Lee-Soft ViStart Installer

Category: Adware and PUAs Protection available since:12 Jan 2013 04:08:40 (GMT)
Type: Unspecified PUA Last Updated:12 Jan 2013 04:08:40 (GMT)

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

" Lee-Soft ViStart Installer " is an installer which bundles legitimate applications with offers for additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.

Lee-Soft ViStart Installer exhibits the following characteristics:

File Information

Size
754K
SHA-1
edb1e18ad3856d0db64a89d9597397f6594a8eab
MD5
7cbde766e26b1107cf0458b52e427c74
CRC-32
a9cf3c6d
File type
Windows executable
First seen
2012-09-07

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\nse5.tmp\registry.dll
    Size
    25K
    SHA-1
    2eabe4f755213666dbbbde024a5235ddde02b47f
    MD5
    2b7007ed0262ca02ef69d8990815cbeb
    CRC-32
    fca04622
    File type
    Windows executable
    First seen
    2011-10-04
  • c:\Documents and Settings\test user\Local Settings\Temp\nsd3.tmp\InstallManagers.exe
    Size
    258K
    SHA-1
    510d9fa764121ed3a0126ffe80e14c1c702f2593
    MD5
    085fd460be88edfce27aaeead461cb32
    CRC-32
    f4b501c9
    File type
    Windows executable
    First seen
    2013-01-10
  • c:\Documents and Settings\test user\Local Settings\Temp\nsd3.tmp\inetc.dll
    Size
    21K
    SHA-1
    caec1233f841ee72004231a3027b13cdeb13274c
    MD5
    e541458cfe66ef95ffbea40eaaa07289
    CRC-32
    39b8df09
    File type
    Windows executable
    First seen
    2011-11-12
  • C:\Program Files\ViStart\ViConfig.exe
    Size
    276K
    SHA-1
    d1039943ad84bc3c4193caac2dcf872036c729ea
    MD5
    ad4e47dcf3818d9bb3a19c5eeea173d6
    CRC-32
    32b52a3f
    File type
    Windows executable
    First seen
    2012-03-07
Registry Keys Created
  • HKLM\SOFTWARE\ViStart\Components
    Main
    1
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012013011020130111
    CacheRepair
    0x00000000
Registry Keys Modified
  • HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
    Name
    InstallManagers.exe
Processes Created
  • c:\docume~1\support\locals~1\temp\nsd3.tmp\installmanagers.exe
HTTP Requests
  • http://cdn.guttastatdk.us/nsi/nsis-html/Mixed_Bundle_4636.exe
  • http://www.haycfld.us/htmlscreens/OfferScreen_12.zip
  • http://www.haycfld.us/htmlscreens/OfferScreen_96.zip
  • http://www.ntdlzone.com/download.php
DNS Requests
  • cdn.guttastatdk.us
  • www.fcgoatcalear.us
  • www.haycfld.us
  • www.ntdlzone.com
  • www.scvalgoeast.us

download Try Sophos products for free
Download now

© 1997 - 2013 Sophos Ltd. All rights reserved. Legal Privacy Cookie Information