Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'SuperBar Installer' = '<Full path to virus>'
- '%TEMP%\SuperBarSetup.exe' /s
- '%TEMP%\SuperBarSetup.exe' (downloaded from the Internet)
- %TEMP%\SuperBar.dn
- from %TEMP%\SuperBar.dn to %TEMP%\SuperBarSetup.exe
- 'www.gi#####hsoftware.com':80
- http://www.gi#####hsoftware.com/superbar/camp/SuperBarInstall.EXE
- http://www.gi#####hsoftware.com/superbar/stats/update_installer_stats.php?ca###############################
- DNS ASK www.gi#####hsoftware.com
- ClassName: 'Shell_TrayWnd' WindowName: ''