1. /
  2. Security Response/
  3. Adware.eSyndicate

Adware.eSyndicate

Updated:
February 13, 2007 11:43:26 AM
Type:
Adware
Version:
1.0.0.13
Publisher:
esyndicate.com
Risk Impact:
Low
File Names:
eSyndicateInst.exe esyn.dll
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

When Adware.eSyndicate is installed, it attempts to connect to the predetermined Web site and perform the following actions::
  1. Creates the following files:

    • %ProgramFiles%\eSyndicate\esyn.dll
    • %ProgramFiles%\eSyndicate\Uninst.exe

      Note: %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.

  2. Creates the following registry subkeys:

    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC378B83-9577-44D0-B4F8-0DD965E176FC}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Esyn.Band
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Esyn.Band.1
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{941E3071-658D-4F7A-8848-A39E9A43AA97}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B526170E-491F-4E29-8BFB-C6157D02FEFD}
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC378B83-9577-44D0-B4F8-0DD965E176FC}
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eSyndicate
    HKEY_CURRENT_USER\Software\esyn

  3. Contacts remote servers on the following domains to configure program settings and exclusion lists:

    • queue.jmnad1.com
    • client.contextual.esyndicate.com

  4. Creates the following files:

    • %Windir%\ecfg.bin (A settings file.)
    • %Windir%\excl.bin (An exclusion list file.)

      Note: %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.

  5. May display advertisements, depending on the response from the servers mentioned above.


Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver