re-markableeq172.exe

The application re-markableeq172.exe has been detected as adware by 17 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Re-Markable”. This file is typically installed with the program Re-Markable by Revizer Technologies which is a potentially unwanted software program. This is part of the Revizer line of web browser extensions that inject 3rd-party advertisements in the user's web browser as well as setup a proxy server for the browser in order to track behaviors and display context based-ads from various partners (mostly adware).
Remove re-markableeq172.exe - Powered by Reason Core Security
MD5:
bec5881e33f110b04dc5636b248a6725

SHA-1:
c7b7042a48c1140809675f247557626b0442e5bb

SHA-256:
7f8aba9cd08352dba970dc12b69d2b2e25d545e372fe8e571fe540606b36d68d

Scanner detections:
17 / 68

Status:
Adware

Analysis date:
12/9/2016 6:43:28 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.AddLyrics.11
922

Antiy Labs AVL
Trojan/Win32.TSGeneric
1.0.0.1

avast!
Win32:Adware-BSL [PUP]
2014.9-140728

AVG
Generic5
2015.0.3400

Baidu Antivirus
Adware.Win32.AddLyrics
4.0.3.14728

Bitdefender
Gen:Variant.Adware.AddLyrics.11
1.0.20.1045

Comodo Security
ApplicUnwnt
18736

Emsisoft Anti-Malware
Gen:Variant.Adware.AddLyrics.11
8.14.07.28.01

ESET NOD32
Win32/AdWare.AddLyrics.AQ (variant)
8.10031

Fortinet FortiGate
Riskware/AddLyrics
7/28/2014

F-Secure
Gen:Variant.Adware.AddLyrics.11
11.2014-28-07_2

G Data
Gen:Variant.Adware.AddLyrics.11
14.7.24

Kaspersky
not-a-virus:HEUR:AdWare.Win32.Agent
14.0.0.3495

MicroWorld eScan
Gen:Variant.Adware.AddLyrics.11
15.0.0.627

Reason Heuristics
Adware.Revizer.Service.Q
14.8.13.22

Trend Micro House Call
Suspicious_GEN.F47V0625
7.2.209

VIPRE Antivirus
Trojan.Win32.Generic
30874

Remove re-markableeq172.exe - Powered by Reason Core Security
File size:
175 KB (179,200 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\re-markable-soft\re-markableeq172.exe

File PE Metadata
Compilation timestamp:
6/8/2014 11:08:16 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

CTPH (ssdeep):
3072:KaSd7gXEY0X08PpaMyM+nKs73OEnMi5Tu/emoWw:KaCw01jGeQMikiWw

Entry address:
0xDD6D

Entry point:
E8, D6, 66, 00, 00, E9, 7B, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 7F, 0F, B6, 44, 24, 08, 0F, BA, 25, A4, 3C, 42, 00, 01, 73, 0D, 8B, 4C, 24, 0C, 57, 8B, 7C, 24, 08, F3, AA, EB, 5D, 8B, 54, 24, 0C, 81, FA, 80, 00, 00, 00, 7C, 0E, 0F, BA, 25, 10, 2E, 42, 00, 01, 0F, 82, BB, 67, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA...
 
[+]

Entropy:
6.4039

Code size:
94 KB (96,256 bytes)

Service
Display name:
Re-Markable

Type:
Win32OwnProcess


The file re-markableeq172.exe has been discovered within the following program.

Re-Markable  by Revizer Technologies
Re-Markable is an advertising injecting web browser addon that displays ads on web pages not associated with the program. It does this by using a local proxy server to route all web traffic through and display ads in the forms of banner ads, video ads and text-links.
re-markable.net
80% remove it
 
Powered by Should I Remove It?

Remove re-markableeq172.exe - Powered by Reason Core Security