Adware.LoadEWXD

Adware.LoadEWXD

Updated:
01 June 2006
Risk Impact:
High
Systems Affected:
Windows

Behavior

Adware.LoadEWXD is an adware program that resets Internet Explorer's home page.

Antivirus Protection Dates

  • Initial Rapid Release version 02 October 2014 revision 022
  • Latest Rapid Release version 06 June 2018 revision 025
  • Initial Daily Certified version 01 June 2006
  • Latest Daily Certified version 07 June 2018 revision 002
  • Initial Weekly Certified release date 07 June 2006
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Adware.LoadEWXD is an adware program that resets Internet Explorer's home page.

When the risk is first installed, it drops the following file:
%System%\msxml4r.exe

The risk then adds the following registry entry, so that it runs every time Windows starts:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"LoadEWXD" = "C:\WINDOWS\system32\msxml4r.exe"

The risk then sets Internet Explorer's home page to www.369.com
`