CrossRider

CrossRider Description

CrossRider Web Apps is a Potentially Unwanted Program (PUP) that should be deleted as quickly as possible with the collaboration of a strong security program. Malware analysts have heard from PC users that report that their security programs detected CrossRider and indicated that CrossRider may be problematic. PCs affected by CrossRider Web Apps may slow down, crash, freeze and present other symptoms. Computer users also may observe that their Web browser behaves abnormally, and that unrecognized components are present on their computers. PC security analysts have observed that CrossRider may interfere with other Web browser add-ons on an affected computer. It is also notable that CrossRider may be difficult to remove. Computer users attempting to remove CrossRider may come across difficulties if they attempt to remove CrossRider as they would remove any other Web browser extension. Removing CrossRider may require special measures and the use of a security program that is fully up-to-date.

CrossRider and Similar Problematic Web Browser Add-Ons


PUPs may not be as destructive or severe as threats. However, most PUPs (CrossRider included) may cause symptoms that are most associated with threats. For example, CrossRider may cause pop-up advertisements, Web browser redirects and performance issues on computers CrossRider affects. There are many ways in which PUPs may spread, including typical threat distribution methods. However, the main way in which PUPs like CrossRider are distributed is by bundling them with other software. In most cases, CrossRider will be bundled with freeware or shareware from questionable sources, but in some cases, CrossRider may be bundled along with legitimate software being installed on a different installer or source.

Problems Associated with CrossRider and Other PUPs


As soon as CrossRider is installed, CrossRider may make changes to your Web browser settings. PC security analysts have noted that CrossRider may cause performance issues, such as causing the infected Web browser to crash, slow down or freeze. PUPs like CrossRider also may prevent other add-ons installed on the affected computer from functioning properly. Malware researchers have observed that CrossRider may be bundled along with numerous other PUPs which, when put together, may greatly tax your computer's resources. Because of these reasons, PC security analysts strongly recommend dealing with CrossRider and similar PUPs as soon as possible.

How to Deal with CrossRider


If CrossRider is installed on your computer, malware analysts advise the use of a known security program that is both fully up-to-date and capable of removing PUPs. In many cases, security software may be incapable of detecting PUPs since these programs may be geared towards more severe threats, such as worms, Trojans, viruses and rootkits. This has meant that many threat developers have increased their efforts into producing PUPs like CrossRider rather than full blown threat infections. This may result in substantial profits from advertising and affiliate marketing tactics. In most cases, computer users may find it difficult to remove CrossRider using their Web browser's extension or add-on manager – however, CrossRider and similar PUPs may be removed using the Add and Remove Programs option in the Windows Control Panel. But, even after removing CrossRider, it may be necessary to undo any unwanted changes made by CrossRider to your Web browser settings. For example, PC users may be obliged to revert their default search engine and homepage to CrossRider manually. After removing CrossRider, PC security analysts recommend using a strong anti-malware program that is fully up-to-date to perform a full scan of the affected computer. This step is crucial to ensure that CrossRider has not allowed other PUPs or more severe forms of threats to enter and affect the victim's computer.
Aliases: Adware.Win32.CrossAd.CW [Baidu-International], Win.Trojan.Troldesh-2 [ClamAV], PUA_CrossRider [TrendMicro-HouseCall], a variant of Win32/Toolbar.CrossRider.CW potential [ESET-NOD32], Trojan.Gen.2 [Symantec], W32/S-d60a457c!Eldorado [F-Prot], PUA.CrossRider! [Agnitum], Unwanted-Program ( 004c89a91 ) [K7GW], PUP.Optional.CrossBrowse [Malwarebytes], Artemis!DC24DF79A82D [McAfee], W32.HfsAdware.72B3 [Bkav], not-a-virus:HEUR:AdWare.Win32.CrossRider.gen [Kaspersky], Trojan.Win32.Crossrider1.duanbp [NANO-Antivirus], AppRider (PUA) [Sophos] and Crossrider.WFB [AVG].

Infected with CrossRider? Scan Your PC for Free

Download SpyHunter’s Spyware Scanner
to Detect CrossRider

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in 'Safe Mode with Networking' and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

Infection Statistics


Our MalwareTracker shows malware activity across the world. Explore real-time data of CrossRider outbreaks and other threats from global to local level.

File System Details

CrossRider creates the following file(s):
# File Name Size MD5 Detection Count
1 %LOCALAPPDATA%\Installer\Installsense_25941\delay.exe 1,151,376 a6e96df3c060f4dabbd7c2818674b169 4,123
2 %PROGRAMFILES%\CS Browser Assistant 2.0\CS Browser Assistant 2.0-codedownloader.exe 515,024 50ae42bef41635919878520a9c0a7e9e 3,483
3 %PROGRAMFILES(x86)%\Super Radio\7eca1cd8-2a95-4759-9c0f-ae713062040a-2.exe 895,968 f8f0e4c9d8e49573af18542e2b99f919 3,449
4 %PROGRAMFILES%\CinemaP-1.9cV05.03\2300726e-d013-4e97-93b8-82cdb2191e24-1-6.exe 1,408,512 d7e43560e3a522928b081013676c719d 3,341
5 %LOCALAPPDATA%\Installer\Installdelay_1922\DCytaiesmt.exe 1,151,376 b6a4371601dab6abb34f50a5ced56a37 3,286
6 %APPDATA%\YVETWWON.exe 1,994,648 dec376a5e390ace27459969042d5a8fb 3,063
7 %PROGRAMFILES(x86)%\Cinema-Plus-1.7cV06.10\f40df109-6f04-4f76-ab92-f00f03b2138a-2.exe 933,272 6ded9d08dfed2b67a345a9f1011f256b 3,029
8 %APPDATA%\VMGL.exe 1,520,536 390beb7736adebea6ed6f524fc2edd9c 2,938
9 %LOCALAPPDATA%\Installer\Install_20493\DCytaiesmt_smtyc_setup.exe 1,222,640 ea0ca98847dc1a403ffec3be116e8b2f 2,933
10 %PROGRAMFILES%\cs browser assistant 2.0\cs browser assistant 2.0-updater.exe 394,704 3a1edd7aae6f99af5517a9f1fa37df0f 2,933
11 %PROGRAMFILES%\HD-Quality-v3\30a17d86-e61c-42ac-bbca-96aa76a9e34d.exe 378,776 6286fbf8c18d207c253faf8514897f3a 2,918
12 %PROGRAMFILES%\HQTotal1.2\HQTotal1.2-chromeinstaller.exe 2,051,072 bbde9362596e2f630e59e82b53a06871 2,878
13 %PROGRAMFILES%\HQTotal1.2\HQTotal1.2-firefoxinstaller.exe 958,464 ac2e549d8d26feb89750c006b6dea224 2,876
14 %PROGRAMFILES%\CinemaP-1.9cV05.03\2300726e-d013-4e97-93b8-82cdb2191e24-1-7.exe 1,117,696 5e2aec7144c50d572c0f03dd518a3014 2,490
15 %PROGRAMFILES%\fiv en\fiv en-chromeinstaller.exe 2,035,712 689c23a03414c346980c5c5cb16757e3 2,450

More files

Registry Details

CrossRider creates the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}
BrwseApp2.3
MediaPlayRS3
HD4Good
MediaPlayerVid2.4
BrowsrPlus3.8
Cinema_Plus-1.2V21.07
MedPlayvidV3.1
BrowsrPlus4
MyBrowser 1.0.2V31.10
{9112CF41-DE89-1C75-EB6B-E15348EC0D69}
HQVidual2y-v2.5V11.11
HKEY..\..\..\..{RegistryKeys}
Software\Cr_Installer
SOFTWARE\Wow6432Node\BrwseApp2.3
SOFTWARE\BrwseApp2.3
Software\InstalledBrowserExtensions\PubBrows
SOFTWARE\MediaPlayRS3
SOFTWARE\Wow6432Node\MediaPlayRS3
SOFTWARE\Wow6432Node\ArenaHD
Software\YorkNewCin
SOFTWARE\Wow6432Node\YorkNewCin
SOFTWARE\Wow6432Node\InstalledBrowserExtensions\32846
Software\InstalledBrowserExtensions\32846
Software\InstalledBrowserExtensions\34087
Software\InstalledBrowserExtensions\Buca Apps
Software\InstalledBrowserExtensions\HDTubeV01.07
SOFTWARE\HighDefAction
SOFTWARE\Wow6432Node\HD4Good
Software\InstalledBrowserExtensions\BrowserAppSPlus
Software\InstalledBrowserExtensions\NewPlayerVideo+
SOFTWARE\BrowsrPlus3.8
Software\InstalledBrowserExtensions\App+Service
SOFTWARE\Cinema_Plus-1.2V21.07
SOFTWARE\Wow6432Node\Cinema_Plus-1.2V21.07
SOFTWARE\Wow6432Node\BrowsrPlus4
SOFTWARE\Wow6432Node\OpedBrowsrVersion5-nv-ie
SOFTWARE\OpedBrowsrVersion5-nv-ie
SOFTWARE\OpedBrowsrVersion5-nv-edge
SOFTWARE\OpedBrowsrVersion5-nv
SOFTWARE\Wow6432Node\Crossrider
SOFTWARE\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
The following CLSID's were found:
HKEY..\..\{CLSID Path}
{02A96331-0CA6-40E2-A87D-C224601985EB}
{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
{5645E0E7-FC12-43BF-A6E4-F9751942B298}
{577975B8-C40E-43E6-B0DE-4C6B44088B52}
{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}

Site Disclaimer

Leave a Reply

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as-is:
What is 4 + 2 ?