Should I block it?
90% of PCs block this file from running.
Possible reason:
Multiple malware detections
Relationships
Crossrider.exe
Crossrider by Crossrider
| Version: | 1, 0, 0, 1 |
| MD5: | fd6af39f354242480f14b65143a88e06 |
| SHA1: | 50f29c91b90276af1369d3bd993af227ec492f9d |
| SHA256: | 5e2279d3b24966ef2839fcd24b6202164a2be7ebe451cc4eebdf5dc6e3828bae |
Warning 6 antivirus scanners has detected malware.
Overview
crossrider.exe is malware that executes as a process with the local user's privileges. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). This is typically installed with the program Crossrider Web Apps published by Crossrider Advanced Technologies Ltd. (Platform) and is most likely removed by most users once installed (56% removed). This particular version is usually found on Windows 7 Home Premium (6.1.7600.0).
Details
| File name: | crossrider.exe |
| Publisher: | Crossrider |
| Product name: | Crossrider |
| Description: | Crossrider Helper |
| Typical file path: | C:\Program Files\crossriderwebapps\crossrider.exe |
| File version: | 1, 0, 0, 1 |
| Size: | 467.5 KB (478,720 bytes) |
| Digital DNA |
| File packed: | No |
| .NET CLR: | No |
More details
Programs
The following program will install this file
|
Crossrider Advanced Technologies Ltd. (Platform) |
|
This is a cross browser extension that plugs into Google Chrome, Firefox and Internet Explorer and designed to modify the normal behavior of the browser.
Behaviors
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'CrossRiderPlugin' → C:\Program Files\CrossriderWebApps\Crossrider.exe
Network connections
[TCP] 199.83.134.103.ip.incapdns.net (199.83.134.103:80)
[UDP] listens on port 57414
Malware detections
Based on 40+ industry antivirus scanners, 6 of them detected the following malware.
| Antivirus engine | Engine version | Detection |
| AVG |
2014.0.3629 |
unknown virus Win32/DH{JQ9N} |
| eSafe |
7.0.17.0 |
Win32.Artemis |
| PC Tools |
9.0.0.2 |
Adware.Crossid!rem |
| Symantec |
20131.1.0.101 |
Adware.Crossid |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.RC1H1C7 |
| VIPRE Antivirus |
18890 |
Adware.Crossid |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.00002832% | |
| Kernel CPU: | 0.00002394% | |
| User CPU: | 0.00000438% | |
| Kernel CPU time: | 2,246 ms/min | |
| Memory |
| Private memory: | 3.63 MB | |
| Private (maximum): | 11.43 MB | |
| Private (minimum): | 6.23 MB | |
| Non-paged memory: | 3.63 MB | |
| Virtual memory: | 96.66 MB | |
| Virtual memory (peak): | 99.04 MB | |
| Working set: | 6.7 MB | |
| Working set (peak): | 11.55 MB | |
| Page faults: | 4,571/min | |
| Resource allocations |
| Threads: | 9 | |
| Handles: | 214 | |
| GUI GDI count: | 10 | |
| GUI GDI peak: | 11 | |
| GUI USER count: | 9 | |
| GUI USER peak: | 12 | |
Process properties
Threads
Averages
| ntdll.dll |
| Total CPU: | 0.05562048% | |
| Kernel CPU: | 0.03337229% | |
| User CPU: | 0.02224819% | |
| CPU cycles: | 504,873/sec | |
| Memory: | 1.67 MB | |
| Crossrider.exe (main module) |
| Total CPU: | 0.00057697% | |
| Kernel CPU: | 0.00038870% | |
| User CPU: | 0.00018828% | |
| CPU cycles: | 85,200/sec | |
| Memory: | 488 KB | |
| wow64.dll |
| Total CPU: | 0.00000304% | |
| Kernel CPU: | 0.00000304% | |
| User CPU: | 0.00000000% | |
| CPU cycles: | 840/sec | |
| Memory: | 252 KB | |
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
100.00% |
|
