What is ElectroLyrics-1?

ElectroLyrics-1 is software application developed by CrossLyrics. It is most commonly found on computers running Windows 7 with nearly 64.77% of installations running this operating system. ElectroLyrics-1's installer is typically 1.00 MB in size and installs around 16 files. The most common release is 1.28.153.3 with 73.86% of all installations currently using this version.

ElectroLyrics-1 is most popular in the United States with 41.18% of installations residing in this country.

About ElectroLyrics-1?

ElectroLyrics-1 is a malicious web browser extension that is designed with the intent to commandeer the user's browser, redirecting web searches and injecting advertising. It operates as a Browser Helper Object in Internet Explorer and engages in various behaviors that compromise user experience, including hijacking advertising on unrelated websites and injecting its own advertising in the form of contextual link ads, banner ads, popups, and pop-overs, including those from established ad serving sites. This malware is often bundled with unwanted third-party applications and spread through web browser exploits. While the program is equipped with an uninstaller and is listed in Windows Add/Remove Programs, its complete removal may prove to be challenging, often necessitating the use of anti-malware software. ElectroLyrics-1 is frequently distributed through co-bundle monetization installers, such as Amonetize ltd. (amoninst.com), and is included in 3rd party bundled apps like FlashPlayer.

Multiple virus scanners have detected malware in ElectroLyrics-1.

utils.exe (MD5: dcd2a1d3562d11267588f2f4f8355baa) has been flagged by 30 scanners:

Scanner Software	Version	Result
avast!	2014.9-131024	NSIS:Adware-LH [PUP]
Baidu-International	4.0.3.131024	Trojan.Win32.Packed.AfS
Bitdefender	1.0.20.1485	Gen:Adware.AddLyrics.1
Dr.Web	9.0.0.0297	Trojan.Crossrider.9
Emsisoft Anti-Malware	8.13.10.24.09	Gen:Adware.AddLyrics
ESET-NOD32	7.8941	Win32/Packed.ScrambleWrapper.C
Fortinet FortiGate	10/24/2013	Adware/AddLyrics
F-Secure	11.2013-24-10_5	Gen:Adware.AddLyrics.1
G Data	13.10.22	Gen:Adware.AddLyrics
Kingsoft AntiVirus	331020.49267	Win32.Troj.Generic.a.(kcloud)
Malwarebytes	v2013.10.24.09	PUP.Optional.Lyrics.A
TrendMicro-HouseCall	7.2.297	TROJ_GEN.R0C1H0AIF13
VIPRE Antivirus	22562	Adware.AddLyrics (fs)
Lavasoft Ad-Aware	12.0.163.0	Adware.Generic.605829
Antiy-AVL	2.0.3.7	AdWare/Win32.Lyckriks
AVG	13.0.0.3169	Generic5.AIKL
CMC Antivirus	1.1.0.977	AdWare.Win32.Lyckriks!O
Comodo Security	17415	ApplicUnwnt
K7 AntiVirus	9.174.10455	Riskware ( 0040eff71 )
K7GW	9.174.10459	Riskware ( 0040eff71 )
Kaspersky	9.0.0.837	not-a-virus:AdWare.Win32.Lyckriks.lb
McAfee	6.0.4.564	Artemis!AC3541568E18
McAfee-GW-Edition	2013	Artemis!AC3541568E18
MicroWorld-eScan	12.0.250.0	Adware.Generic.605829
NANO AntiVirus	0.28.0.56582	Trojan.Win32.Crossrider.cidtam
Panda Antivirus	10.0.3.5	Suspicious file
Sophos	4.95.0	Generic PUA MN
Symantec	20131.1.5.61	Adware.Adpopup
Trend Micro	9.740-1012	TROJ_GEN.F0C2C00KT13
Vba32 AntiVirus	3.12.24.3	AdWare.Lyckriks

ElectroLyrics-1-updater.exe (MD5: a4b98adc77287478c6d158ef7795955f) has been flagged by 10 scanners:

Scanner Software	Version	Result
AVG	13.0.0.3169	Generic_r.GS
Baidu-International	3.5.1.41473	Trojan.Win32.Toolbar.AXwF
Comodo Security	17369	UnclassifiedMalware
ESET-NOD32	9118	a variant of Win32/Toolbar.CrossRider.J
Malwarebytes	1.75.0.1	PUP.Optional.Lyrics.A
McAfee	5.600.0.1067	PUP-FEJ!A4B98ADC7728
McAfee-GW-Edition	2013	PUP-FEJ!A4B98ADC7728
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.R0C1H0AID13
VIPRE Antivirus	23924	Crossrider (fs)
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Generic.a.(kcloud)

ElectroLyrics-1-firefoxinstaller.exe (MD5: 5a84df35f61fb0475ccdffb3ede7dfbe) has been flagged by 14 scanners:

Scanner Software	Version	Result
Baidu-International	3.5.1.41473	Trojan.Win32.Toolbar.CrossRider.J
ESET-NOD32	9058	a variant of Win32/Toolbar.CrossRider.J
K7 AntiVirus	9.173.10217	Trojan ( 0048e2ed1 )
K7GW	9.173.10217	Trojan ( 0048e2ed1 )
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Generic.a.(kcloud)
Malwarebytes	1.75.0.1	PUP.Optional.Lyrics.A
McAfee	5.600.0.1067	PUP-FEJ!5A84DF35F61F
McAfee-GW-Edition	2013	PUP-FEJ!5A84DF35F61F
Sophos	4.94.0	Generic PUA FI
Symantec	20131.1.5.61	Adware.FindLyrics
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.R0CBH05JB13
VIPRE Antivirus	23452	Crossrider (fs)
AVG	13.0.0.3169	Generic_r.GS
Comodo Security	17369	UnclassifiedMalware

ElectroLyrics-1-enabler.exe (MD5: 40893b65c91c8320221791eb27fedf7f) has been flagged by 5 scanners:

Scanner Software	Version	Result
Baidu-International	3.5.1.41473	Trojan.Win32.Toolbar.CrossRider.J
ESET-NOD32	8926	a variant of Win32/Toolbar.CrossRider.J
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Generic.a.(kcloud)
Malwarebytes	1.75.0.1	PUP.Optional.Lyrics.A
VIPRE Antivirus	22450	Crossrider (fs)

ElectroLyrics-1-codedownloader.exe (MD5: 261b8de5367337ecf4538f14e1e1a1b1) has been flagged by 2 scanners:

Scanner Software	Version	Result
Malwarebytes	1.75.0.1	PUP.Optional.Lyrics.A
VIPRE Antivirus	21548	Crossrider (fs)

Startup Entries

Startup tasks:

ElectroLyrics-1-enabler.exe is automatically launched at startup through a scheduled task named ElectroLyrics-1-enabler.
ElectroLyrics-1-updater.exe is automatically launched at startup through a scheduled task named ElectroLyrics-1-updater.
ElectroLyrics-1-firefoxinstaller.exe is automatically launched at startup through a scheduled task named ElectroLyrics-1-firefoxinstaller.
ElectroLyrics-1-codedownloader.exe is automatically launched at startup through a scheduled task named ElectroLyrics-1-codedownloader.
ElectroLyrics-1-chromeinstaller.exe is automatically launched at startup through a scheduled task named ElectroLyrics-1-chromeinstaller.

Software Details

URL:

–

Support:

–

Installation path:

C:\Program Files\ElectroLyrics-1

Uninstaller:

C:\Program Files\ElectroLyrics-1\Uninstall.exe /fromcontrolpanel=1

Size:

1.00 MB

Language:

English

ElectroLyrics-1 Executable Details

Primary executable:

utils.exe

Name:

ElectroLyrics-1

Path:

C:\Program Files\ElectroLyrics-1\utils.exe

MD5:

dcd2a1d3562d11267588f2f4f8355baa

SHA-1:

–

SHA-256:

–

File Type

Filename

MD5

EXE

uninstall.exe

756f238d9d267a4a550f792f5522c68e

EXE

utils.exe

Adware

dcd2a1d3562d11267588f2f4f8355baa

EXE

ElectroLyrics-1-helper.exe

ffbd082e18d9f8812c099669c32657c5

DLL

ElectroLyrics-1-buttonutil64.dll

1b0956bc97b37bdad48a69262e530b9d

DLL

ElectroLyrics-1-buttonutil.dll

34d5fdd65ac302bdac141cdc6837fe90

EXE

ElectroLyrics-1-updater.exe

Malware

a4b98adc77287478c6d158ef7795955f

EXE

ElectroLyrics-1-firefoxinstaller.exe

Malware

5a84df35f61fb0475ccdffb3ede7dfbe

EXE

ElectroLyrics-1-enabler.exe

Malware

40893b65c91c8320221791eb27fedf7f

EXE

ElectroLyrics-1-codedownloader.exe

Malware

261b8de5367337ecf4538f14e1e1a1b1

EXE

ElectroLyrics-1-chromeinstaller.exe

Malware

2469f47c7ddc5779fe16c322dc7f369f

File Type	Filename	MD5
EXE	uninstall.exe	756f238d9d267a4a550f792f5522c68e
EXE	utils.exe Adware	dcd2a1d3562d11267588f2f4f8355baa
EXE	ElectroLyrics-1-helper.exe	ffbd082e18d9f8812c099669c32657c5
DLL	ElectroLyrics-1-buttonutil64.dll	1b0956bc97b37bdad48a69262e530b9d
DLL	ElectroLyrics-1-buttonutil.dll	34d5fdd65ac302bdac141cdc6837fe90
EXE	ElectroLyrics-1-updater.exe Malware	a4b98adc77287478c6d158ef7795955f
EXE	ElectroLyrics-1-firefoxinstaller.exe Malware	5a84df35f61fb0475ccdffb3ede7dfbe
EXE	ElectroLyrics-1-enabler.exe Malware	40893b65c91c8320221791eb27fedf7f
EXE	ElectroLyrics-1-codedownloader.exe Malware	261b8de5367337ecf4538f14e1e1a1b1
EXE	ElectroLyrics-1-chromeinstaller.exe Malware	2469f47c7ddc5779fe16c322dc7f369f

ElectroLyrics-1

What is ElectroLyrics-1?

About ElectroLyrics-1?

Multiple virus scanners have detected malware in ElectroLyrics-1.

Startup Entries

Software Details

ElectroLyrics-1 Executable Details