Settings\Administrator\Application Data\Microsoft\Office\VB11.pip ---> Offset = 0
网络行为
VirSCANVirSCAN
行为描述: 联网打开网址
详情信息: InternetOpenUrlA: http://**.133.40.**:128/wpad.dat, hInternet = 0x00cc0010, Flags = 0x00000010
行为描述: 连接指定站点
详情信息: InternetConnectA: ServerName = go****om, PORT = 80, UserName = , Password = , hSession = 0x00cc0004, hConnect = 0x00cc0008, Flags = 0x00000000
InternetConnectA: ServerName = **.133.40.**, PORT = 128, UserName = , Password = , hSession = 0x00cc0010, hConnect = 0x00cc0014, Flags = 0x00000010
行为描述: 打开HTTP连接
详情信息: InternetOpenA: UserAgent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0, hSession = 0x00cc0004
InternetOpenA: UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0), hSession = 0x00cc0010
行为描述: 建立到一个指定的套接字连接
详情信息: URL: wpad, IP: **.133.40.**:128, SOCKET = 0x000002ac
URL: go****om, IP: **.133.40.**:80, SOCKET = 0x000002b8
行为描述: 读取网络文件
详情信息: hFile = 0x00cc0018, BytesToRead =4010, BytesRead = 4010.
hFile = 0x00cc000c, BytesToRead =256, BytesRead = 256.
行为描述: 发送HTTP包
详情信息: GET /wpad.dat HTTP/1.1 Accept: */* User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32; Trident/4.0) Host: **.133.40.**:128
GET / HTTP/1.1 Accept: */* Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0 Host: go****om Cache-Control: no-cache
行为描述: 打开HTTP请求
详情信息: HttpOpenRequestA: **.133.40.**:128/wpad.dat, hConnect = 0x00cc0014, hRequest = 0x00cc0018, Verb: GET, Referer: , Flags = 0x00000010
行为描述: 按名称获取主机地址
详情信息: GetAddrInfoW: computer
GetAddrInfoW: wpad
GetAddrInfoW: go****om
注册表行为
VirSCANVirSCAN
行为描述: 修改注册表
详情信息: \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4080110900063D11C8EF10054038389C\Usage\VBAFiles
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Common\ReviewCycle\ReviewToken
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\DocumentRecovery\4F6A2\4F6A2
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4080110900063D11C8EF10054038389C\Usage\WordEngWizDotFiles2
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{42D84CC3-5636-4BF9-8CB0-4DF7C22AD5C4}\2.0\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{42D84CC3-5636-4BF9-8CB0-4DF7C22AD5C4}\2.0\FLAGS\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{42D84CC3-5636-4BF9-8CB0-4DF7C22AD5C4}\2.0\0\win32\
\REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{42D84CC3-5636-4BF9-8CB0-4DF7C22AD5C4}\2.0\HELPDIR\
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4080110900063D11C8EF10054038389C\Usage\WORDHelpFiles
\REGISTRY\USER\S-*\Software\Microsoft\Office\Common\Assistant\CurrAsstState
\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4080110900063D11C8EF10054038389C\Usage\SpellingAndGrammarFiles_2052
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
\REGISTRY\MACHINE\SOFTWARE\Microsoft\ESENT\Process\WinHost32\DEBUG\Trace Level
\REGISTRY\USER\S-*\Software\Microsoft\VBA\6.0\Common\PropertiesWindow
\REGISTRY\USER\S-*\Software\Microsoft\VBA\6.0\Common\MainWindow
行为描述: 删除注册表键值
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\t
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\Es
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\MSSCIPY\Keyboard Mapping Version
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\MSSCIPY\Keyboard Mapping
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
\REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
\REGISTRY\MACHINE\SOFTWARE\Microsoft\ESENT\Process\WinHost32\DEBUG\Trace Level
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\DocumentRecovery\4F6A2\4F6A2
\REGISTRY\USER\S-*\Software\Microsoft\Office\Common\Assistant\CurrAsstState
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\MTTT
行为描述: 删除注册表键
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\StartupItems\
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\DocumentRecovery\4F6A2\
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\DocumentRecovery\
\REGISTRY\USER\S-*\Software\Microsoft\Office\11.0\Word\Resiliency\
行为描述: 修改注册表_启动项
详情信息: \REGISTRY\USER\S-*\Software\Microsoft\Windows\CurrentVersion\Run\WinHost32
其他行为
VirSCANVirSCAN
行为描述: 创建互斥体
详情信息: Global\MTX_MSO_Formal1_S-*
Global\MTX_MSO_AdHoc1_S-*
Local\Mso97SharedDg19521108172Mutex
LocalMutex2341MSPYhld23qwe2529
mscandui20.mutexDefault
GlobalUserFileMappingEudcMSPYhld23qwe_lock_SYNCROOT
_lock_SYNCROOT
GlobalUserFileMappingEudpMSPYhld23qwe_lock_SYNCROOT
PAdministratorLx.DAT!_SYNCROOT
CfgSyncMSPYqeuir9hj_SYNCROOT
PAdministratorSx.DAT!_SYNCROOT
MSCTF.Shared.MUTEX.APH
Local\Mso97SharedDg19531108172Mutex
Local\Mso97SharedDg19541108172Mutex
OfficeAssistantStateMutex
行为描述: 隐藏指定窗口
详情信息: [Window,Class] = [,_WwB]
[Window,Class] = [,ComboLBox]
[Window,Class] = [lund,ThunderDFrame]
[Window,Class] = [,DesignerWindow]
[Window,Class] = [UserForm2,ThunderDFrame]
[Window,Class] = [,ThunderRT6Main]
[Window,Class] = [,Edit]
[Window,Class] = [,Button]
行为描述: 查找指定窗口
详情信息: NtUserFindWindowEx: [Class,Window] = [CicLoaderWndClass,]
NtUserFindWindowEx: [Class,Window] = [MSOBALLOON,]
NtUserFindWindowEx: [Class,Window] = [MsoHelp10,]
NtUserFindWindowEx: [Class,Window] = [AgentAnim,]
NtUserFindWindowEx: [Class,Window] = [MsoHelp11,]
行为描述: 窗口信息
详情信息: Pid = 1524, Hwnd=0x130184, Text = MsoDockTop, ClassName = MsoCommandBarDock.
Pid = 1524, Hwnd=0x1201c8, Text = 格式, ClassName = MsoCommandBar.
Pid = 1524, Hwnd=0x120172, Text = 常用, ClassName = MsoCommandBar.
Pid = 1524, Hwnd=0x90260, Text = 菜单栏, ClassName = MsoCommandBar.
Pid = 1524, Hwnd=0xf01f0, Text = %temp%\****.doc, ClassName = _WwB.
Pid = 1524, Hwnd=0xe0216, Text = MSO Generic Control Container, ClassName = MsoCommandBar.
Pid = 1524, Hwnd=0x120160, Text = MSO Generic Control Container, ClassName = MsoCommandBar.
Pid = 1524, Hwnd=0xf01e6, Text = Microsoft Word 文档, ClassName = _WwG.
Pid = 1524, Hwnd=0x1001dc, Text = %temp%\****.doc - Microsoft Word, ClassName = OpusApp.
Pid = 1524, Hwnd=0x102f8, Text = 小四, ClassName = RichEdit20W.
Pid = 1524, Hwnd=0x102f6, Text = Times New Roman, ClassName = RichEdit20W.
Pid = 1524, Hwnd=0x102f4, Text = 正文, ClassName = RichEdit20W.
Pid = 1524, Hwnd=0x102f2, Text = 100%, ClassName = RichEdit20W.
Pid = 1524, Hwnd=0x202f0, Text = 键入需要帮助的问题, ClassName = RichEdit20W.
行为描述: 获取TickCount值
详情信息: TickCount = 347215, SleepMilliseconds = 200.
TickCount = 357393, SleepMilliseconds = 50.
TickCount = 357471, SleepMilliseconds = 50.
TickCount = 357487, SleepMilliseconds = 50.
TickCount = 357503, SleepMilliseconds = 50.
TickCount = 357831, SleepMilliseconds = 50.
TickCount = 357878, SleepMilliseconds = 50.
TickCount = 357893, SleepMilliseconds = 50.
TickCount = 357925, SleepMilliseconds = 50.
TickCount = 357940, SleepMilliseconds = 50.
TickCount = 357956, SleepMilliseconds = 50.
TickCount = 357971, SleepMilliseconds = 50.
TickCount = 357987, SleepMilliseconds = 50.
TickCount = 358003, SleepMilliseconds = 50.
TickCount = 358034, SleepMilliseconds = 50.
行为描述: 打开事件
详情信息: MSPY Non-PC softkbd
CTF.ThreadMIConnectionEvent.000007F0.00000000.0000001E
CTF.ThreadMarshalInterfaceEvent.000007F0.00000000.0000001E
CTF.ThreadMIConnectionEvent.000007F0.00000000.0000001F
CTF.ThreadMarshalInterfaceEvent.000007F0.00000000.0000001F
MSCTF.SendReceiveConection.Event.APH.IC
MSCTF.SendReceive.Event.APH.IC
HookSwitchHookEnabledEvent
AtlTraceModuleManager_ProcessAddedStatic3
CTF.ThreadMIConnectionEvent.000007F0.00000000.00000020
CTF.ThreadMarshalInterfaceEvent.000007F0.00000000.00000020
\SECURITY\LSA_AUTHENTICATION_INITIALIZED
Global\SvcctrlStartEvent_A3752DX
\INSTALLATION_SECURITY_HOLD
Global\crypt32LogoffEvent
行为描述: 枚举窗口
详情信息: N/A
行为描述: 可执行文件签名信息
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\ge537.exe(签名验证: 未通过)
C:\Documents and Settings\Administrator\WinHost32.exe(签名验证: 未通过)
行为描述: 调用Sleep函数
详情信息: [1]: MilliSeconds = 200.
[2]: MilliSeconds = 200.
[3]: MilliSeconds = 200.
[4]: MilliSeconds = 200.
[5]: MilliSeconds = 200.
[6]: MilliSeconds = 200.
[7]: MilliSeconds = 200.
[8]: MilliSeconds = 200.
[9]: MilliSeconds = 200.
[10]: MilliSeconds = 200.
[1]: MilliSeconds = 60000.
[2]: MilliSeconds = 60000.
[3]: MilliSeconds = 60000.
[4]: MilliSeconds = 60000.
[5]: MilliSeconds = 60000.
行为描述: 创建事件对象
详情信息: EventName = MSPY Non-PC softkbd
EventName = Global\userenv: User Profile setup event
EventName = MSCTF.SendReceive.Event.ABF.IC
EventName = MSCTF.SendReceiveConection.Event.ABF.IC
EventName = DINPUTWINMM
EventName = Global\crypt32LogoffEvent
行为描述: 可执行文件MD5
详情信息: C:\Documents and Settings\Administrator\Local Settings\Temp\ge537.exe ---> 19d360946bffa9b52662888f0524e3d5
C:\Documents and Settings\Administrator\WinHost32.exe ---> 19d360946bffa9b52662888f0524e3d5
行为描述: 打开互斥体
详情信息: Global\MTX_MSO_Formal1_S-*
Global\MTX_MSO_AdHoc1_S-*
Local\Mso97SharedDg19521108172Mutex
Local\Mso97SharedDg19531108172Mutex
Local\Mso97SharedDg19541108172Mutex
OfficeAssistantStateMutex
ShimCacheMutex
Local\_!MSFTHISTORY!_
Local\c:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
Local\c:!documents and settings!administrator!cookies!
Local\c:!documents and settings!administrator!local settings!history!history.ie5!
Local\WininetStartupMutex
Local\WininetConnectionMutex
Local\WininetProxyRegistryMutex
RasPbFile
Activities
VirSCANVirSCAN
活动名 类型
tv.panda.live.broadcast.LoginActivity android.intent.action.MAIN
tv.panda.live.broadcast.LoginActivity android.intent.category.LAUNCHER
com.tencent.tauth.AuthActivity android.intent.action.VIEW
com.tencent.tauth.AuthActivity android.intent.category.DEFAULT
com.tencent.tauth.AuthActivity android.intent.category.BROWSABLE
危险函数
VirSCANVirSCAN
函数名称 信息
TelephonyManager;->getDeviceId 搜集用户手机IMEI码、电话号码、系统版本号等信息
android/app/NotificationManager;->notify 信息通知栏
ContentResolver;->query 读取联系人、短信等数据库
LocationManager;->getLastKnownLocation 获取地址位置
java/net/URL;->openConnection 连接URL
java/net/HttpURLConnection;->connect 连接URL
getRuntime 获取命令行环境
HttpClient;->execute 请求远程服务器
java/lang/Runtime;->exec 执行字符串命令
Camera;->open 开启相机
ContentResolver;->delete 删除短信、联系人
TelephonyManager;->getSimSerialNumber 获取SIM序列号
DefaultHttpClient;->execute 发送HTTP请求
java/net/URLConnection;->connect 连接URL
启动方式
VirSCANVirSCAN
名称 信息
com.umeng.message.SystemReceiver 开机启动服务
com.umeng.message.SystemReceiver 网络连接改变时启动服务
com.umeng.message.SystemReceiver 应用卸载时启动服务
com.umeng.message.MessageReceiver
com.umeng.message.ElectionReceiver
com.umeng.message.RegistrationReceiver
com.umeng.message.UmengMessageBootReceiver 开机启动服务
权限列表
VirSCANVirSCAN
许可名称 信息
android.permission.INTERNET 连接网络(2G或3G)
android.permission.CAMERA 访问照相机设备
android.permission.WAKE_LOCK 手机屏幕关闭后后台进程仍运行
android.permission.RECORD_AUDIO 录音(使用AudioRecord)
android.permission.WRITE_EXTERNAL_STORAGE 写外部存储器(如:SD卡)
android.permission.ACCESS_NETWORK_STATE 读取网络状态(2G或3G)
android.permission.RECEIVE_USER_PRESENT
android.permission.SYSTEM_ALERT_WINDOW 显示系统窗口
android.permission.MOUNT_UNMOUNT_FILESYSTEMS 挂载、反挂载外部文件系统
android.permission.FLASHLIGHT 访问闪光灯
android.permission.ACCESS_FINE_LOCATION 获取精确的位置(通过GPS)
服务列表
VirSCANVirSCAN
名称
com.umeng.update.net.DownloadingService
com.umeng.message.UmengService
com.umeng.message.UmengIntentService
com.umeng.message.UmengMessageIntentReceiverService
com.umeng.message.UmengMessageCallbackHandlerService
com.umeng.message.UmengDownloadResourceService
tv.panda.live.broadcast.screenrecord.PandaScreenService
文件列表
VirSCANVirSCAN
文件名 校验码
AndroidManifest.xml 0x348b7b8f
assets/TuSDK.bundle/others/lsq_tusdk_configs.json 0x2732cb6a
assets/TuSDK.bundle/textures/lsq_filter_VideoFair_25.gfilter 0x848b925f
assets/TuSDK.bundle/textures/lsq_internal_filters.filter 0xcb6e3287
assets/face/233.png 0xd20f46b2
assets/face/666.png 0xa84bdf42
assets/face/Beauty.png 0x91f48f70
assets/face/Cool.png 0xc7ca1ef6
assets/face/Dear.png 0xfa2bb95f
assets/face/Despise.png 0x46836db5
assets/face/Doubt.png 0x6f033aeb
assets/face/Kuso.png 0x7532e432
assets/face/Poor.png 0xc53517e9
assets/face/Pull.png 0x28a61638
assets/face/Right_hum.png 0x54b4be5
assets/face/Secret.png 0xecb7a193
assets/face/Shame.png 0x833b4ce
assets/face/Shut_up.png 0xc3a30ec
assets/face/Smile.png 0x3f9863d9
assets/face/Sorry.png 0xfe5e47d9
assets/face/Strive.png 0x63335b91
assets/face/Sweat03.png 0xe50f1bc6
assets/face/Terrified.png 0x77cba960
assets/face/Zuo_Heng.png 0xceaf91a9
assets/face/bad.png 0xc04f5ecb
assets/face/bye.png 0xc81b53a4
assets/face/chaos.png 0xad9aa76f
assets/face/crazy.png 0x20bf51b7
assets/face/cry.png 0xca88383b
assets/face/decline.png 0x22166215
assets/face/ghost.png 0x223d0b5
assets/face/happy.png 0x68a38ec7
assets/face/laugh.png 0xd75c416b
assets/face/naughty.png 0x1d7d5920
assets/face/scare.png 0x1e2779fb
assets/face/scold.png 0x4a5ccb86
assets/face/sleep.png 0xc0fe6b76
assets/face/stupefied.png 0x3a362173
assets/face/supercilious_look.png 0xdf05aa99
assets/face/surprised.png 0xa54cbf5c
assets/face/sweat.png 0x4571babf
assets/face/sweat01.png 0x4c92d2e9
assets/face/sweat02.png 0x681d6957
assets/face/tired.png 0xeaccd77f
res/anim/abc_grow_fade_in_from_bottom.xml 0xeafc430
res/anim/abc_popup_enter.xml 0x5fe7f250
res/anim/abc_popup_exit.xml 0xb46864e1
res/anim/abc_shrink_fade_out_from_bottom.xml 0xab9df452
res/anim/anim_top_in.xml 0xc9eb18d
res/anim/anim_top_out.xml 0x94cf1714
res/anim/umeng_fb_audio_play_anim.xml 0x1921b947
res/anim/umeng_fb_dialog_enter_anim.xml 0x4103d130
res/anim/umeng_fb_dialog_exit_anim.xml 0xba9f068f
res/color-v11/abc_background_cache_hint_selector_material_dark.xml 0x63d4c797
res/color-v11/abc_background_cache_hint_selector_material_light.xml 0x39cf77ca
res/color-v23/abc_color_highlight_material.xml 0x95b56cd8
res/color/abc_background_cache_hint_selector_material_dark.xml 0xf1245e1f
res/color/abc_background_cache_hint_selector_material_light.xml 0x7f66ef21
res/color/abc_primary_text_disable_only_material_dark.xml 0x429939d8
res/color/abc_primary_text_disable_only_material_light.xml 0xd18646a2
res/color/abc_primary_text_material_dark.xml 0x9a8ecd0f
res/color/abc_primary_text_material_light.xml 0x991b275
res/color/abc_search_url_text.xml 0x2dc43020
res/color/abc_secondary_text_material_dark.xml 0x9ba121e2
res/color/abc_secondary_text_material_light.xml 0x8be5e98
res/color/mycheckbox.xml 0x5385cc9f
res/color/switch_thumb_material_dark.xml 0xd41f5106
res/color/switch_thumb_material_light.xml 0xcef3ba29
res/drawable-hdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0x64228504
res/drawable-hdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xd03742f2
res/drawable-hdpi-v4/abc_btn_check_to_on_mtrl_015.png 0xd2d6badf
res/drawable-hdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xff76aca0
res/drawable-hdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x40073691
res/drawable-hdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0x8efc8de5
res/drawable-hdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0x8f25d6ab
res/drawable-hdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0x11706987
res/drawable-hdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0x1764993
res/drawable-hdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0x3df2f3
res/drawable-hdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0xcf221f74
res/drawable-hdpi-v4/abc_ic_clear_mtrl_alpha.png 0x3f976daa
res/drawable-hdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0x4afe65be
res/drawable-hdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0x50e4f199
res/drawable-hdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0xc3e37254
res/drawable-hdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x84e76f0
res/drawable-hdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0x6def6654
res/drawable-hdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0x7b8d7a2b
res/drawable-hdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x92a0a882
res/drawable-hdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0xe58316f4
res/drawable-hdpi-v4/abc_ic_search_api_mtrl_alpha.png 0xfba9885f
res/drawable-hdpi-v4/abc_ic_star_black_16dp.png 0x8b8a9485
res/drawable-hdpi-v4/abc_ic_star_black_36dp.png 0xdd4584
res/drawable-hdpi-v4/abc_ic_star_half_black_16dp.png 0xa97f155c
res/drawable-hdpi-v4/abc_ic_star_half_black_36dp.png 0x7e9b424
res/drawable-hdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x7c484f23
res/drawable-hdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x72ff0f68
res/drawable-hdpi-v4/abc_list_focused_holo.9.png 0x8e4da209
res/drawable-hdpi-v4/abc_list_longpressed_holo.9.png 0x81b12fde
res/drawable-hdpi-v4/abc_list_pressed_holo_dark.9.png 0x62993bc8
res/drawable-hdpi-v4/abc_list_pressed_holo_light.9.png 0x7c69f413
res/drawable-hdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0xe50f1648
res/drawable-hdpi-v4/abc_list_selector_disabled_holo_light.9.png 0x43f655e6
res/drawable-hdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0xbed682a
res/drawable-hdpi-v4/abc_popup_background_mtrl_mult.9.png 0x84fecf87
res/drawable-hdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0x6b6f6e10
res/drawable-hdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0x7ebcc8c0
res/drawable-hdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xedd62a7e
res/drawable-hdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0x415336be
res/drawable-hdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0x65b9786e
res/drawable-hdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0x7ab89543
res/drawable-hdpi-v4/abc_switch_track_mtrl_alpha.9.png 0x18025bff
res/drawable-hdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0x6c11debe
res/drawable-hdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x103aeb6a
res/drawable-hdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0xaa35a06e
res/drawable-hdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0xafd79c5c
res/drawable-hdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0xee0f1fea
res/drawable-hdpi-v4/ic_focus_failed.9.png 0x242dd15
res/drawable-hdpi-v4/ic_focus_focused.9.png 0x8424b37b
res/drawable-hdpi-v4/ic_focus_focusing.9.png 0xcc864689
res/drawable-hdpi-v4/umeng_update_btn_check_off_focused_holo_light.png 0x63f5fdb0
res/drawable-hdpi-v4/umeng_update_btn_check_off_holo_light.png 0x9dd19bd9
res/drawable-hdpi-v4/umeng_update_btn_check_off_pressed_holo_light.png 0x3f0df474
res/drawable-hdpi-v4/umeng_update_btn_check_on_focused_holo_light.png 0x3a86058e
res/drawable-hdpi-v4/umeng_update_btn_check_on_holo_light.png 0x54ca4df0
res/drawable-hdpi-v4/umeng_update_btn_check_on_pressed_holo_light.png 0xc6e0029f
res/drawable-hdpi-v4/umeng_update_close_bg_normal.png 0xfbb3a5d2
res/drawable-hdpi-v4/umeng_update_close_bg_tap.png 0xa852b3ec
res/drawable-ldrtl-hdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0x69137c0d
res/drawable-ldrtl-hdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0xa0f62259
res/drawable-ldrtl-hdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0x68855ee1
res/drawable-ldrtl-hdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0xa596c3d0
res/drawable-ldrtl-mdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0xf9fb6fee
res/drawable-ldrtl-mdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0x8397446e
res/drawable-ldrtl-mdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0x60ba44b
res/drawable-ldrtl-mdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0xb1c14ea7
res/drawable-ldrtl-xhdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0x8e0918ec
res/drawable-ldrtl-xhdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0x9f9971be
res/drawable-ldrtl-xhdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0xeeeff9f6
res/drawable-ldrtl-xhdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0x64a842b9
res/drawable-ldrtl-xxhdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0x49b8e510
res/drawable-ldrtl-xxhdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0x1d5aea2b
res/drawable-ldrtl-xxhdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0xed023aa
res/drawable-ldrtl-xxhdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0x48f4c207
res/drawable-ldrtl-xxxhdpi-v17/abc_ic_ab_back_mtrl_am_alpha.png 0xf5c17862
res/drawable-ldrtl-xxxhdpi-v17/abc_ic_menu_copy_mtrl_am_alpha.png 0x9917cc6e
res/drawable-ldrtl-xxxhdpi-v17/abc_ic_menu_cut_mtrl_alpha.png 0x175c7e0d
res/drawable-ldrtl-xxxhdpi-v17/abc_spinner_mtrl_am_alpha.9.png 0x2ff6ecc
res/drawable-mdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0xa852580c
res/drawable-mdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xd152fae1
res/drawable-mdpi-v4/abc_btn_check_to_on_mtrl_015.png 0xa32a8346
res/drawable-mdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0x9394b434
res/drawable-mdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x1bcdcb4b
res/drawable-mdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0x16f933f2
res/drawable-mdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0xcd88666a
res/drawable-mdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0xa7483509
res/drawable-mdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0xd76b7b1e
res/drawable-mdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0xb6857dd0
res/drawable-mdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0xbef16ffd
res/drawable-mdpi-v4/abc_ic_clear_mtrl_alpha.png 0x696fbaf9
res/drawable-mdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0xc890fc5c
res/drawable-mdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0xef213bb9
res/drawable-mdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0xf441f369
res/drawable-mdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x1d65dce6
res/drawable-mdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0x79c23ff8
res/drawable-mdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xaa4c4259
res/drawable-mdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0xae8da781
res/drawable-mdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0x9adee595
res/drawable-mdpi-v4/abc_ic_search_api_mtrl_alpha.png 0x99c01143
res/drawable-mdpi-v4/abc_ic_star_black_16dp.png 0x1d21eeb3
res/drawable-mdpi-v4/abc_ic_star_black_36dp.png 0x2a40c706
res/drawable-mdpi-v4/abc_ic_star_half_black_16dp.png 0x166d14dd
res/drawable-mdpi-v4/abc_ic_star_half_black_36dp.png 0x4a32950e
res/drawable-mdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x3040db64
res/drawable-mdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x72ff0f68
res/drawable-mdpi-v4/abc_list_focused_holo.9.png 0xb1ab9d03
res/drawable-mdpi-v4/abc_list_longpressed_holo.9.png 0x78c37895
res/drawable-mdpi-v4/abc_list_pressed_holo_dark.9.png 0x686b7a66
res/drawable-mdpi-v4/abc_list_pressed_holo_light.9.png 0x32efca3
res/drawable-mdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0x551f7c98
res/drawable-mdpi-v4/abc_list_selector_disabled_holo_light.9.png 0xd6426851
res/drawable-mdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0xe2078e4d
res/drawable-mdpi-v4/abc_popup_background_mtrl_mult.9.png 0x3bdea6d1
res/drawable-mdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0xf4030717
res/drawable-mdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0xefd6e141
res/drawable-mdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xb2b1b258
res/drawable-mdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0x3a0eb435
res/drawable-mdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0xd393324b
res/drawable-mdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0x5ceac6c5
res/drawable-mdpi-v4/abc_switch_track_mtrl_alpha.9.png 0xd6b37a0c
res/drawable-mdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0xb58b040f
res/drawable-mdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x4f16ccfc
res/drawable-mdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0xf8dbf6f6
res/drawable-mdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0xfb4249d4
res/drawable-mdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0x19a0052e
res/drawable-v21/abc_action_bar_item_background_material.xml 0xb794af16
res/drawable-v21/abc_btn_colored_material.xml 0x5f1c74ac
res/drawable-v21/abc_edit_text_material.xml 0x4da8510f
res/drawable-v21/abc_ratingbar_indicator_material.xml 0x5b57a222
res/drawable-v21/abc_ratingbar_small_material.xml 0xbed7f6fc
res/drawable-v23/abc_control_background_material.xml 0x5ac81140
res/drawable-xhdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0xcf127e45
res/drawable-xhdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xcfba78ba
res/drawable-xhdpi-v4/abc_btn_check_to_on_mtrl_015.png 0x726c24c9
res/drawable-xhdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xe6c8339c
res/drawable-xhdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x2c324db4
res/drawable-xhdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0x5221e639
res/drawable-xhdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0x4d98f972
res/drawable-xhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0xcd563567
res/drawable-xhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0x3e9a5317
res/drawable-xhdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0xf70ddcc0
res/drawable-xhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0xd92f8b09
res/drawable-xhdpi-v4/abc_ic_clear_mtrl_alpha.png 0xe3ade440
res/drawable-xhdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0xa633729c
res/drawable-xhdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0x93ca28c3
res/drawable-xhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x77030319
res/drawable-xhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0xae52a132
res/drawable-xhdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0x87505834
res/drawable-xhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xe5098066
res/drawable-xhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x9dd9218
res/drawable-xhdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0xbc17f4b0
res/drawable-xhdpi-v4/abc_ic_search_api_mtrl_alpha.png 0x5d3ec086
res/drawable-xhdpi-v4/abc_ic_star_black_16dp.png 0x7da76864
res/drawable-xhdpi-v4/abc_ic_star_black_36dp.png 0xa1fb74a1
res/drawable-xhdpi-v4/abc_ic_star_half_black_16dp.png 0xf86c6c7a
res/drawable-xhdpi-v4/abc_ic_star_half_black_36dp.png 0x6b73b52b
res/drawable-xhdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x86fc4299
res/drawable-xhdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x72ff0f68
res/drawable-xhdpi-v4/abc_list_focused_holo.9.png 0xbde23956
res/drawable-xhdpi-v4/abc_list_longpressed_holo.9.png 0x84a788a6
res/drawable-xhdpi-v4/abc_list_pressed_holo_dark.9.png 0x98f7c81a
res/drawable-xhdpi-v4/abc_list_pressed_holo_light.9.png 0x5314692b
res/drawable-xhdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0x41748705
res/drawable-xhdpi-v4/abc_list_selector_disabled_holo_light.9.png 0x1c2ff2be
res/drawable-xhdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0x63ee6937
res/drawable-xhdpi-v4/abc_popup_background_mtrl_mult.9.png 0x79067b02
res/drawable-xhdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0x6cd6529b
res/drawable-xhdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0x3d7b9fee
res/drawable-xhdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xbeb523af
res/drawable-xhdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0xbf40ca92
res/drawable-xhdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0x1a186496
res/drawable-xhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0xfbc5d182
res/drawable-xhdpi-v4/abc_switch_track_mtrl_alpha.9.png 0x4ebe0617
res/drawable-xhdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0x361544c6
res/drawable-xhdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x4853c2d6
res/drawable-xhdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0x7a6dbe65
res/drawable-xhdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0xeaa0434b
res/drawable-xhdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0x4cfa2def
res/drawable-xhdpi-v4/aboutbg.png 0x5f970f9a
res/drawable-xhdpi-v4/android_barrage_normal.png 0x6c01b374
res/drawable-xhdpi-v4/android_barrage_normal_hover.png 0x80e80324
res/drawable-xhdpi-v4/bamboom.png 0x4f6a3962
res/drawable-xhdpi-v4/bg_btn_n.9.png 0xdd25517c
res/drawable-xhdpi-v4/bg_btn_p.9.png 0xc8011e2f
res/drawable-xhdpi-v4/btn_already_follow.xml 0x19cab3a5
res/drawable-xhdpi-v4/btn_already_follow_hover.9.png 0xe67b948d
res/drawable-xhdpi-v4/btn_already_follow_normal.9.png 0xae1aad35
res/drawable-xhdpi-v4/chat_chao_icon.png 0x169c1d0
res/drawable-xhdpi-v4/chat_fang_icon.png 0x4e8ab8a8
res/drawable-xhdpi-v4/chat_master_icon.png 0x31c292b7
res/drawable-xhdpi-v4/chat_zhu_icon.png 0x45688c01
res/drawable-xhdpi-v4/fragment_title_bg.9.png 0x9d700721
res/drawable-xhdpi-v4/gift_rank_baiyin01.png 0x78090fd9
res/drawable-xhdpi-v4/gift_rank_baiyin02.png 0x77fbbb5a
res/drawable-xhdpi-v4/gift_rank_baiyin03.png 0xd2be95de
res/drawable-xhdpi-v4/gift_rank_baiyin04.png 0xc4e04879
res/drawable-xhdpi-v4/gift_rank_baiyin05.png 0x6bf9f63c
res/drawable-xhdpi-v4/gift_rank_bojin01.png 0x1053cc48
res/drawable-xhdpi-v4/gift_rank_bojin02.png 0xc1a21291
res/drawable-xhdpi-v4/gift_rank_bojin03.png 0xd933deba
res/drawable-xhdpi-v4/gift_rank_bojin04.png 0xe5b86824
res/drawable-xhdpi-v4/gift_rank_bojin05.png 0xcd57b38e
res/drawable-xhdpi-v4/gift_rank_huangjin01.png 0xb63559d0
res/drawable-xhdpi-v4/gift_rank_huangjin02.png 0x92863766
res/drawable-xhdpi-v4/gift_rank_huangjin03.png 0xd1c3633a
res/drawable-xhdpi-v4/gift_rank_huangjin04.png 0xa5d83907
res/drawable-xhdpi-v4/gift_rank_huangjin05.png 0xc6abe43e
res/drawable-xhdpi-v4/gift_rank_qingtong01.png 0x959e494a
res/drawable-xhdpi-v4/gift_rank_qingtong02.png 0x20f429eb
res/drawable-xhdpi-v4/gift_rank_qingtong03.png 0x8493f3eb
res/drawable-xhdpi-v4/gift_rank_qingtong04.png 0x56323221
res/drawable-xhdpi-v4/gift_rank_qingtong05.png 0x3c577b3f
res/drawable-xhdpi-v4/gift_rank_wangzhe01.png 0xbb3e2ded
res/drawable-xhdpi-v4/gift_rank_wangzhe02.png 0xeca05cea
res/drawable-xhdpi-v4/gift_rank_wangzhe03.png 0x5cdecbf7
res/drawable-xhdpi-v4/gift_rank_wangzhe04.png 0x5543b33a
res/drawable-xhdpi-v4/gift_rank_wangzhe05.png 0xf120e1a9
res/drawable-xhdpi-v4/gift_rank_zhizun01.png 0x43a33097
res/drawable-xhdpi-v4/gift_rank_zhizun02.png 0x1efc0729
res/drawable-xhdpi-v4/gift_rank_zhizun03.png 0x204ea2e
res/drawable-xhdpi-v4/gift_rank_zhizun04.png 0x17b36c7c
res/drawable-xhdpi-v4/gift_rank_zhizun05.png 0x1ca6deb3
res/drawable-xhdpi-v4/gift_rank_zongshi01.png 0x81d3880b
res/drawable-xhdpi-v4/gift_rank_zongshi02.png 0x4b5b504e
res/drawable-xhdpi-v4/gift_rank_zongshi03.png 0x7c81ca95
res/drawable-xhdpi-v4/gift_rank_zongshi04.png 0x41854ffd
res/drawable-xhdpi-v4/gift_rank_zongshi05.png 0x71e392b
res/drawable-xhdpi-v4/gift_rank_zuanshi01.png 0xb1f165e4
res/drawable-xhdpi-v4/gift_rank_zuanshi02.png 0x13678e74
res/drawable-xhdpi-v4/gift_rank_zuanshi03.png 0xe4ae61f2
res/drawable-xhdpi-v4/gift_rank_zuanshi04.png 0xdb252c60
res/drawable-xhdpi-v4/gift_rank_zuanshi05.png 0x22d4aa58
res/drawable-xhdpi-v4/head_img_normal.png 0x8e49e998
res/drawable-xhdpi-v4/head_img_press.png 0x7d2658d9
res/drawable-xhdpi-v4/ico_return_hover.png 0xb0c59dc5
res/drawable-xhdpi-v4/ico_return_normal.png 0xbe4bae3d
res/drawable-xhdpi-v4/liveroom_icon_user.png 0x5aa50c29
res/drawable-xhdpi-v4/my_arrows_hover.png 0xb654aa65
res/drawable-xhdpi-v4/my_arrows_normal.png 0x5cfd774d
res/drawable-xhdpi-v4/nodata_img_panda.png 0xb7ef9ee
res/drawable-xhdpi-v4/nodata_img_text.png 0x38eea1ba
res/drawable-xhdpi-v4/panda1.png 0x50246d95
res/drawable-xhdpi-v4/panda2.png 0x384183f8
res/drawable-xhdpi-v4/right_return_hover.png 0x4ddd3ac8
res/drawable-xhdpi-v4/right_return_normal.png 0xcfbf1767
res/drawable-xhdpi-v4/share_icon.png 0x80761cb1
res/drawable-xhdpi-v4/start.png 0x371abe33
res/drawable-xhdpi-v4/stop.png 0x766271cd
res/drawable-xhdpi-v4/umeng_fb_audio_dialog_cancel.png 0x8091cf95
res/drawable-xhdpi-v4/umeng_fb_audio_dialog_content.png 0xc499a316
res/drawable-xhdpi-v4/umeng_fb_audio_play_01.png 0x420e78f2
res/drawable-xhdpi-v4/umeng_fb_audio_play_02.png 0x2361a357
res/drawable-xhdpi-v4/umeng_fb_audio_play_03.png 0x6b3bc1ba
res/drawable-xhdpi-v4/umeng_fb_audio_play_bg.9.png 0x38918ad8
res/drawable-xhdpi-v4/umeng_fb_keyboard.png 0xa8b11bf9
res/drawable-xhdpi-v4/umeng_fb_plus.png 0x6b14efca
res/drawable-xhdpi-v4/umeng_fb_record.png 0x415f67f5
res/drawable-xhdpi-v4/version.9.png 0x64196461
res/drawable-xhdpi-v4/vertical_drop02_bg.9.png 0x62ec6459
res/drawable-xhdpi-v4/yk_click_retry.png 0xc2e32218
res/drawable-xhdpi-v4/yk_load1.png 0x8dd4d8c
res/drawable-xhdpi-v4/yk_load10.png 0x5c6a59fb
res/drawable-xhdpi-v4/yk_load11.png 0x61b5cbb8
res/drawable-xhdpi-v4/yk_load12.png 0xb38cef8
res/drawable-xhdpi-v4/yk_load13.png 0x598d2283
res/drawable-xhdpi-v4/yk_load2.png 0x59b8d3af
res/drawable-xhdpi-v4/yk_load3.png 0x32ddd9c6
res/drawable-xhdpi-v4/yk_load4.png 0x7df86e39
res/drawable-xhdpi-v4/yk_load5.png 0xe45db74
res/drawable-xhdpi-v4/yk_load6.png 0x1e16421e
res/drawable-xhdpi-v4/yk_load7.png 0xd0734cd
res/drawable-xhdpi-v4/yk_load8.png 0x1dc2ab9e
res/drawable-xhdpi-v4/yk_load9.png 0x330f1009
res/drawable-xhdpi-v4/yk_load_error_text.png 0x16257250
res/drawable-xhdpi-v4/yk_loading_text.png 0xc57f1991
res/drawable-xxhdpi-v4/abc_ab_share_pack_mtrl_alpha.9.png 0x7758fe71
res/drawable-xxhdpi-v4/abc_btn_check_to_on_mtrl_000.png 0xa8af72f3
res/drawable-xxhdpi-v4/abc_btn_check_to_on_mtrl_015.png 0x47977e9
res/drawable-xxhdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xcfc747f2
res/drawable-xxhdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0xdbaceef4
res/drawable-xxhdpi-v4/abc_btn_rating_star_off_mtrl_alpha.png 0xb4580cf
res/drawable-xxhdpi-v4/abc_btn_rating_star_on_mtrl_alpha.png 0xbf3a37c9
res/drawable-xxhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0xe3ff53b2
res/drawable-xxhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0x7f666710
res/drawable-xxhdpi-v4/abc_cab_background_top_mtrl_alpha.9.png 0x7cd87445
res/drawable-xxhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0x99fcf98c
res/drawable-xxhdpi-v4/abc_ic_clear_mtrl_alpha.png 0xf7eea1df
res/drawable-xxhdpi-v4/abc_ic_commit_search_api_mtrl_alpha.png 0x75e2a0e0
res/drawable-xxhdpi-v4/abc_ic_go_search_api_mtrl_alpha.png 0x978987bf
res/drawable-xxhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x49d49756
res/drawable-xxhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0x185907e3
res/drawable-xxhdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0xadb065b2
res/drawable-xxhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xde8d92d0
res/drawable-xxhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x6a35729
res/drawable-xxhdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0x49556dc6
res/drawable-xxhdpi-v4/abc_ic_search_api_mtrl_alpha.png 0x79e1cda0
res/drawable-xxhdpi-v4/abc_ic_star_black_16dp.png 0x15d856d
res/drawable-xxhdpi-v4/abc_ic_star_black_36dp.png 0x3e52d827
res/drawable-xxhdpi-v4/abc_ic_star_half_black_16dp.png 0xcd5c10f5
res/drawable-xxhdpi-v4/abc_ic_star_half_black_36dp.png 0x65d095bf
res/drawable-xxhdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0xfedf00ca
res/drawable-xxhdpi-v4/abc_list_divider_mtrl_alpha.9.png 0x2d5a2100
res/drawable-xxhdpi-v4/abc_list_focused_holo.9.png 0x19c09c27
res/drawable-xxhdpi-v4/abc_list_longpressed_holo.9.png 0x236b6e98
res/drawable-xxhdpi-v4/abc_list_pressed_holo_dark.9.png 0x823780d0
res/drawable-xxhdpi-v4/abc_list_pressed_holo_light.9.png 0x813ae23c
res/drawable-xxhdpi-v4/abc_list_selector_disabled_holo_dark.9.png 0xdddaae2e
res/drawable-xxhdpi-v4/abc_list_selector_disabled_holo_light.9.png 0x1ff1856f
res/drawable-xxhdpi-v4/abc_menu_hardkey_panel_mtrl_mult.9.png 0xe97125d2
res/drawable-xxhdpi-v4/abc_popup_background_mtrl_mult.9.png 0x478db1d1
res/drawable-xxhdpi-v4/abc_scrubber_control_off_mtrl_alpha.png 0xc57037f7
res/drawable-xxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0x35329a
res/drawable-xxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0x9aaa658d
res/drawable-xxhdpi-v4/abc_scrubber_primary_mtrl_alpha.9.png 0x5902ed5c
res/drawable-xxhdpi-v4/abc_scrubber_track_mtrl_alpha.9.png 0xa028728e
res/drawable-xxhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0xbba9274f
res/drawable-xxhdpi-v4/abc_switch_track_mtrl_alpha.9.png 0xf785991a
res/drawable-xxhdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0xd6692ce7
res/drawable-xxhdpi-v4/abc_textfield_activated_mtrl_alpha.9.png 0x2fa093c4
res/drawable-xxhdpi-v4/abc_textfield_default_mtrl_alpha.9.png 0x4d07b4a9
res/drawable-xxhdpi-v4/abc_textfield_search_activated_mtrl_alpha.9.png 0x77c42d34
res/drawable-xxhdpi-v4/abc_textfield_search_default_mtrl_alpha.9.png 0x9e0d73d
res/drawable-xxhdpi-v4/anchor.9.png 0x7204363d
res/drawable-xxhdpi-v4/anchor_press.9.png 0xa3336c42
res/drawable-xxhdpi-v4/beautyface.png 0xfd588ba5
res/drawable-xxhdpi-v4/beautyface_press.png 0x54dc9dd5
res/drawable-xxhdpi-v4/btn_login_hover.9.png 0x66de62e6
res/drawable-xxhdpi-v4/btn_login_normal.9.png 0xdee998b
res/drawable-xxhdpi-v4/btn_recordscreen.9.png 0xca168cfc
res/drawable-xxhdpi-v4/btn_recordscreen_hover.9.png 0xffe84d5d
res/drawable-xxhdpi-v4/button_cancel_normal.9.png 0x293bf4a5
res/drawable-xxhdpi-v4/button_cancel_press.9.png 0xeb4bb97f
res/drawable-xxhdpi-v4/button_close_danmu.png 0x364f2946
res/drawable-xxhdpi-v4/button_close_flash.png 0x8fa9ba4b
res/drawable-xxhdpi-v4/button_close_hover.png 0x1dbfc2f4
res/drawable-xxhdpi-v4/button_close_normal.png 0xcf304fd5
res/drawable-xxhdpi-v4/button_open_danmu.png 0x90e62d8a
res/drawable-xxhdpi-v4/button_open_flash.png 0x5e46782d
res/drawable-xxhdpi-v4/button_switch_camera_hover.png 0xdbb5ac28
res/drawable-xxhdpi-v4/button_switch_camera_normal.png 0x15e40ed
res/drawable-xxhdpi-v4/chat_gift_bg.9.png 0xdef07261
res/drawable-xxhdpi-v4/checkbox_button.png 0x923ccf1
res/drawable-xxhdpi-v4/checkbox_button_hover.png 0x456ed536
res/drawable-xxhdpi-v4/close_dailog_back.png 0xd52a98d1
res/drawable-xxhdpi-v4/edit_normal.png 0xb5060738
res/drawable-xxhdpi-v4/edit_press.png 0xb85878d2
res/drawable-xxhdpi-v4/floatimg.png 0xd0e96d05
res/drawable-xxhdpi-v4/floatpanelbg1.png 0xf6a88b90
res/drawable-xxhdpi-v4/floatpanelbg2.png 0x6a363a0f
res/drawable-xxhdpi-v4/gift_normal.png 0x6f7e3bc1
res/drawable-xxhdpi-v4/gift_pressed.png 0xa978204
res/drawable-xxhdpi-v4/gift_rank_01.png 0xc0a40fc2
res/drawable-xxhdpi-v4/gift_rank_02.png 0x5e7e7bb1
res/drawable-xxhdpi-v4/gift_rank_03.png 0xe52232fe
res/drawable-xxhdpi-v4/gift_rank_04.png 0x107db21
res/drawable-xxhdpi-v4/gift_rank_05.png 0x8d52c52b
res/drawable-xxhdpi-v4/gift_rank_06.png 0xa5575bff
res/drawable-xxhdpi-v4/gift_rank_07.png 0xadf4b79f
res/drawable-xxhdpi-v4/gift_rank_08.png 0x8984b1e5
res/drawable-xxhdpi-v4/gift_rank_09.png 0x48a8f7ef
res/drawable-xxhdpi-v4/gift_rank_10.png 0xd982acf4
res/drawable-xxhdpi-v4/gift_rank_default.png 0x38d519a8
res/drawable-xxhdpi-v4/guanlimingdan_button_quxiao_normal.9.png 0xc187650b
res/drawable-xxhdpi-v4/guanlimingdan_button_quxiao_press.9.png 0x22e749a3
res/drawable-xxhdpi-v4/head_circle.png 0x3164c04c
res/drawable-xxhdpi-v4/home_banner.png 0x943b432c
res/drawable-xxhdpi-v4/homebar.png 0x8c7e0832
res/drawable-xxhdpi-v4/ic_launcher.png 0xdf155b29
res/drawable-xxhdpi-v4/img_fantuan.png 0x2f1f90f9
res/drawable-xxhdpi-v4/img_fotiaoqiang.png 0x4182c323
res/drawable-xxhdpi-v4/img_kaoyu.png 0xbf122229
res/drawable-xxhdpi-v4/img_xia.png 0xdb4af6dc
res/drawable-xxhdpi-v4/img_zuzi.png 0x8dd51dbc
res/drawable-xxhdpi-v4/login_activity_background.png 0xf86652b5
res/drawable-xxhdpi-v4/msgbk.9.png 0x3ad79399
res/drawable-xxhdpi-v4/netdata.png 0x24ab2a79
res/drawable-xxhdpi-v4/netdata2.png 0x45384fde
res/drawable-xxhdpi-v4/person.png 0x18107141
res/drawable-xxhdpi-v4/person_num_back.9.png 0xce552c27
res/drawable-xxhdpi-v4/qq.png 0x110d0ded
res/drawable-xxhdpi-v4/qqzone.png 0xa0ce764a
res/drawable-xxhdpi-v4/rank_list_all_normal.png 0x212ed5df
res/drawable-xxhdpi-v4/rank_list_all_pressed.png 0x72c198ff
res/drawable-xxhdpi-v4/rank_list_seven_pressed.png 0x215df7e
res/drawable-xxhdpi-v4/ranking_list_seven_normal.png 0xf89d0f04
res/drawable-xxhdpi-v4/record_pause.png 0xe2978461
res/drawable-xxhdpi-v4/record_pause_hover.png 0x310b87b
res/drawable-xxhdpi-v4/record_start.png 0x12b5e414
res/drawable-xxhdpi-v4/record_stop.png 0x8f35614b
res/drawable-xxhdpi-v4/record_stop_hover.png 0x2554948a
res/drawable-xxhdpi-v4/roommanager_guide_horizontal.png 0xecf3a12f
res/drawable-xxhdpi-v4/roommanager_guide_vertical.png 0xf72e634f
res/drawable-xxhdpi-v4/seekbar_bg.png 0xf2bd35ab
res/drawable-xxhdpi-v4/seekbar_bg2.png 0xd4b893d9
res/drawable-xxhdpi-v4/seekbar_btn.png 0x4cd562d7
res/drawable-xxhdpi-v4/seekbar_btn_press.png 0xda8cf885
res/drawable-xxhdpi-v4/send_bamboom_msgbk.9.png 0x92a068a3
res/drawable-xxhdpi-v4/setting.png 0xbd34a3de
res/drawable-xxhdpi-v4/setting_press.png 0x7f2747e4
res/drawable-xxhdpi-v4/share.png 0xfe9150de
res/drawable-xxhdpi-v4/share_press.png 0xa54583a2
res/drawable-xxhdpi-v4/shouye_icon_jiangbei.png 0x26dacb47
res/drawable-xxhdpi-v4/shouye_liwupaihang_bg.png 0x9639bfd5
res/drawable-xxhdpi-v4/sina.png 0xd9e48010
res/drawable-xxhdpi-v4/spinner_back_normal.9.png 0x7c38d3af
res/drawable-xxhdpi-v4/spinner_back_press.9.png 0xaa721703
res/drawable-xxhdpi-v4/spinner_popup_back.9.png 0x716cb187
res/drawable-xxhdpi-v4/startlive_button_hover.9.png 0xa7f4ca34
res/drawable-xxhdpi-v4/startlive_button_normal.9.png 0x43e33360
res/drawable-xxhdpi-v4/tanmu_normal.png 0xd3a3453a
res/drawable-xxhdpi-v4/tanmu_pressed.png 0x70ef22cc
res/drawable-xxhdpi-v4/vertical_sign_logo.png 0x72c6bbc2
res/drawable-xxhdpi-v4/weixin.png 0xde0cd892
res/drawable-xxhdpi-v4/weixinfriend.png 0x794acbe5
res/drawable-xxxhdpi-v4/abc_btn_check_to_on_mtrl_000.png 0x23bc6175
res/drawable-xxxhdpi-v4/abc_btn_check_to_on_mtrl_015.png 0x2ea066c3
res/drawable-xxxhdpi-v4/abc_btn_radio_to_on_mtrl_000.png 0xed039207
res/drawable-xxxhdpi-v4/abc_btn_radio_to_on_mtrl_015.png 0x590aeae3
res/drawable-xxxhdpi-v4/abc_btn_switch_to_on_mtrl_00001.9.png 0x4f6e087d
res/drawable-xxxhdpi-v4/abc_btn_switch_to_on_mtrl_00012.9.png 0xa817850a
res/drawable-xxxhdpi-v4/abc_ic_ab_back_mtrl_am_alpha.png 0x23f1af9d
res/drawable-xxxhdpi-v4/abc_ic_clear_mtrl_alpha.png 0x84d065fb
res/drawable-xxxhdpi-v4/abc_ic_menu_copy_mtrl_am_alpha.png 0x39d6d931
res/drawable-xxxhdpi-v4/abc_ic_menu_cut_mtrl_alpha.png 0xc9f78467
res/drawable-xxxhdpi-v4/abc_ic_menu_moreoverflow_mtrl_alpha.png 0xb7cc364f
res/drawable-xxxhdpi-v4/abc_ic_menu_paste_mtrl_am_alpha.png 0xa9f4da32
res/drawable-xxxhdpi-v4/abc_ic_menu_selectall_mtrl_alpha.png 0x8151ea77
res/drawable-xxxhdpi-v4/abc_ic_menu_share_mtrl_alpha.png 0x2fc5a011
res/drawable-xxxhdpi-v4/abc_ic_search_api_mtrl_alpha.png 0xf5710ade
res/drawable-xxxhdpi-v4/abc_ic_star_black_16dp.png 0x8f0aa8f4
res/drawable-xxxhdpi-v4/abc_ic_star_black_36dp.png 0xe3e4a114
res/drawable-xxxhdpi-v4/abc_ic_star_half_black_16dp.png 0x83fb9cd5
res/drawable-xxxhdpi-v4/abc_ic_star_half_black_36dp.png 0x957a7d58
res/drawable-xxxhdpi-v4/abc_ic_voice_search_api_mtrl_alpha.png 0x1022e769
res/drawable-xxxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_000.png 0xdbb5b067
res/drawable-xxxhdpi-v4/abc_scrubber_control_to_pressed_mtrl_005.png 0xd1165fc
res/drawable-xxxhdpi-v4/abc_spinner_mtrl_am_alpha.9.png 0x3bd11453
res/drawable-xxxhdpi-v4/abc_switch_track_mtrl_alpha.9.png 0x1a7d6c07
res/drawable-xxxhdpi-v4/abc_tab_indicator_mtrl_alpha.9.png 0x74529d2e
res/drawable/abc_btn_borderless_material.xml 0xf341af1c
res/drawable/abc_btn_check_material.xml 0xe2f70d0a
res/drawable/abc_btn_colored_material.xml 0x1522b03
res/drawable/abc_btn_default_mtrl_shape.xml 0xb90f20cd
res/drawable/abc_btn_radio_material.xml 0x2960f785
res/drawable/abc_cab_background_internal_bg.xml 0x9c5b1555
res/drawable/abc_cab_background_top_material.xml 0x789cac73
res/drawable/abc_dialog_material_background_dark.xml 0x9ee635fb
res/drawable/abc_dialog_material_background_light.xml 0xeb79f366
res/drawable/abc_edit_text_material.xml 0xeb49d736
res/drawable/abc_item_background_holo_dark.xml 0xd1b21c63
res/drawable/abc_item_background_holo_light.xml 0x5c0f0b25
res/drawable/abc_list_selector_background_transition_holo_dark.xml 0xad127204
res/drawable/abc_list_selector_background_transition_holo_light.xml 0xff8319d8
res/drawable/abc_list_selector_holo_dark.xml 0xd3230273
res/drawable/abc_list_selector_holo_light.xml 0x4ca62f47
res/drawable/abc_ratingbar_full_material.xml 0xf00f836e
res/drawable/abc_ratingbar_indicator_material.xml 0xdbcfdb9a
res/drawable/abc_ratingbar_small_material.xml 0xecbbc468
res/drawable/abc_seekbar_thumb_material.xml 0xf5569f09
res/drawable/abc_seekbar_track_material.xml 0xd86c6936
res/drawable/abc_spinner_textfield_background_material.xml 0xb2629d03
res/drawable/abc_switch_thumb_material.xml 0x88e00ae
res/drawable/abc_tab_indicator_material.xml 0x20683102
res/drawable/abc_text_cursor_material.xml 0x9fd1fc63
res/drawable/abc_textfield_search_material.xml 0x82e87b85
res/drawable/anim_yk_loading.xml 0x3a16ca60
res/drawable/bg_bar.xml 0x9138c9a
res/drawable/btn_anchor.xml 0x463b3882
res/drawable/btn_editroomname.xml 0xd94ad625
res/drawable/btn_guanli_item.xml 0xf899e53c
res/drawable/btn_pwd.xml 0xdeb01ca
res/drawable/button_beautyface.xml 0xc1eac627
res/drawable/button_setting.xml 0x4e0b95cb
res/drawable/cancel_button_back.xml 0xa82b144d
res/drawable/close_button_back.xml 0x54d2cc51
res/drawable/default_head_img.xml 0x1c3dd5c3
res/drawable/float_btn_danmu.xml 0xb0b89934
res/drawable/float_btn_gift.xml 0x8b71408f
res/drawable/float_btn_pauserecord.xml 0x35e2bcf7
res/drawable/float_btn_recordscreen.xml 0xaa10c18c
res/drawable/float_btn_startrecord.xml 0xf976d73
res/drawable/float_btn_stoprecord.xml 0x1e089aab
res/drawable/gift_background_bottom_corner.xml 0xcd76d0d8
res/drawable/gift_background_corner.xml 0xdc91a354
res/drawable/live_button_background.xml 0x71b46844
res/drawable/live_mode_left_background.xml 0xe0af953
res/drawable/live_mode_right_background.xml 0x5401e6ff
res/drawable/login_button_back.xml 0xdc94e593
res/drawable/login_title_button_back.xml 0x89a34be
res/drawable/message_back_ground.xml 0xb0c2df2f
res/drawable/message_bamboom_back_ground.xml 0x9bcc2ee2
res/drawable/my_arrow.xml 0x7c9af9b1
res/drawable/person_number_background.xml 0x2339405
res/drawable/rectshapebg.xml 0x315a22a6
res/drawable/right_back_button_selector.xml 0xf9f69734
res/drawable/selector_my_account_bg.xml 0xc869dd42
res/drawable/selector_spinner_back.xml 0x87ac383b
res/drawable/sl_btn_common.xml 0x35319ce6
res/drawable/splash_background.xml 0x28d087cc
res/drawable/startlive_button_back.xml 0xd438e97c
res/drawable/switchcamera_button_back.xml 0xc4b37b01
res/drawable/thumb_bar.xml 0xa537d1be
res/drawable/umeng_common_gradient_green.xml 0x962bb903
res/drawable/umeng_common_gradient_orange.xml 0xd5106ae2
res/drawable/umeng_common_gradient_red.xml 0x133ade08
res/drawable/umeng_fb_action_replay.png 0xaa74362b
res/drawable/umeng_fb_arrow_right.png 0xd0df691e
res/drawable/umeng_fb_help_tab_bg.xml 0xf12dc314
res/drawable/umeng_fb_round_white_bg.xml 0x25a5a0e0
res/drawable/umeng_update_button_cancel_bg_focused.xml 0xe15186e2
res/drawable/umeng_update_button_cancel_bg_normal.xml 0x7f247f01
res/drawable/umeng_update_button_cancel_bg_selector.xml 0xa4fa54cb
res/drawable/umeng_update_button_cancel_bg_tap.xml 0x8b9edc3
res/drawable/umeng_update_button_check_selector.xml 0x8ebb3344
res/drawable/umeng_update_button_close_bg_selector.xml 0x6e46fb4b
res/drawable/umeng_update_button_ok_bg_focused.xml 0xca9ec970
res/drawable/umeng_update_button_ok_bg_normal.xml 0xafd26ea2
res/drawable/umeng_update_button_ok_bg_selector.xml 0x305c1ec9
res/drawable/umeng_update_button_ok_bg_tap.xml 0x2b2a0e55
res/drawable/umeng_update_dialog_bg.xml 0x565551a3
res/drawable/umeng_update_title_bg.xml 0x9173f89e
res/drawable/umeng_update_wifi_disable.png 0xe635e071
res/layout-v21/abc_screen_toolbar.xml 0x161bab3
res/layout-v9/umeng_common_download_notification.xml 0xc07c3037
res/layout/abc_action_bar_title_item.xml 0x267539f5
res/layout/abc_action_menu_item_layout.xml 0x6727d5be
res/layout/abc_action_menu_layout.xml 0x24dafde2
res/layout/abc_action_mode_bar.xml 0x5567cb3d
res/layout/abc_action_mode_close_item_material.xml 0xb7c7c3fc
res/layout/abc_activity_chooser_view.xml 0x12998da8
res/layout/abc_activity_chooser_view_list_item.xml 0x502e9800
res/layout/abc_alert_dialog_button_bar_material.xml 0x8aa1e9f2
res/layout/abc_alert_dialog_material.xml 0xe61204de
res/layout/abc_dialog_title_material.xml 0x6d720ba0
res/layout/abc_expanded_menu_layout.xml 0x9689d878
res/layout/abc_list_menu_item_checkbox.xml 0xf2f97a3b
res/layout/abc_list_menu_item_icon.xml 0xfee8f778
res/layout/abc_list_menu_item_layout.xml 0xb35d3bc7
res/layout/abc_list_menu_item_radio.xml 0x912b5650
res/layout/abc_popup_menu_item_layout.xml 0x6e4fc5ed
res/layout/abc_screen_content_include.xml 0xe005f52e
res/layout/abc_screen_simple.xml 0x3056e321
res/layout/abc_screen_simple_overlay_action_mode.xml 0xa205be6d
res/layout/abc_screen_toolbar.xml 0x81b4dc8b
res/layout/abc_search_dropdown_item_icons_2line.xml 0x9d9e9587
res/layout/abc_search_view.xml 0x9c99d24a
res/layout/abc_select_dialog_material.xml 0x3e681334
res/layout/activity_about.xml 0xde0a5fb8
res/layout/activity_base_record_screen.xml 0x4e018575
res/layout/activity_camera.xml 0xe6b9d946
res/layout/activity_home.xml 0x7dec2ace
res/layout/activity_login.xml 0x23e0904e
res/layout/activity_main.xml 0x4aa25aa
res/layout/activity_manager.xml 0x5e99cc3c
res/layout/activity_mobile_get_account.xml 0x9623fb6b
res/layout/activity_mobile_web_register.xml 0x5226ff86
res/layout/activity_record_screen.xml 0x10d597c0
res/layout/activity_screen_record.xml 0x4d75810f
res/layout/activity_setting.xml 0x70ca7bec
res/layout/activity_title.xml 0xde678f1
res/layout/activity_web_detail.xml 0xbf6d504b
res/layout/activity_web_login.xml 0x21ec6ec5
res/layout/dan_mu_message_item.xml 0x5da1bdf2
res/layout/dialog_authentication.xml 0x25c1b82d
res/layout/dialog_close.xml 0xfe01143a
res/layout/dialog_setroommanager.xml 0x17547714
res/layout/focus_indicator.xml 0x1c5de621
res/layout/fragment_gift_rank.xml 0x654d77f6
res/layout/fragment_gift_rank_full_screen_layout.xml 0x7589f423
res/layout/fragment_gift_rank_horizontal.xml 0xfc77c167
res/layout/fragment_rank_list.xml 0x334ffec7
res/layout/gift_list_board_activity_layout.xml 0x4b9b3c9e
res/layout/layout_empty.xml 0x4006676b
res/layout/layout_loading.xml 0xd188138a
res/layout/layout_webview.xml 0xe7485041
res/layout/layout_yk_load_error.xml 0x2e12e62b
res/layout/layout_yk_loading_internal.xml 0xf5fbefe4
res/layout/notification_media_action.xml 0x951a39b7
res/layout/notification_media_cancel_action.xml 0x8782a9ae
res/layout/notification_template_big_media.xml 0xa9b20add
res/layout/notification_template_big_media_narrow.xml 0x61d191a2
res/layout/notification_template_lines.xml 0xec8e2110
res/layout/notification_template_media.xml 0xd07f92a4
res/layout/notification_template_part_chronometer.xml 0xfd7151d6
res/layout/notification_template_part_time.xml 0xf486f4f9
res/layout/row_gift_rank.xml 0x29ecae07
res/layout/row_gift_rank_full_screen.xml 0x2ccbba0
res/layout/select_dialog_item_material.xml 0xaa763be1
res/layout/select_dialog_multichoice_material.xml 0xe813fe73
res/layout/select_dialog_singlechoice_material.xml 0x5f921510
res/layout/setting_spinner_dropdown_item.xml 0xf289134d
res/layout/setting_spinner_item.xml 0x7f4c403a
res/layout/support_simple_spinner_dropdown_item.xml 0x65acb3f3
res/layout/umeng_common_download_notification.xml 0x192ef518
res/layout/umeng_fb_activity_conversation.xml 0x1bb92c93
res/layout/umeng_fb_activity_help.xml 0x5a499cde
res/layout/umeng_fb_audio_dialog.xml 0x6231dd37
res/layout/umeng_fb_contact.xml 0xe97c3d02
res/layout/umeng_fb_contact_spinner.xml 0x2e08ab8e
res/layout/umeng_fb_fragment.xml 0x3a11b2a8
res/layout/umeng_fb_fragment_question.xml 0x16d713d0
res/layout/umeng_fb_image_dialog.xml 0x84ef3e34
res/layout/umeng_fb_input_contact.xml 0x5a2d0de4
res/layout/umeng_fb_input_conversation.xml 0xd9391b40
res/layout/umeng_fb_input_conversation_audio.xml 0x779aff67
res/layout/umeng_fb_reply_item_audio.xml 0x8aae2ede
res/layout/umeng_fb_reply_item_image.xml 0x5facd45a
res/layout/umeng_fb_reply_item_text.xml 0xa249430
res/layout/umeng_fb_welcome_item.xml 0x52ab41ad
res/layout/umeng_update_dialog.xml 0xfb2f479c
res/layout/umeng_user_defined_activity.xml 0xb1e401f9
res/layout/umeng_user_defined_update_actitity.xml 0x7bd17ce6
res/layout/view_camera_horizontal.xml 0xa99d9787
res/layout/view_camera_vertical.xml 0xde5a6bdf
res/layout/view_chat_float.xml 0xc3ff6604
res/layout/view_filter_setting_horizontal.xml 0xe05b9189
res/layout/view_filter_setting_vertical.xml 0x76398484
res/layout/view_float.xml 0xab759a87
res/layout/view_floatpanel.xml 0xa36985e5
res/layout/view_gift_float.xml 0x55615fe8
res/layout/view_gift_float_item.xml 0x569a579f
res/layout/view_manager_item.xml 0x293c074b
res/layout/view_pili_beauty_camera_horizontal.xml 0xfb661cdd
res/layout/view_pili_beauty_camera_vertical.xml 0xd72688a6
res/layout/view_pili_camera_horizontal.xml 0x1a241a1e
res/layout/view_pili_camera_vertical.xml 0x403c2aa3
res/layout/view_setting.xml 0xf79b3e1e
res/layout/view_share_horizontal.xml 0x24dc3d2c
res/layout/view_share_vertical.xml 0x8a32fe01
resources.arsc 0xc335b56b
classes.dex 0x20e5368d
com/sina/weibo/sdk/net/cacert.cer 0xb5855b6d
assets/drawable/weibosdk_dialog_bg.9.png 0xdfdb02b
assets/drawable-hdpi/ic_com_sina_weibo_sdk_close.png 0xbe9fc2e4
assets/drawable-ldpi/ic_com_sina_weibo_sdk_close.png 0xfb4127df
assets/drawable-mdpi/ic_com_sina_weibo_sdk_close.png 0x55b26ac
assets/drawable-xhdpi/ic_com_sina_weibo_sdk_close.png 0xfd14d699
assets/drawable-xxhdpi/ic_com_sina_weibo_sdk_close.png 0x65f5bfc5
assets/com.tencent.open.config.json 0xb3d4a81a
assets/libwbsafeedit 0xb05a63a9
lib/arm64-v8a/libNodeMediaClient.so 0xfe2c121
lib/arm64-v8a/libpldroid_mmprocessing.so 0x87e228bf
lib/arm64-v8a/libpldroid_streaming_aac_encoder.so 0xd6bff7a6
lib/arm64-v8a/libpldroid_streaming_core.so 0x1e54085b
lib/arm64-v8a/libpldroid_streaming_h264_encoder.so 0x7a6b17c5
lib/armeabi-v7a/libNodeMediaClient.so 0xa9ad5f15
lib/armeabi-v7a/libpldroid_mmprocessing.so 0x16f0c5fa
lib/armeabi-v7a/libpldroid_streaming_aac_encoder.so 0x1b5f2cbc
lib/armeabi-v7a/libpldroid_streaming_core.so 0x14c1c06e
lib/armeabi-v7a/libpldroid_streaming_h264_encoder.so 0x13c00a85
META-INF/MANIFEST.MF 0x152e46f7
META-INF/CERT.SF 0xb542e143
META-INF/CERT.RSA 0x66e231a4
运行截图
VirSCANVirSCAN
VirSCAN