When Adware.CSearch is installed, it performs the following actions:
- Creates the following registry keys:
HKEY_CLASSES_ROOT\CLSID\{064CB07A-9ECD-46FD-8E10-1D3C5FF218CA}
HKEY_CLASSES_ROOT\CLSID\{D8FA0364-7866-40A7-B340-A6069265AD9F}
HKEY_CLASSES_ROOT\Interface\{09C33C5E-2B76-47FE-B97B-9788235A3876}
HKEY_CLASSES_ROOT\Interface\{F250A919-FB4B-4120-9F2E-E5FE03FB8202}
HKEY_CLASSES_ROOT\TypeLib\{DEB0BC8B-7405-4B97-9489-89D72C27678A}
HKEY_CLASSES_ROOT\Csearch.Band
HKEY_CLASSES_ROOT\Csearch.Band.1
HKEY_CLASSES_ROOT\Csearch.Redirect
HKEY_CLASSES_ROOT\Csearch.Redirect.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D8FA0364-7866-40A7-B340-A6069265AD9F}
%HKEY_ALL_USERS%\Software\ISTechnologies
Note: %HKEY_ALL_USERS% refers to all user entries in HKEY_USERS.
- Adds the value:
{D8FA0364-7866-40A7-B340-A6069265AD9F}
to the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
- Adds the value:
"(default)" = "http:/ /www.searchmain.com/searching/?d=%s"
to the registry subkey:
HKEY_ALL_USERS\Software\Microsoft\Internet Explorer\SearchUrl
- Sets the value:
"Search Page" = "http:/ /www.searchmain.com/"
in the registry subkeys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
HKEY_ALL_USERS\Software\Microsoft\Internet Explorer\Main
- Set the value:
"CustomizeSearch" = "http:/ /www.searchmain.com/"
in the registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search
- Sets the value:
"DefaultSearchURL" = "http:/ /www.searchmain.com/searching/?d=%s"
in the registry subkey:
HKEY_ALL_USERS\Software\Microsoft\Search Assistant
