Threat Explorer

The Threat Explorer is a comprehensive resource consumers can turn to for daily, accurate, up-to-date information on the latest threats, risks and vulnerabilities.

Adware.Elodu

Adware.Elodu

Updated:
October 16, 2006
Risk Impact:
High
Systems Affected:
Windows

Behavior

Adware.Elodu is an adware program that installs itself as a Browser Helper Object and displays pop up advertisements.

Antivirus Protection Dates

  • Initial Rapid Release version October 02, 2014 revision 022
  • Latest Rapid Release version March 23, 2017 revision 037
  • Initial Daily Certified version October 12, 2006
  • Latest Daily Certified version March 23, 2017 revision 041
  • Initial Weekly Certified release date October 18, 2006
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Adware.Elodu is an adware program that installs itself as a Browser Helper Object and displays pop up advertisements.

When the program is executed, it creates the following files:
%System%\IESysIcon.ico
%System%\lsmgr.dll
%System%\explorer.exe
%SystemDrive%\autorun.inf
%SystemDrive%\diskcheck.exe

Next, the program creates the following registry subkeys:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EC564D32-0F1A-4367-8A9B-4A9F57688D03}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1CFFD533-46FE-4031-A3FF-5370943BA025}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3E704673-BE49-4C13-8E36-288326D14709}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lsmgr.mssgr
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lsmgr.mssgr.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D1EDDE84-E67E-4ccd-B28E-73AD3B71A7C9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC564D32-0F1A-4367-8A9B-4A9F57688D03}

The program also creates the following registry entry:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shell\open\command\"Default" = "%System%\explore.exe %1"