Summary
Summary
More Information
| Affected operating systems | Windows |
|---|---|
| Protection available since | 22 January 2007 14:25:48 (GMT) |
| Last updated | 3 November 2009 20:49:52 (GMT) |
| Detected by | Sophos Anti-Virus for Windows, version 7, and PureMessage for Microsoft Exchange. |
More Information
- Summary
- More Information
ContentMatch is an adware application.
When ContentMatch is installed the following files are created:
<Common Files>\CPUSH\cpush.dll
<Common Files>\CPUSH\Uninst.exe
<System>\kdjs1.exe
The file cpush.dll is registered as a COM object and Browser Helper Object (BHO) for Microsoft Internet Explorer, creating registry entries under:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11F09AFD-75AD-4E51-AB43-E09E9351CE16}
HKCR\CLSID\{CDE9EB54-A08E-4570-B748-13F5DDB5781C}
HKCR\CLSID\{34A12A06-48C0-420D-8F11-73552EE9631A}
HKCR\CLSID\{11F09AFD-75AD-4E51-AB43-E09E9351CE16}
HKCR\NewMediasPopup.EdLogic
HKCR\NewMediasPopup.EdLogic.1
HKCR\NewAdPopup.ToolbarDetector
HKCR\NewAdPopup.ToolbarDetector.1
HKCR\NewAdPopup.PopupBlock.1
HKCR\NewAdPopup.PopupBlock
The following registry entry is set, affecting internet security:
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
<Program Files>\Internet Explorer\IEXPLORE.EXE
<Program Files>\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer
Registry entries are created under:
HKLM\SOFTWARE\Sohu R&D\Download
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ContentMatch
HKLM\SOFTWARE\cpush
ContentMatch provides an uninstall option which can be accessed via the Add or Remove Programs dialog in the Windows Control Panel. The software is listed as "AdPush Software".
|
