home

windows 10 technical preview build 10049 (x86.exe

Rodion Veresev

The is the installer for the WebPick InstalleRex download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed without consent. The application windows 10 technical preview build 10049 (x86.exe by Rodion Veresev has been detected as adware by 24 anti-malware scanners. It is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider.
Publisher:
Rodion Veresev  (signed and verified)

MD5:
71e435fa29a23d8b7301d896ec718969

SHA-1:
e34a1e7a1b1f4a52d6f507aa8bba794dfbd700af

SHA-256:
993223bf9dd53686a61d8e272b8cba028fefdf779a09906e686e833ed470b221

Scanner detections:
24 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:
5/7/2024 5:59:30 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Mplug.37
5650986

AhnLab V3 Security
PUP/Win32.MultiPlug
2015.04.21

Avira AntiVirus
TR/Crypt.XPACK.Gen
3.6.1.96

AVG
Generic
2016.0.3133

Baidu Antivirus
Adware.Win32.MultiPlug
4.0.3.15424

Bitdefender
Gen:Variant.Adware.Mplug.37
1.0.20.555

Dr.Web
Trojan.Crossrider1.25958
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Adware.Mplug.37
9.0.0.4799

ESET NOD32
Win32/Adware.MultiPlug.JB (variant)
9.11507

Fortinet FortiGate
Riskware/MultiPlug
4/24/2015

F-Secure
Gen:Variant.Adware.Mplug
11.2015-21-04_3

G Data
Gen:Variant.Adware.Mplug.37
15.4.25

IKARUS anti.virus
PUA.Multiplug
t3scan.1.8.9.0

K7 AntiVirus
Unwanted-Program
13.202.15655

Kaspersky
Trojan-Dropper.Win32.Agent
14.0.0.2144

McAfee
Program.MultiPlug-FXP
16.8.708.2

MicroWorld eScan
Gen:Variant.Adware.Mplug.37
16.0.0.333

NANO AntiVirus
Riskware.Win32.MultiPlug.dqwybn
0.30.20.1219

Panda Antivirus
Generic Suspicious
15.04.24.05

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1015

Reason Heuristics
Threat.WebPick.RodionVeresev
15.4.21.3

Sophos
Generic PUA EP
4.98

Vba32 AntiVirus
suspected of Heur.Malware-Cryptor.Multiplug
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
39568

File size:
380.9 KB (390,000 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\ProgramData\{be1f9449-f7b0-faa8-be1f-f9449f7b5127}\windows 10 technical preview build 10049 (x86.exe

Digital Signature
Signed by:
Rodion Veresev

Authority:
Unizeto Technologies S.A.

Valid from:
6/25/2014 3:22:58 AM

Valid to:
6/25/2015 3:22:58 AM

Subject:
E=rodion.veresev@yandex.ru, CN=Rodion Veresev, O=Rodion Veresev, C=UA

Issuer:
CN=Certum Code Signing CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
715A33AE9117D0C2B07CE5B9C396152A

File PE Metadata
Compilation timestamp:
7/15/2013 12:51:36 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:BAI+lN3qaCTblvkU5k0eMvcSDoAqN+Hm6HfUHF+5uBsjddEcyYnEXM:Bw73qZTbVkUW8vcSljnjoYnEXM

Entry address:
0x1E8BB

Entry point:
E8, 57, 12, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 00, B3, 43, 00, E8, 5F, 17, 00, 00, E8, 24, 14, 00, 00, 0F, B7, F0, 6A, 02, E8, EA, 11, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, CB, 0B, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
6.1957

Code size:
142.5 KB (145,920 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.