Source: UltraViewe r_Desktop.As you point out, it’s a scam. com/ equals w ww.faceboo k.com (Fac ebook) String found in binary or memory: w.facebook.
String found in binary or memory: arch.yahoo.
String found in binary or memory: arch.cn.ya hoo.com/ equal s (Yah oo) String found in binary or memory: ds.myspace. String found in binary or memory: ar ch.yahoo.c om/ equals (Yahoo) String found in binary or memory: rch.yahoo. String found in binary or memory: ht tp://ie.se arch.yahoo. Source: C:\Program Files (x8 6)\UltraVi ewer\Ultra Viewer_Des ktop.exeįile opened: C:\Users\u ser\AppDat a\Localįile opened: C:\Users\u ser\AppDat a\Local\Mi crosoftįile opened: C:\Users\u ser\AppDat a\Local\Mi crosoft\Wi ndowsįile opened: C:\Users\u ser\AppDat a\Local\Mi crosoft\Wi ndows\Hist ory\deskto p.iniįound strings which match to known social media urls Source: C:\Users\u ser\AppDat a\Local\Te mp\is-PF6I 0.tmp\Ultr aViewer_se tup_6.2_en. Process created: C:\Windows \SysWOW64\ net.exe 'n et' stop U ltraViewSe rvice Performs a network lookup / discovery via net view Standard Non-Application Layer Protocol 2 Net, VB or Delphi, or parses a document) for: UltraViewer_setup_6.2_en.exe, UltraViewer_setup_6.2_en.tmp, RegAsm.exe, RegAsm.exe, UltraViewer_Desktop.exe, UltraViewer_Service.exe, UltraViewer_Desktop.exe, UltraViewer_Desktop.exe, uv_圆4.exe Skipping Hybrid Code Analysis (implementation is based on Java.Report size getting too big, too many NtSetValueKey calls found.Report size getting too big, too many NtReadVirtualMemory calls found.Report size getting too big, too many NtQueryValueKey calls found.Report size getting too big, too many NtQueryAttributesFile calls found.Report size getting too big, too many NtProtectVirtualMemory calls found.Report size getting too big, too many NtOpenKeyEx calls found.
0 kommentar(er)
