Техническая информация
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'YTLUpdater' = '%PROGRAM_FILES%\AddLyrics\YTLUpdater.exe'
- %PROGRAM_FILES%\AddLyrics\YTLUpdater.exe
- <SYSTEM32>\regsvr32.exe /s "%PROGRAM_FILES%\AddLyrics\AddLyrics.dll"
- iexplore.exe
- chrome.exe
- firefox.exe
- %TEMP%\nsq2.tmp\System.dll
- %PROGRAM_FILES%\AddLyrics\Uninstall.exe
- %PROGRAM_FILES%\AddLyrics\FF\chrome\content\overlay.xul
- %APPDATA%\Mozilla\Firefox\Profiles\cwdgt0y8.default\user.js
- %PROGRAM_FILES%\AddLyrics\r.log
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\installed[1]
- %TEMP%\nsq2.tmp\inetc.dll
- %PROGRAM_FILES%\AddLyrics\FF\chrome\content\main.js
- %PROGRAM_FILES%\AddLyrics\IEInject.dll
- %PROGRAM_FILES%\AddLyrics\Chrome.crx
- %TEMP%\nsq2.tmp\Processes.dll
- %PROGRAM_FILES%\AddLyrics\YTLUpdater.exe
- %PROGRAM_FILES%\AddLyrics\FF\chrome\content\addlyrics32.png
- %PROGRAM_FILES%\AddLyrics\FF\install.rdf
- %PROGRAM_FILES%\AddLyrics\FF\chrome.manifest
- %TEMP%\nsq2.tmp\System.dll
- %TEMP%\nsq2.tmp\Processes.dll
- %TEMP%\nsq2.tmp\inetc.dll
- 'jx.###erspath.com':80
- jx.###erspath.com/report/installed/?os###############################
- DNS ASK jx.###erspath.com
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'Indicator' WindowName: ''
- ClassName: '' WindowName: 'Shell_TrayWnd'
- ClassName: 'Chrome_WidgetWin_0' WindowName: ''