Elodu
Elodu is an annoying adware program that bombards its users with commercial pop-up advertisements. Elodu stores itself as an Internet Explorer add-on which is run every time the compromised web browser is opened. Elodu does not appear to have any other functionality however it may be able to monitor and record internet related activities and then send the information to a remote third party.
File System Details
Elodu may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | lsmgr.dll | |
| 2. | explorer.exe | |
| 3. | diskcheck.exe |
Registry Details
Elodu may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lsmgr.mssgr.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3E704673-BE49-4C13-8E36-288326D14709}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lsmgr.mssgr
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1CFFD533-46FE-4031-A3FF-5370943BA025}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D1EDDE84-E67E-4ccd-B28E-73AD3B71A7C9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\Shell\Open\Command\Default=%System%\explorer.exe %1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EC564D32-0F1A-4367-8A9B-4A9F57688D03}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC564D32-0F1A-4367-8A9B-4A9F57688D03}
