The file is a digitally signed and issued to MDO by VeriSign. The average file size is about 594.79 KB. In addition, it is run under the context of the SYSTEM account with extensive privileges (the administrator accounts have the same privileges). It is started as a Windows Service called 'EBOOSTRSVC' with the name 'EBOOSTRSVC' and described as “eBoostr cache managment service”. There are 5 versions of ebstrsvc.exe in the wild, the latest version being 4.5.0.575.
0 Comments
Leave a Reply. |