When Adware.Downreceive is executed, the installer performs the following actions:
- Creates the folder %ProgramFiles%\ Acceleration Software, and then inserts several files and subfolders in this folder.
Note: %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.
- Creates the registry subkeys:
HKEY_LOCAL_MACHINE\Software\Acceleration Software Internation Corporation
HKEY_CURRENT_USER\Software\Acceleration Software International Corporation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Eac_Drec
HKEY_CLASSES_ROOT\CLSID\{8869786C-8E72-45DC-911D-AB3416AC1DF1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0AA07B59-9A06-4B45-B615-0D18D20E16D8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{84394CAC-A8C2-4E2F-AA7E-C85BCD371043}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{EADAF9C0-9F71-4FDC-BCB2-E57C8627684E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Eac_drec.EAC_DownloadRec
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Eac_drec.EAC_DownloadRec.1
- Adds the value:
"value" = "systimer.exe"
to the registry subkey:
HKEY_LOCAL_MACHINE\Software\Microsoft\CurrentVersion\Run
