52924.xpi

The file 52924.xpi has been detected as a potentially unwanted program by 5 anti-malware scanners. It is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.
Remove 52924.xpi - Powered by Reason Core Security
MD5:
c847aae0805e0abd76231ba6a52ffeaa

SHA-1:
feeaa2bcb9d487c9056a9306fd7a9343702fc4bd

SHA-256:
401317bc300d1cdb21e10550eaba4c6d83f2eea02079f6342ca8af86c00b8d60

Scanner detections:
5 / 68

Status:
Potentially unwanted

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:
12/4/2016 7:25:14 PM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
infected with Trojan.Crossrider.17413
9.0.1.05190

ESET NOD32
JS/Toolbar.Crossrider.B potentially unwanted application
7.0.302.0

G Data
Script.Application.Plush
14.6.24

Reason Heuristics
Adware.Extension.Crossrider.I
14.6.13.1

VIPRE Antivirus
Crossrider
30152

Remove 52924.xpi - Powered by Reason Core Security
File size:
303.6 KB (310,859 bytes)

File type:
Cross-Platform Installer Module (XPI), used by Mozilla bundles

Common path:
C:\Program Files\hq-video-pro-1.6\52924.xpi

<RDF:RDF xmlns:em="http://www.mozilla.org/2004/em-rdf#" xmlns:NC="http://home.netscape.com/NC-rdf#" xmlns:RDF="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
  <RDF:Description RDF:about="urn:mozilla:install-manifest" em:id="42d00f3f-eb72-404f-9e0c-21ed14df6ff1@6df45bc7-90d2-4f6c-b3ba-e611598f814a.com" em:unpack="true" em:name="HQ-Video-Pro-1.6" em:version="0.93.19" em:type="2" em:creator="HQ-Video" em:description="HQ Videos is an add-on for your Internet browser that enhances your online experience by displaying online videos in their highest quality format available." em:optionsURL="chrome://a42d00f3feb72404f9e0c21ed14df6ff16df45bc790d24f6cb3bae611598f814acom52924/content/options.xul" em:iconURL="chrome://a42d00f3feb72404f9e0c21ed14df6ff16df45bc790d24f6cb3bae611598f814acom52924/skin/icon24.png" em:updateURL="https://w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/52924.rdf">
    <em:targetApplication RDF:resource="rdf:#$4d+Bj1" />
  </RDF:Description>
  <RDF:Description RDF:about="rdf:#$4d+Bj1" em:id="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}" em:minVersion="3.5" em:maxVersion="40.*" />
</RDF:RDF>
Remove 52924.xpi - Powered by Reason Core Security