172.xpi

Re-Markable

The file 172.xpi has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It loads in Mozilla Firefox as a compliled extension named 'Re-Markable'. This is part of the Revizer line of web browser extensions that inject 3rd-party advertisements in the Firefox web browser as well as setup a proxy server for the browser in order to track behaviors and display context based-ads from various partners (mostly adware).
Remove 172.xpi - Powered by Reason Core Security
MD5:
15e798b9f9184943e335f21f9d3050eb

SHA-1:
baa63a7c9ad48828e9d574c3da5178f899e01258

SHA-256:
923aef3b3886672f981903f6c0a184cb233f9d5e465f34e974ccb5ad6eb9b455

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/4/2016 7:20:04 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Revizer.MozillaPlugin.G
14.8.13.22

Remove 172.xpi - Powered by Reason Core Security
File size:
11 KB (11,226 bytes)

File type:
Cross-Platform Installer Module (XPI), used by Mozilla bundles

Common path:
C:\Program Files\re-markable-soft\172.xpi

Mozilla Extension
Name:
172.xpi

Display:
Re-Markable

Id:
172


<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:em="http://www.mozilla.org/2004/em-rdf#">
  <Description about="urn:mozilla:install-manifest">
    <em:id>{731B40F5-4200-459A-2FD8-CB2595C64F78}</em:id>
    <em:name>Re-Markable</em:name>
    <em:version>1.172</em:version>
    <em:iconURL>chrome://mrnob/content/1.172.png</em:iconURL>
    <em:targetApplication>
      <Description>
        <em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id>
        <em:minVersion>14.*</em:minVersion>
        <em:maxVersion>40.*</em:maxVersion>
      </Description>
    </em:targetApplication>
  </Description>
</RDF>
Remove 172.xpi - Powered by Reason Core Security