PUP.Optional.CrossRider

CrossRider is a software that usually installs without your knowledge with free software downloads. Identified the 03/05/2013.

Features:

– It belongs to a family of PUP (Potentially Unwanted Program).
– Vendor : PUP.Optional

Main actions :

– It installs a program of extension for browser Mozilla Firefox (M2)
– It installs a plugin of the browser Mozilla Firefox (P2)
– It installs a plugin of the browser Google Chrome (G2)
– It is installed as a BHO (Browser Helper Object) of internet browser (O2),
– It installs as a process launched at startup of the system (RP),
– It settled in the Base of registers to be launched each time the system (O4).
– It starts a task planned in automatic (O39),
– It installs as a program (O42),
– It creates to many registry keys ‘Software’
– It creates additional folders (O43),
– It moved to the Windows prefetcher folder (O45).
– It installs as a driver system (O58),
– It creates multiple files users (O61),
– It changes the Internet research provider (O69),

ZHPDiag report:

– (…) — C:UsersCoolmanAppDataLocalmbot_fr_014010074upmbot_fr_014010074.exe
– (…) — C:Program Filesmbot_fr_014010074mbot_fr_014010074.exe
– (.shift – Friven_s_Pro_16 exe.) — C:Program Files (x86)Friven_s_Pro_16Friven_s_Pro_16-nova.exe
– (.shift – Frieven_s_Prox_1.8 exe.) — C:program files (x86)frieven_s_prox_1.8frieven_s_prox_1.8-bg.exe
(.Dwnloader – Dwnloader Setup.) — D:BureauSetup.exe
– (…) — C:UsersCoolmanAppDataLocalfabulous_07261115fabulous_07261115.exe
– (.Corporate Inc – winservice86 exe.) — C:Program Files (x86)winservice86721bec50-90c3-42e5-9ee9-a7a3f064a495.exe
– (.Pas de propriétaire – Torpedo.) — C:Program Filesvideos+ MediaPlayer+1cc062c8-4b55-4e61-9226-b044dded3960.exe
G2 – GCE: Preference Savings Wave v.1.23.65 (Désactivé )
G2 – GCE: Preference Color FB v.1.23.97, (Désactivé )
G2 – GCE: Preference Feven v.1.23.23, (Activé )
G2 – GCE: Preference Feven Pro 1.1 v.1.26.18, (Activé)
G2 – GCE: Preference Shop-Up v.1.24.6 (Activé )
G2 – GCE: Preference HQVid1.9v3 v.1.26.35, (Activé)
G2 – GCE: Preference FLV Player Addon v.1.26.35, (Activé)
G2 – GCE: Preference Fpro1.2 v.1.26.29, (Activé) //Attention avec PDFpro1 LEGITIME
G2 – GCE: Preference MPlayerplus v.1.26.31, (Activé)
G2 – GCE: Preference Frevens Pro 12 v.1.26.15, (Activé)
G2 – GCE: Preference AllSaver v.1.4 (Activé)
G2 – GCE: Preference Week Index v.0.1 (Activé)
G2 – GCE: Preference Frieven_s_Prox_1.8 v.1.26.18, (Activé)
G2 – GCE: Preference Clock View v.0.1 (Activé)
G2 – GCE: Preference Custom Print v.0.1, (Activé)
G2 – GCE: Preference Favicon Grabber v.0.1 (Activé)
G2 – GCE: Preference video MediaPlay-Air v.1.26.35, (Activé)
G2 – GCE: Preference Plus-HD-2.6 v.1.23.7, (Activé )
G2 – GCE: Preference Browsers App v.1.26.10, (Activé)
G2 – GCE: Preference Auto Clip v.0.1 (Activé)
G2 – GCE: Preference Reddit this! v.0.1 (Activé)
G2 – GCE: Preference Remove Bloat! v.0.1 (Activé)
G2 – GCE: Preference Wiki Like v.0.1, (Activé)
G2 – GCE: Preference BobyLyrics-15 v.1.25.15, (Activé)
G2 – GCE: Preference HQualityPro-1.6V03.10 v.1.26.33, (Désactivé)
G2 – GCE: Preference Browsers+_App+s+ v.1.26.9, (Activé)
G2 – GCE: Preference Total-1.8 v.1.26.53, (Activé)
G2 – GCE: Preference HQual2y-v2.5V01.11 v.1.26.76, (Désactivé)
G2 – EXT: C:UsersCoolmanAppDataLocalGoogleChromeUser DataDefaultExtensionsdndpbhehbclolnjdfholblgioegcadih
G2 – EXT: C:UsersCoolmanAppDataLocalGoogleChromeUser DataDefaultExtensionsmfhkgfigejkhikbkfkkglinnkfojkdek
G2 – EXT: C:UsersCoolmanAppDataLocalGoogleChromeUser DataDefaultExtensionsceenmgoldhkkegcnlieacjjhndklllkp
G2 – EXT: C:UsersCoolmanAppDataLocalGoogleChromeUser DataDefaultExtensionsmajjphhgppkndjjkmhhnbgafooenebhd
G2 – EXT: C:UsersRyadAppDataLocalGoogleChromeUser DataDefaultExtensionsonlnnachibjmjahfpoemhledlpakoicg
G2 – EXT: C:UsersJohnAppDataLocalGoogleChromeUser DataDefaultExtensionseeibjhjmddgcdbniedjoghdgbofbecad
G2 – EXT: C:UserscarolephiphiAppDataLocalGoogleChromeUser DataDefaultExtensionsofaemmlijemfcopjandkcndefpnacabg
M2 – MFEP: prefs.js [] Savings Wave v2.0 (..)
M2 – MFEP: prefs.js [] I Want This v5.0.7.0 (..)
M2 – MFEP: prefs.js [] Feven v (..)
O2 – BHO: CrossriderApp0012765 – {11111111-1111-1111-1111-110111271165} . (.Innovative Apps – Savings Wave BHO.) — C:Program Files (x86)Savings WaveSavings Wave-bho.dll
O2 – BHO: CrossriderApp0027096 – {11111111-1111-1111-1111-110211701196} . (.Corporate Inc – Services x86 BHO.) — C:Program Files (x86)Services x86Services x86-bho.dll
O2 – BHO: CrossriderApp0031554 – {11111111-1111-1111-1111-110311151154} . (.Feven – Feven BHO.) — C:Program Files (x86)FevenFeven-bho.dll
O2 – BHO: HDvid-Codec V9.0 – {11111111-1111-1111-1111-110511131156} . (…) — c:program fileshdvid-codec v9.0HDvid-Codec V9.0-bho.dll
O2 – BHO: CrossriderApp0059599 – {11111111-1111-1111-1111-110511951199} . (.enter – video MediaPlay-Air BHO.) — C:Program Files (x86)video MediaPlay-Airvideo MediaPlay-Air-bho.dll
O2 – BHO: Vaudix – {33352849-DE7E-1FEA-41E2-A93D67F34C33} . (…) — C:Program Files (x86)Vaudix1Swh5Aa.dll
O2 – BHO: CrossriderApp0043914 – {11111111-1111-1111-1111-110411391114} . (.LKB boby soft – BobyLyrics-15 BHO.) — C:Program Files (x86)BobyLyrics-15BobyLyrics-15-bho.dll
O2 – BHO: edccb4a004ec01329fbb0fbe6070a3f60063285 – {11111111-1111-1111-1111-110611321185} . (.HDPlus-01TotalV21.09 – TotalPlus01-3.1V21.09 BHO.) — C:Program FilesTotalPlus01-3.1V21.09TotalPlus01-3.1V21.09-bho.dll
O2 – BHO: e105fff0f3e80131b6584734478597d40061911 – {11111111-1111-1111-1111-110611191111} . (.iWebar – Ge-Force BHO.) — C:Program Files (x86)Ge-ForceGe-Force-bho.dll
O4 – HKCU..Run: . (…) — c:usersCoolmanappdatalocalfabulous_07261115fabulous_07261115.exe
O4 – HKUSS-1-5-21-1137401237-2199336907-3109346764-1000..Run: . (…) — c:usersCoolmanappdatalocalfabulous_07261115fabulous_07261115.exe
O4 – HKLM..Run: . (…) — C:Program Filesmbot_fr_014010074mbot_fr_014010074.exe
O4 – HKLM..RunOnce: . (…) — C:UsersCoolmanAppDataLocalmbot_fr_014010074upmbot_fr_014010074.exe
(.Innovative Apps.) — C:UsersCoolmanAppDataLocalUpdater12765Updater12765.exe
O39 – APT:Automatic Planified Task – C:WindowsTasksFeven-chromeinstaller.job
O39 – APT:Automatic Planified Task – C:WindowsTasksFeven-codedownloader.job
O39 – APT:Automatic Planified Task – C:WindowsTasksFeven-enabler.job
O39 – APT:Automatic Planified Task – C:WindowsTasksFeven-firefoxinstaller.job
O39 – APT:Automatic Planified Task – C:WindowsTasksFeven-updater.job
O39 – APT: – (..) — C:WindowsTasksBetterDeals-11-chromeinstaller.job
O39 – APT: – (..) — C:WindowsTasksBetterDeals-11-codedownloader.job
O39 – APT: – (..) — C:WindowsTasksBetterDeals-11-enabler.job
O39 – APT: – (..) — C:WindowsTasksBetterDeals-11-firefoxinstaller.job
O39 – APT: – (..) — C:WindowsTasksBetterDeals-11-updater.job
(.Feven.) — C:Program Files (x86)FevenFeven-chromeinstaller.exe
(.Feven.) — C:Program Files (x86)FevenFeven-codedownloader.exe
(.Feven.) — C:Program Files (x86)FevenFeven-enabler.exe
(.Feven.) — C:Program Files (x86)FevenFeven-firefoxinstaller.exe
(.Feven.) — C:Program Files (x86)FevenFeven-updater.exe
O39 – APT:Automatic Planified Task – C:WindowsTasksTubeSaver-chromeinstaller.job
O39 – APT:Automatic Planified Task – C:WindowsTasksTubeSaver-codedownloader.job
O39 – APT:Automatic Planified Task – C:WindowsTasksTubeSaver-enabler.job
O39 – APT:Automatic Planified Task – C:WindowsTasksTubeSaver-firefoxinstaller.job
O39 – APT:Automatic Planified Task – C:WindowsTasksTubeSaver-updater.job
O39 – APT:Automatic Planified Task – C:WINDOWSTasksvideo-high-codedownloader.job
O39 – APT:Automatic Planified Task – C:WINDOWSTasksvideo-high-enabler.job
O39 – APT:Automatic Planified Task – C:WINDOWSTasksvideo-high-firefoxinstaller.job
O39 – APT:Automatic Planified Task – C:WINDOWSTasksvideo-high-updater.job
(.installdaddy.) — C:Program Files (x86)OnlineHD V6.0OnlineHD V6.0-chromeinstaller.exe
(.installdaddy.) — C:Program Files (x86)OnlineHD V6.0OnlineHD V6.0-codedownloader.exe
(.installdaddy.) — C:Program Files (x86)OnlineHD V6.0OnlineHD V6.0-firefoxinstaller.exe
(.installdaddy.) — C:Program Files (x86)OnlineHD V6.0OnlineHD V6.0-updater.exe
O39 – APT: OnlineHD V6.0-chromeinstaller – (.installdaddy.) — C:WindowsTasksOnlineHD V6.0-chromeinstaller.job
O39 – APT: OnlineHD V6.0-chromeinstaller – (.installdaddy.) — C:WindowsSystem32TasksOnlineHD V6.0-chromeinstaller
O39 – APT: OnlineHD V6.0-codedownloader – (.installdaddy.) — C:WindowsTasksOnlineHD V6.0-codedownloader.job
O39 – APT: OnlineHD V6.0-codedownloader – (.installdaddy.) — C:WindowsSystem32TasksOnlineHD V6.0-codedownloader
O39 – APT: OnlineHD V6.0-enabler – (…) — C:WindowsTasksOnlineHD V6.0-enabler.job
O39 – APT: OnlineHD V6.0-enabler – (…) — C:WindowsSystem32TasksOnlineHD V6.0-enabler
O39 – APT: OnlineHD V6.0-firefoxinstaller – (.installdaddy.) — C:WindowsTasksOnlineHD V6.0-firefoxinstaller.job
O39 – APT: OnlineHD V6.0-firefoxinstaller – (.installdaddy.) — C:WindowsSystem32TasksOnlineHD V6.0-firefoxinstaller
O39 – APT: OnlineHD V6.0-updater – (.installdaddy.) — C:WindowsTasksOnlineHD V6.0-updater.job
O39 – APT: OnlineHD V6.0-updater – (.installdaddy.) — C:WindowsSystem32TasksOnlineHD V6.0-updater
(.LKB boby soft.) — C:Program Files (x86)BobyLyrics-15BobyLyrics-15-chromeinstaller.exe
(.LKB boby soft.) — C:Program Files (x86)BobyLyrics-15BobyLyrics-15-codedownloader.exe
(.LKB boby soft.) — C:Program Files (x86)BobyLyrics-15BobyLyrics-15-enabler.exe
(.LKB boby soft.) — C:Program Files (x86)BobyLyrics-15BobyLyrics-15-firefoxinstaller.exe
61F330E3F24D8FBDD3A7A02F7F52FEBF] (.HDPlus-01TotalV21.09.) — C:Program FilesTotalPlus01-3.1V21.09TotalPlus01-3.1V21.09-codedownloader.exe
(.HDPlus-01TotalV21.09.) — C:Program FilesTotalPlus01-3.1V21.0955d88d94-6b9b-4c81-bb2c-9653d27581f8-11.exe
O39 – APT: ca4b525e-2a52-4c7a-a4ec-2d6f975fd891-11 – (.smarts.) — C:WindowsSystem32Tasksca4b525e-2a52-4c7a-a4ec-2d6f975fd891-11
O39 – APT: ca4b525e-2a52-4c7a-a4ec-2d6f975fd891-5_user – (.smarts.) — C:WindowsTasksca4b525e-2a52-4c7a-a4ec-2d6f975fd891-5_user.job
(.HighD7.) — C:Program Files (x86)HighD-V11d1d2c144-47e8-4a2a-8b2a-51a0abf46219-4.exe
(…) — C:Program Files (x86)HighD-V11dc28f4f3-f705-4d8e-a99d-369241422a99.exe
O42 – Logiciel: Savings Wave – (.Innovative Apps.) — Savings Wave
O42 – Logiciel: Services x86 – (.Corporate Inc.) — Services x86
O42 – Logiciel: video-high – (.videohq.) — video-high
O42 – Logiciel: BetterDeals-11 – (.BetterDeals.) — BetterDeals-11
O42 – Logiciel: Fpro1.2 – (.Freeven.) — Fpro1.2
O42 – Logiciel: MPlayerplus – (.Freeven.) — MPlayerplus
O42 – Logiciel: video MediaPlay-Air – (.enter.) — video MediaPlay-Air
O42 – Logiciel: HQPureV1.8 – (.HQPure.) — HQPureV1.8
O42 – Logiciel: Fabulous discounts – (…) — fabulous_07261115
O42 – Logiciel: Browsers App – (.browser.) — Browsers App
O42 – Logiciel: CinamHDPureV9.5 – (.CinamHDPure.) — CinamHDPureV9.5
O42 – Logiciel: BobyLyrics-15 – (.LKB boby soft.) — BobyLyrics-15
O42 – Logiciel: TotalPlus01-3.1V21.09 – (.HDPlus-01TotalV21.09.) — TotalPlus01-3.1V21.09
O42 – Logiciel: BrowsersAppProPlus-v2.3 – (.browser.) — BrowsersAppProPlus-v2.3
O42 – Logiciel: BrowserPlusBApps_version10.1 – (.App.) — BrowserPlusBApps_version10.1
O42 – Logiciel: BROsrAppsEd3 – (.BrowserServiApp23.) — BROsrAppsEd3
O42 – Logiciel: MPPlayvideoEd2.0 – (.MediaProPlayer+.) — MPPlayvideoEd2.0
O42 – Logiciel: MedPlayV3.1 – (.PlayersMComp.) — MedPlayV3.1

O43 – CFD: 07/04/2013 – 00:38:19 – —-D C:UsersCoolmanAppDataLocalServices x86
O43 – CFD: 02/04/2013 – 18:59:59 – —-D C:UsersCoolmanAppDataLocalSavings Wave
O43 – CFD: 18/05/2013 – 17:52:32 – —-D C:UsersCoolmanAppDataLocalUpdater12765
O43 – CFD: 20/05/2013 – 15:11:27 – —-D C:Program Files (x86)Services x86
O43 – CFD: 06/10/2013 – 21:26:41 – —-D C:Program FilesShop-Up
O43 – CFD: 09/03/2014 – 19:01:31 – —-D C:Program Filesvideo-high
O43 – CFD: 25/04/2014 – 03:20:22 – [] —-D C:Program Files (x86)BetterDeals-11
O43 – CFD: 11/05/2014 – 21:29:15 – [] —-D C:Program Files (x86)BobyLyrics-15
O43 – CFD: 09/06/2014 – 19:01:31 – [] —-D c:program filesHDvid-Codec V9.0
O43 – CFD: 09/06/2014 – 19:01:31 – [] —-D c:program fileshdvidcodec.com
O43 – CFD: 23/07/2014 – 02:07:42 – [] —-D C:Program Files (x86)video MediaPlay-Air
O43 – CFD: 22/07/2014 – 23:17:02 – [] —-D C:Program Files (x86)HQPureV1.8
O43 – CFD: 26/07/2014 – 13:15:32 – [] —-D C:UsersCoolmanAppDataLocalfabulous_07261115
O43 – CFD: 31/07/2014 – 20:07:44 – [] —-D C:Program Files (x86)Browsers App
O43 – CFD: 18/08/2014 – 01:36:34 – [] —-D C:Program Files (x86)CinamHDPureV9.5
O43 – CFD: 16/09/2014 – 19:47:05 – [] —-D C:Program Files (x86)winservice86
O43 – CFD: 21/09/2014 – 17:06:31 – [] —-D C:Program FilesTotalPlus01-3.1V21.09
O43 – CFD: 02/12/2014 – 14:16:48 – [] —-D C:Program Files (x86)Ge-Force
O43 – CFD: 01/12/2014 – 16:25:24 – —-D C:Program FilesCinema Video Pro 2.1V14.11
O43 – CFD: 15/02/2015 – 22:43:22 – [] —-D C:Program FilesMedPlayV3.1
O61 – LFC: 2015/08/28 22:36:45 A . (..) — C:UsersCoolmanAppDataLocalmbot_fr_014010074upmbot_fr_014010074.exe
O61 – LFC: 2015/08/29 01:39:46 A . (..) — C:UsersCoolmanAppDataLocalmbot_fr_014010074Downloadmyoffergroup_fr.exe
O61 – LFC: 18/05/2013 – 16:54:35 —A- C:UsersCoolmanAppDataRoamingDesk 365iconschrome_1da37a02e412dbdb6c2392f85ed86555.ico
O61 – LFC: 18/05/2013 – 16:54:35 —A- C:UsersCoolmanAppDataRoamingDesk 365iconsfirefox_266215028a0bf0cee2a4f5132062976d.ico
O61 – LFC: 26/07/2014 – 13:17:01 —A- . (…) — C:UsersCoolmanAppDataLocalfabulous_07261115fabulous_07261115.exe
O69 – SBI: prefs.js user_pref(“extensions.crossrider.bic”, “13de1811d542bec9b2bf2643f3b612eb”);
O69 – SBI: prefs.js user_pref(“extensions.crossriderapp12765.12765.InstallationThankYouPage”, true);
(CrossriderApp0053172.Sandbox) =>PUP.CrossRider
(CrossriderApp0054246.Sandbox) =>PUP.CrossRider

C:UsersCoolmanAppDataLocalGoogleChromeUser DataDefaultExtensionslglkfgcmohcdajpldlnhjjiojjgkbmhm
C:UsersCoolmanAppDataLocalGoogleChromeUser DataDefaultExtensionskigpmgkoelepakabiliblldhdpnidcod
C:UsersCoolmanAppDataLocalServices x86
C:UsersCoolmanAppDataLocalSavings Wave
C:UsersCoolmanAppDataLocalUpdater12765
C:Program Files (x86)Services x86
C:Program Files (x86)Feven
C:Program FilesShop-Up
C:WINDOWStasksShop-Up-updater.job
C:WINDOWStasksShop-Up-enabler.job
C:WINDOWStasksShop-Up-chromeinstaller.job
C:WINDOWStasksShop-Up-firefoxinstaller.job
C:WINDOWStasksShop-Up-codedownloader.job
C:Program Files (x86)Shop-Up
C:Program Files (x86)Shop-UpShop-Up-updater.exe
C:Program Files (x86)Shop-UpShop-Up-firefoxinstaller.exe
C:Program Files (x86)Shop-UpShop-Up-enabler.exe
C:Program Files (x86)Shop-UpShop-Up-codedownloader.exe
C:Program Files (x86)Shop-UpShop-Up-chromeinstaller.exe
C:Program Files (x86)BetterDeals-11
C:UsersCoolmanAppDataLocalGoogleChromeUser DataDefaultExtensionsmfhkgfigejkhikbkfkkglinnkfojkdek1.26.10_0crossrider
C:WindowsTasksHDvid-Codec V9.0-chromeinstaller.job
C:WindowsSystem32TasksHDvid-Codec V9.0-chromeinstaller
C:WindowsTasksHDvid-Codec V9.0-codedownloader.job
C:WindowsSystem32TasksHDvid-Codec V9.0-codedownloader
C:WindowsTasksHDvid-Codec V9.0-enabler.job
C:WindowsSystem32TasksHDvid-Codec V9.0-enabler
C:WindowsTasksHDvid-Codec V9.0-firefoxinstaller.job
C:WindowsSystem32TasksHDvid-Codec V9.0-firefoxinstaller
C:WindowsTasksHDvid-Codec V9.0-updater.job
C:WindowsSystem32TasksHDvid-Codec V9.0-updater

Alias:

PUP.Optional.Crossrider.A
Adware.Crossrider

Remove:

– Remove software in Windows Configuration Panel,
Remove with ZHPcleaner

Diagnose with ZHPDiag

1 Vote2 Votes3 Votes4 Votes5 Votes (No Ratings Yet)
SOSVirusLoading...

Leave a Comment