1. /
  2. Security Response/
  3. Adware.Elodu

Adware.Elodu

Updated:
October 16, 2006 2:31:11 PM
Type:
Adware
Risk Impact:
High
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Adware.Elodu is an adware program that installs itself as a Browser Helper Object and displays pop up advertisements.

When the program is executed, it creates the following files:
%System%\IESysIcon.ico
%System%\lsmgr.dll
%System%\explorer.exe
%SystemDrive%\autorun.inf
%SystemDrive%\diskcheck.exe

Next, the program creates the following registry subkeys:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EC564D32-0F1A-4367-8A9B-4A9F57688D03}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1CFFD533-46FE-4031-A3FF-5370943BA025}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3E704673-BE49-4C13-8E36-288326D14709}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lsmgr.mssgr
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lsmgr.mssgr.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D1EDDE84-E67E-4ccd-B28E-73AD3B71A7C9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC564D32-0F1A-4367-8A9B-4A9F57688D03}

The program also creates the following registry entry:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shell\open\command\"Default" = "%System%\explore.exe %1"
Summary| Technical Details

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report