1. /
  2. Security Response/
  3. Adware.Downreceive

Adware.Downreceive

Updated:
February 13, 2007 11:32:55 AM
Type:
Adware
Publisher:
Acceleration Software International Corp.
Risk Impact:
High
File Names:
eac_ drec.dll,download.exe
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

When Adware.Downreceive is executed, the installer performs the following actions:
  1. Creates the folder %ProgramFiles%\ Acceleration Software, and then inserts several files and subfolders in this folder.

    Note: %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.

  2. Creates the registry subkeys:

    HKEY_LOCAL_MACHINE\Software\Acceleration Software Internation Corporation
    HKEY_CURRENT_USER\Software\Acceleration Software International Corporatio
    n
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Eac_Drec
    HKEY_CLASSES_ROOT\CLSID\{8869786C-8E72-45DC-911D-AB3416AC1DF1}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0AA07B59-9A06-4B45-B615-0D18D20E16D8}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{84394CAC-A8C2-4E2F-AA7E-C85BCD371043}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EADAF9C0-9F71-4FDC-BCB2-E57C8627684E}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Eac_drec.EAC_DownloadRec
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Eac_drec.EAC_DownloadRec.1


  3. Adds the value:

    "value" = "systimer.exe"

    to the registry subkey:

    HKEY_LOCAL_MACHINE\Software\Microsoft\CurrentVersion\Run


Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver