When Adware.eSyndicate is installed, it attempts to connect to the predetermined Web site and perform the following actions::
- Creates the following files:
- %ProgramFiles%\eSyndicate\esyn.dll
- %ProgramFiles%\eSyndicate\Uninst.exe
Note: %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.
- Creates the following registry subkeys:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC378B83-9577-44D0-B4F8-0DD965E176FC}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Esyn.Band
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Esyn.Band.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{941E3071-658D-4F7A-8848-A39E9A43AA97}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B526170E-491F-4E29-8BFB-C6157D02FEFD}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC378B83-9577-44D0-B4F8-0DD965E176FC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eSyndicate
HKEY_CURRENT_USER\Software\esyn
- Contacts remote servers on the following domains to configure program settings and exclusion lists:
- queue.jmnad1.com
- client.contextual.esyndicate.com
- Creates the following files:
- %Windir%\ecfg.bin (A settings file.)
- %Windir%\excl.bin (An exclusion list file.)
Note: %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.
- May display advertisements, depending on the response from the servers mentioned above.
