02-21-2016, 04:46 PM
uc browser is a spy.
HTTP Traffic
http://pclog.ucdns.uc.cn:8090/bluesky
Contacted Hosts
168.235.193.157 80 TCP United States
URL in binary/memory
"http://www.uc123.com/guide/install_blacklist.php?ver=5.5.9936.1231&bid=35151&pid=4595"
"http://pclog.ucdns.uc.cn:8090/lv=1.0&encrypt_data=bTkwAlvy+xyXOx/dOxp1Z7lXqSVvn9MfKqSvPxeZ3SSfiM+Avwe+MXH5RWWdVw+L6TU5MdeIX7RSQaPMrcQojp4noJ6AUN6Vul/KNMwU3ewRr0jAM9XzQ4SSMpNFw1FgJamxcAwJXHfqjtD6NkN3HVR00NdVx9ohzwMock7F+cmlMyvzqhfwiFcEDpjBFVH5nvvCX4OCd4B+iv"
"d:\webapps\b\build\slave\repo\build\src\wow\chrome\installer\luxury_installer\main.cc"
"d:\webapps\b\build\slave\repo\build\src\base\process\process_win.cc"
"d:\webapps\b\build\slave\repo\build\src\wow\chrome\installer\luxury_installer\wow_flashui_factory.cc"
"d:\webapps\b\build\slave\repo\build\src\wow\base\stats\wow_stats_helper.cc"
"d:\webapps\b\build\slave\repo\build\src\wow\chrome\installer\luxury_installer\wow_setup_util.cc"
"d:\webapps\b\build\slave\repo\build\src\base\trace_event\trace_event_impl.cc"
"d:\webapps\b\build\slave\repo\build\src\wow\base\win\wow_machine_info_utils_win.cc"
"http://pclog.ucdns.uc.cn:8090/bluesky"
"d:\webapps\b\build\slave\repo\build\src\base\files\file_util_win.cc"
"d:\webapps\b\build\slave\repo\build\src\wow\chrome\installer\luxury_installer\wow_perf_logging.cc"
"d:\webapps\b\build\slave\repo\build\src\base\win\message_window.cc"
"d:\webapps\b\build\slave\repo\build\src\base\threading\thread_local_win.cc"
"d:\webapps\b\build\slave\repo\build\src\wow\base\i18n\wow_distribution_i18n.cc"
"ftp@example.com"
"http://uploadreport.browser.taobao.com/up_pass/browserupload.php"
"d:\webapps\b\build\slave\repo\build\src\chrome\installer\setup\setup_main.cc"
"d:\webapps\b\build\slave\repo\build\src\chrome\installer\util\install_util.cc"
"d:\webapps\b\build\slave\repo\build\src\chrome\installer\setup\uninstall.cc"
HTTP Traffic
http://pclog.ucdns.uc.cn:8090/bluesky
Contacted Hosts
168.235.193.157 80 TCP United States
URL in binary/memory
"http://www.uc123.com/guide/install_blacklist.php?ver=5.5.9936.1231&bid=35151&pid=4595"
"http://pclog.ucdns.uc.cn:8090/lv=1.0&encrypt_data=bTkwAlvy+xyXOx/dOxp1Z7lXqSVvn9MfKqSvPxeZ3SSfiM+Avwe+MXH5RWWdVw+L6TU5MdeIX7RSQaPMrcQojp4noJ6AUN6Vul/KNMwU3ewRr0jAM9XzQ4SSMpNFw1FgJamxcAwJXHfqjtD6NkN3HVR00NdVx9ohzwMock7F+cmlMyvzqhfwiFcEDpjBFVH5nvvCX4OCd4B+iv"
"d:\webapps\b\build\slave\repo\build\src\wow\chrome\installer\luxury_installer\main.cc"
"d:\webapps\b\build\slave\repo\build\src\base\process\process_win.cc"
"d:\webapps\b\build\slave\repo\build\src\wow\chrome\installer\luxury_installer\wow_flashui_factory.cc"
"d:\webapps\b\build\slave\repo\build\src\wow\base\stats\wow_stats_helper.cc"
"d:\webapps\b\build\slave\repo\build\src\wow\chrome\installer\luxury_installer\wow_setup_util.cc"
"d:\webapps\b\build\slave\repo\build\src\base\trace_event\trace_event_impl.cc"
"d:\webapps\b\build\slave\repo\build\src\wow\base\win\wow_machine_info_utils_win.cc"
"http://pclog.ucdns.uc.cn:8090/bluesky"
"d:\webapps\b\build\slave\repo\build\src\base\files\file_util_win.cc"
"d:\webapps\b\build\slave\repo\build\src\wow\chrome\installer\luxury_installer\wow_perf_logging.cc"
"d:\webapps\b\build\slave\repo\build\src\base\win\message_window.cc"
"d:\webapps\b\build\slave\repo\build\src\base\threading\thread_local_win.cc"
"d:\webapps\b\build\slave\repo\build\src\wow\base\i18n\wow_distribution_i18n.cc"
"ftp@example.com"
"http://uploadreport.browser.taobao.com/up_pass/browserupload.php"
"d:\webapps\b\build\slave\repo\build\src\chrome\installer\setup\setup_main.cc"
"d:\webapps\b\build\slave\repo\build\src\chrome\installer\util\install_util.cc"
"d:\webapps\b\build\slave\repo\build\src\chrome\installer\setup\uninstall.cc"