ADW_ADWAPPER
Win32/Packed.ScrambleWrapper.D application(NOD32),HEUR:AdWare.NSIS.Adwapper.heur(Kaspersky)
Windows
Threat Type:
Adware
Destructiveness:
No
Encrypted:
In the wild::
Yes
OVERVIEW
TECHNICAL DETAILS
Instalación
Infiltra los archivos siguientes:
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\asyncDB.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\background.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\browserAction.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\contextMenu.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\dbManager.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\dom_bg.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\fileManager.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\firefox.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\firefoxNotifications.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\firefoxOmnibox.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\message.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\pageAction.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\request.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\tabs.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api\webRequest.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\background.html
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\baseObject.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\browser.xul
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\console.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\consts.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\delegate.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\extensionDataStore.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\folderIOWrapper.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\httpObserver.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\IDBWrapper.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\installer.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\logFile.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\prefs.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\progressListenerObserver.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\registry.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\reloadObserver.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\reports.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\requestObject.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\searchSettings.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\uninstallObserver.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\updateManager.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\utils.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core\xhr.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\dialog.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\main.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\options.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\options.xul
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\search_dialog.xul
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome.manifest
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\defaults\preferences\prefs.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\manifest.xml
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\101_cortica_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\102_dealply_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\103_intext_5_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\104_jollywallet_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\105_corticas_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\107_coupish_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\108_icm_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\116_ads_only_5_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\117_coupons_intext_ads_5_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\119_similar_web_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\120_luck_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\123_intext_adv_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\125_arcadi2_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\126_revizer_ws_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\127_revizer_p_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\128_superfish_pricora_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\129_widdit_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\135_arcadi3_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\138_getdeal_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\13_CrossriderAppUtils.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\141_corticas_ru_m.js.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\142_intext_fa_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\14_CrossriderUtils.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\155_ibario_pops_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\159_cortica_rollover_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\16_FFAppAPIWrapper.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\17_jQuery.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\1_base.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\21_debug.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\22_resources.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\28_initializer.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\47_resources_background.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\4_jquery_1_7_1.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\64_appApiMessage.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\72_appApiValidation.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\78_CrossriderInfo.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\87_ginyas_wrapper.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\91_monetizationLoader.js.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\92_superfish_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\93_superfish_no_coupons_m.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins\98_omniCommands.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins.json
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\userCode\background.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\userCode\extension.js
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\install.rdf
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\locale\en-US\translations.dtd
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin\button1.png
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin\button2.png
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin\button3.png
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin\button4.png
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin\button5.png
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin\crossrider_statusbar.png
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin\icon128.png
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin\icon16.png
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin\icon24.png
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin\icon48.png
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin\panelarrow-up.png
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin\popup.html
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin\skin.css
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin\update.css
- %Windows%\Installer\{random}.msi
- %Program Files%\a2zLyrics-1\41554.crx
- %Program Files%\a2zLyrics-1\41554.xpi
- %Program Files%\a2zLyrics-1\a2zLyrics-1-bg.exe
- %Program Files%\a2zLyrics-1\a2zLyrics-1-bho.dll
- %Program Files%\a2zLyrics-1\a2zLyrics-1-buttonutil.dll
- %Program Files%\a2zLyrics-1\a2zLyrics-1-buttonutil.exe
- %Program Files%\a2zLyrics-1\a2zLyrics-1-chromeinstaller.exe
- %Program Files%\a2zLyrics-1\a2zLyrics-1-codedownloader.exe
- %Program Files%\a2zLyrics-1\a2zLyrics-1-enabler.exe
- %Program Files%\a2zLyrics-1\a2zLyrics-1-firefoxinstaller.exe
- %Program Files%\a2zLyrics-1\a2zLyrics-1-helper.exe
- %Program Files%\a2zLyrics-1\a2zLyrics-1-updater.exe
- %Program Files%\a2zLyrics-1\a2zLyrics-1.ico
- %Program Files%\a2zLyrics-1\background.html
- %Program Files%\a2zLyrics-1\Installer.log
- %Program Files%\a2zLyrics-1\Uninstall.exe
- %Program Files%\a2zLyrics-1\utils.exe
- %Windows%\Tasks\a2zLyrics-1-chromeinstaller.job
- %Windows%\Tasks\a2zLyrics-1-codedownloader.job
- %Windows%\Tasks\a2zLyrics-1-enabler.job
- %Windows%\Tasks\a2zLyrics-1-firefoxinstaller.job
- %Windows%\Tasks\a2zLyrics-1-updater.job
Crea las carpetas siguientes:
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\api
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\chrome\content\core
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\defaults
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\defaults\preferences
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\plugins
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\extensionData\userCode
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\locale
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\locale\en-US
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com\skin
- %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn
- %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0
- %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0\extensionData
- %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0\extensionData\plugins
- %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0\extensionData\userCode
- %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0\icons
- %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0\icons\actions
- %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0\js
- %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0\js\api
- %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0\js\lib
- %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn\1.24.16_0\js\lib\popupResource
Otras modificaciones del sistema
Agrega las siguientes entradas de registro como parte de la rutina de instalación:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{55555555-5555-5555-5555-550455155554}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{66666666-6666-6666-6666-660466156654}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{44444444-4444-4444-4444-440444154454}
HKEY_CURRENT_USER\Software\a2zLyrics-1
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Plugins
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Plugins\{Key value}
HKEY_CURRENT_USER\Software\Crossrider
HKEY_CURRENT_USER\Software\InstalledBrowserExtensions\
Lyrics
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1\
Chrome
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1\
Firefox
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1\
IE
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1\
Installer
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\
Microsoft\Windows\CurrentVersion\
Ext\PreApproved\{11111111-1111-1111-1111-110411151154}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CrossriderApp0041554.BHO
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CrossriderApp0041554.BHO
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CrossriderApp0041554.Sandbox
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11111111-1111-1111-1111-110411151154}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{22222222-2222-2222-2222-220422152254}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{44444444-4444-4444-4444-440444154454}\1.0\
0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{44444444-4444-4444-4444-440444154454}\1.0\
0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects\{11111111-1111-1111-1111-110411151154}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
a2zLyrics-1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{164e9b12-3a5a-420c-bfbf-b819b1ff89cb}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{6507d1ab-8a66-461d-8c53-e86fbb685be6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{77767cbc-e832-42df-9262-522bf7139601}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{ad2f012a-8fde-4848-9634-08732d9b1066}
Agrega las siguientes entradas de registro:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CrossriderApp0041554.Sandbox\CurVer
(Default) = "CrossriderApp0041554.Sandbox"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CrossriderApp0041554.Sandbox.1
(Default) = "CrossriderApp0041554.Sandbox"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CrossriderApp0041554.Sandbox.1\CLSID
(Default) = "{22222222-2222-2222-2222-220422152254}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11111111-1111-1111-1111-110411151154}
(Default) = "a2zLyrics-1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11111111-1111-1111-1111-110411151154}\Implemented Categories
(Default) = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11111111-1111-1111-1111-110411151154}\Implemented Categories\
{59fb2056-d625-48d0-a944-1a85b5ab2640}
(Default) = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11111111-1111-1111-1111-110411151154}\InprocServer32
(Default) = "%Program Files%\a2zLyrics-1\a2zLyrics-1-bho.dll"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11111111-1111-1111-1111-110411151154}\ProgID
(Default) = "CrossriderApp0041554.BHO.1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11111111-1111-1111-1111-110411151154}\TypeLib
(Default) = "{44444444-4444-4444-4444-440444154454}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{11111111-1111-1111-1111-110411151154}\VersionIndependentProgID
(Default) = "CrossriderApp0041554"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{22222222-2222-2222-2222-220422152254}
(Default) = "CrossriderApp0041554.Sandbox"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{22222222-2222-2222-2222-220422152254}\InprocServer32
(Default) = "%Program Files%\a2zLyrics-1\a2zLyrics-1-bho.dll"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{22222222-2222-2222-2222-220422152254}\InprocServer32
ThreadingModel = "Apartment"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{22222222-2222-2222-2222-220422152254}\ProgID
(Default) = "CrossriderApp0041554.Sandbox.1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{22222222-2222-2222-2222-220422152254}\TypeLib
(Default) = "{44444444-4444-4444-4444-440444154454}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{22222222-2222-2222-2222-220422152254}\VersionIndependentProgID
(Default) = "CrossriderApp0041554.Sandbox"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Installer\Products\93BAD29AC2E44034A96BCB446EB8552E\
SourceList\Net
3 = "{hex values}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{55555555-5555-5555-5555-550455155554}
(Default) = "ICrossriderBHO"
HKEY_CURRENT_USER\Software\a2zLyrics-1
ActiveAppId = "41554"
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Code
AppJavaScript = ""
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Code
BgJavaScript = ""
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Code
NewTabJavaScript = ""
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Installer
Time = "{value}"
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Installer
StatsDomain = "http://stats.ourstatssrv.com"
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Installer
{entries} = "{value}"
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Log
a2zlyrics-1-helper = "{dword:00000000}"
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Log
a2zlyrics-1-bho = "{dword:00000000}"
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Manifest
{entries} = "{value}"
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Plugins
{entries} = "{values}"
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Plugins\1
Version = "{dword:0000000b}"
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Plugins\1
Name = "base"
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Plugins\1
Name = "base"
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Plugins\1
JavaScript = "{value}"
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Plugins\{key value}
{Entries} = "{values}"
HKEY_CURRENT_USER\Software\a2zLyrics-1\
Update
LastCheck = "dword:54b465b5"
HKEY_CURRENT_USER\Software\Crossrider
Bic = "C133204615494EC3B9F035B3C412F409IE"
HKEY_CURRENT_USER\Software\Crossrider
Verifier = "aa8c376496c39d77da9694fc51d1f2be"
HKEY_CURRENT_USER\Software\InstalledBrowserExtensions\
Lyrics
41554 = "a2zLyrics-1"
HKEY_CURRENT_USER\Software\InstalledThirdPartyPrograms
PID23861 = "installed"
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\ApprovedExtensionsMigration
{11111111-1111-1111-1111-110411151154} = ""
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Policies\
Ext\CLSID
{11111111-1111-1111-1111-110411151154} = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1\
Chrome
TotalProfiles = "dword:00000001"
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1\
Chrome\Profiles
%AppDataLocal%\Google\Chrome\User Data\Default = "dword:00000001"
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1\
Firefox
TotalProfiles = "dword:00000001"
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1\
Firefox\Profiles
%Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default = "dword:00000001"
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1\
IE
TotalProfiles = "dword:00000001"
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1\
IE\Profiles
S-1-5-21-484763869-789336058-682003330-1003 = "dword:00000001"
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1\
Installer
BundledChrome = "dword:00000001"
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1\
Installer
BundledFirefox = "dword:00000001"
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1\
Installer
BundledIe = "dword:00000001"
HKEY_LOCAL_MACHINE\SOFTWARE\InstalledThirdPartyPrograms
PID23861 = "installed"
HKEY_LOCAL_MACHINE\SOFTWARE\InstalledThirdPartyPrograms
EID41554 = "installed"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CrossriderApp0041554.BHO
(Default) = "CrossriderApp0041554"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CrossriderApp0041554.BHO\CLSID
(Default) = "{11111111-1111-1111-1111-110411151154}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CrossriderApp0041554.BHO\CurVer
(Default) = "CrossriderApp0041554"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CrossriderApp0041554.BHO.1
(Default) = "CrossriderApp0041554"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CrossriderApp0041554.BHO.1\CLSID
(Default) = "{11111111-1111-1111-1111-110411151154}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CrossriderApp0041554.Sandbox
(Default) = "CrossriderApp0041554.Sandbox"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CrossriderApp0041554.Sandbox\CLSID
(Default) = "{22222222-2222-2222-2222-220422152254}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{55555555-5555-5555-5555-550455155554}\ProxyStubClsid
(Default) = "{00020424-0000-0000-C000-000000000046}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{55555555-5555-5555-5555-550455155554}\ProxyStubClsid32
(Default) = "{00020424-0000-0000-C000-000000000046}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{55555555-5555-5555-5555-550455155554}\TypeLib
(Default) = "{44444444-4444-4444-4444-440444154454}"
HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1\
Chrome\Profiles
%AppDataLocal%\Google\Chrome\User Data\Default = "dword:00000001"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{55555555-5555-5555-5555-550455155554}\TypeLib
"1" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{66666666-6666-6666-6666-660466156654}
(Default) = "ISandBox"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{66666666-6666-6666-6666-660466156654}\ProxyStubClsid
(Default) = "{00020424-0000-0000-C000-000000000046}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{66666666-6666-6666-6666-660466156654}\ProxyStubClsid32
(Default) = "{00020424-0000-0000-C000-000000000046}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{66666666-6666-6666-6666-660466156654}\TypeLib
(Default) = "{44444444-4444-4444-4444-440444154454}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{66666666-6666-6666-6666-660466156654}\TypeLib
Version = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{44444444-4444-4444-4444-440444154454}\1.0
(Default) = "CrossriderApp0041554 Type Library"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{44444444-4444-4444-4444-440444154454}\1.0\
0\win32
(Default) = "%Program Files%\a2zLyrics-1\a2zLyrics-1-bho.dll"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{44444444-4444-4444-4444-440444154454}\1.0\
FLAGS
(Default) = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{44444444-4444-4444-4444-440444154454}\1.0\
HELPDIR
(Default) = "%Program Files%\a2zLyrics-1"
LastCodeRedCheck
"hex(b):ee,35,65,11,e2,0b,00,00," = "hex(b):ee,35,65,11,e2,0b,00,00,"
LastChecked
LastChecked = "dword:54b4664f"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{ad2f012a-8fde-4848-9634-08732d9b1066}
AppName = "a2zLyrics-1-buttonutil.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{ad2f012a-8fde-4848-9634-08732d9b1066}
AppPath = "%Program Files%\a2zLyrics-1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{ad2f012a-8fde-4848-9634-08732d9b1066}
Policy = "dword:00000003"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Main\FeatureControl\
FEATURE_BROWSER_EMULATION
a2zLyrics-1-bg.exe = "dword:00001f40"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects\{11111111-1111-1111-1111-110411151154}
"CrossriderApp0041554" = "CrossriderApp0041554"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects\{11111111-1111-1111-1111-110411151154}
NoExplorer = "dword:00000001"
DisplayName
DisplayName = "a2zLyrics-1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
a2zLyrics-1
DisplayIcon = "%Program Files%\a2zLyrics-1\utils.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
a2zLyrics-1
DisplayVersion = "1.28.153.3"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
a2zLyrics-1
Publisher = "Lyrics"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
a2zLyrics-1
CrPublisherId = "23861"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
a2zLyrics-1
CrAppId = "41554"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
a2zLyrics-1
UninstallString = "%Program Files%\a2zLyrics-1\Uninstall.exe /fromcontrolpanel=1"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Enum\Root\LEGACY_MSISERVER\
0000\Control
ActiveService = "MSIServer"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{164e9b12-3a5a-420c-bfbf-b819b1ff89cb}
AppName = "a2zLyrics-1-bg.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{164e9b12-3a5a-420c-bfbf-b819b1ff89cb}
AppPath = "%Program Files%\a2zLyrics-1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{164e9b12-3a5a-420c-bfbf-b819b1ff89cb}
Policy = "dword:00000001"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{6507d1ab-8a66-461d-8c53-e86fbb685be6}
AppName = "a2zLyrics-1-helper.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{6507d1ab-8a66-461d-8c53-e86fbb685be6}
AppPath = "%Program Files%\a2zLyrics-1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{6507d1ab-8a66-461d-8c53-e86fbb685be6}
Policy = "dword:00000003"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{77767cbc-e832-42df-9262-522bf7139601}
AppName = "a2zLyrics-1-codedownloader.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{77767cbc-e832-42df-9262-522bf7139601}
AppPath = "%Program Files%\a2zLyrics-1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{77767cbc-e832-42df-9262-522bf7139601}
Policy = "dword:00000003"
SOLUTION
Step 1
Los usuarios de Windows ME y XP, antes de llevar a cabo cualquier exploración, deben comprobar que tienen desactivada la opción Restaurar sistema para permitir la exploración completa del equipo.
Step 3
Reinicie en modo normal y explore el equipo con su producto de Trend Micro para buscar los archivos identificados como ADW_ADWAPPER En caso de que el producto de Trend Micro ya haya limpiado, eliminado o puesto en cuarentena los archivos detectados, no serán necesarios más pasos. Puede optar simplemente por eliminar los archivos en cuarentena. Consulte esta página de Base de conocimientos para obtener más información.
Step 4
Eliminar esta clave del Registro
Importante: si modifica el Registro de Windows incorrectamente, podría hacer que el sistema funcione mal de manera irreversible. Lleve a cabo este paso solo si sabe cómo hacerlo o si puede contar con ayuda de su administrador del sistema. De lo contrario, lea este artículo de Microsoft antes de modificar el Registro del equipo.
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
- {55555555-5555-5555-5555-550455155554}
- {55555555-5555-5555-5555-550455155554}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
- {66666666-6666-6666-6666-660466156654}
- {66666666-6666-6666-6666-660466156654}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib
- {44444444-4444-4444-4444-440444154454}
- {44444444-4444-4444-4444-440444154454}
- In HKEY_CURRENT_USER\Software
- a2zLyrics-1
- a2zLyrics-1
- In HKEY_CURRENT_USER\Software\a2zLyrics-1\Plugins
- {Key value}
- {Key value}
- In HKEY_CURRENT_USER\Software
- Crossrider
- Crossrider
- In HKEY_CURRENT_USER\Software\InstalledBrowserExtensions
- Lyrics
- Lyrics
- In HKEY_LOCAL_MACHINE\SOFTWARE
- a2zLyrics-1
- a2zLyrics-1
- In HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1
- Chrome
- Chrome
- In HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1
- Firefox
- Firefox
- In HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1
- IE
- IE
- In HKEY_LOCAL_MACHINE\SOFTWARE\a2zLyrics-1
- Installer
- Installer
- In HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved
- {11111111-1111-1111-1111-110411151154}
- {11111111-1111-1111-1111-110411151154}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes
- CrossriderApp0041554.BHO
- CrossriderApp0041554.BHO
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes
- CrossriderApp0041554.BHO
- CrossriderApp0041554.BHO
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes
- CrossriderApp0041554.Sandbox
- CrossriderApp0041554.Sandbox
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID
- {11111111-1111-1111-1111-110411151154}
- {11111111-1111-1111-1111-110411151154}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID
- {22222222-2222-2222-2222-220422152254}
- {22222222-2222-2222-2222-220422152254}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib
- {44444444-4444-4444-4444-440444154454}
- {44444444-4444-4444-4444-440444154454}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
- {11111111-1111-1111-1111-110411151154}
- {11111111-1111-1111-1111-110411151154}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
- a2zLyrics-1
- a2zLyrics-1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy
- {164e9b12-3a5a-420c-bfbf-b819b1ff89cb}
- {164e9b12-3a5a-420c-bfbf-b819b1ff89cb}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy
- {6507d1ab-8a66-461d-8c53-e86fbb685be6}
- {6507d1ab-8a66-461d-8c53-e86fbb685be6}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy
- {77767cbc-e832-42df-9262-522bf7139601}
- {77767cbc-e832-42df-9262-522bf7139601}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy
- {ad2f012a-8fde-4848-9634-08732d9b1066}
- {ad2f012a-8fde-4848-9634-08732d9b1066}
Step 5
Buscar y eliminar estas carpetas
- %Application Data%\Mozilla\Firefox\Profiles\03chnxd8.default\extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com
- %AppDataLocal%\Google\Chrome\User Data\Default\Extensions\afeodekfkejjgjigfnhhifffljmhnpfn
Step 6
Buscar y eliminar este archivo
- %Windows%\Installer\{random}.msi
- %Windows%\Tasks\a2zLyrics-1-chromeinstaller.job
- %Windows%\Tasks\a2zLyrics-1-codedownloader.job
- %Windows%\Tasks\a2zLyrics-1-enabler.job
- %Windows%\Tasks\a2zLyrics-1-firefoxinstaller.job
- %Windows%\Tasks\a2zLyrics-1-updater.job
Step 7
Reiniciar en modo seguro
Did this description help? Tell us how we did.