SearchCentrix

Posted: March 28, 2006

SearchCentrix is a set of Internet Explorer toolbars providing web search services. These toolbars change the web browser's default search page and related settings and show undesirable commercial advertisements. SearchCentrix must be manually installed. It runs every time the user launches Internet Explorer.

File System Modifications

The following files were created in the system:

# File Name

1 pqhelper.dll

2 s4helper.dll

3 seantb.dll

4 ssom.exe

5 webalize.dll

6 webalize.exe

7 weblzedr.exe

#	File Name
1	pqhelper.dll
2	s4helper.dll
3	seantb.dll
4	ssom.exe
5	webalize.dll
6	webalize.exe
7	weblzedr.exe

Registry Modifications

The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOTpqhelper.PQHELPERHKEY_CLASSES_ROOTs4helper.S4HELPERHKEY_CLASSES_ROOTseantb.SEANTBHKEY_CLASSES_ROOTwebalize.WEBALIZEHKEY_CURRENT_USERSoftwareDynamicToolbarHKEY_CURRENT_USERSoftwareMicrosoftInternetExplorerMainFriendlyhttperrors=yesHKEY_CURRENT_USERSoftwareMicrosoftInternetExplorerMainSearchBar=[siteaddress]HKEY_CURRENT_USERSoftwareMicrosoftInternetExplorerMainUseSearchAsst=noHKEY_CURRENT_USERSoftwareMicrosoftInternetExplorerSearchUrlprovider=intranetHKEY_LOCAL_MACHINESOFTWAREMicrosoftInternetExplorerSearchSearchAssistant=[siteaddress]HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowserHelperHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallSearch-O-MaticToolbar_is1HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallWebalizeSearchUtility_is1HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallWinDirect_is1
The following CLSID's were detected:
HKEY..\..\{CLSID Path}4E7BD74F-2B8D-469E-C0FB-EF60B19DCE2E4E7BD74F-2B8D-469E-C0FB-EF60B19DAB2D4E7BD74F-2B8D-469E-D7E4-F660B597BF2A4E7BD74F-2B8D-469E-D0EA-F16DB186FA7D

Adware.SearchCentrix

SearchCentrix

File System Modifications

Registry Modifications

Related Posts

Leave a Reply