Multi-Device Licenses (Volume Discounts)

Change Region

English
Threat Database Adware Adware.ActiveSearch!rem

Adware.ActiveSearch!rem

By JubileeX in Adware

Adware.ActiveSearch!rem is a malcicious adware application designed to spread various advertisements to the targeted users' computer systems. Adware.ActiveSearch!rem often creates creates and shows annoying pop-up alerts, tool-bars, etc. Adware.ActiveSearch!rem aims at gathering information about users and send them to host computers without victims' knowledge and permission. Adware.ActiveSearch!rem is able to infect your system files and change your homepage to another marketing website. Adware.ActiveSearch!rem will change your web browser code and disable you to set your web browser options. Remove Adware.ActiveSearch!rem from your computer because it is a great threat to your PC system security.

File System Details

Adware.ActiveSearch!rem may create the following file(s):
Expand All | Collapse All
# File Name Detections
1. %Temp%\RFSD84A.tmp\Firefox\components\rfproxy_31.dll
2. %Temp%\nsv2.tmp\Internet.dll
3. %Temp%\RFSD84A.tmp\roboform.dll
4. %Temp%\RFSD84A.tmp\robotaskbaricon.exe
5. %Temp%\RFSD84A.tmp\Chrome\plugin\nprobo1.dll
6. %Temp%\RFSD84A.tmp\dbghelp.dll
7. %Temp%\RFSD84A.tmp\rfmozhlp.dll
8. %Temp%\RFSD84A.tmp\rfwipeout.exe
9. %System%\mi2.exe
10. %Temp%\RFSD84A.tmp\Firefox\components\rfproxy_32.dll
11. %Temp%\RFSD84A.tmp\Chrome\plugin\rf-chrome-plugin.dll
12. %Temp%\nsv2.tmp\NSISdl.dll
13. %Temp%\RFSD84A.tmp\identities.exe
14. %Temp%\RFSD84A.tmp\passwordgenerator.exe
15. %Temp%\RFSD84A.tmp\Chrome\background.html
16. %Temp%\RFSD84A.tmp\Firefox\install.rdf
17. %Temp%\RFSD84A.tmp\cacert.pem
18. %Temp%\RFSD84A.tmp\Chrome\background.js %Temp%\RFSD84A.tmp\Chrome\common.js
19. %Temp%\RFSD84A.tmp\Chrome\rf_f1.js
20. %Temp%\RFSD84A.tmp\Chrome\robo16.png
21. %Temp%\RFSD84A.tmp\Opera\robo48.png
22. \RFSD84A.tmp\Firefox\chrome.manifest
23. %Temp%\RFSD84A.tmp\Firefox\components\rfproxy_32.xpt
24. %Temp%\RFSD84A.tmp\hr-Croatian.rfi
25. %Temp%\RFSD84A.tmp\cn-Chinese.rfi
26. %Temp%\RFSD84A.tmp\dk-Danish.rfi
27. %Temp%\RFSD84A.tmp\fa-Persian.rfi
28. %Temp%\RFSD84A.tmp\jp-Japanese.rfi
29. %Temp%\RFSD84A.tmp\nl-Dutch.rfi
30. %Temp%\RFSD84A.tmp\ru-Russian.rfi
31. %Temp%\RFSD84A.tmp\se-Swedish.rfi
32. %Temp%\RFSD84A.tmp\ua-Ukrainian.rfi
33. %Temp%\RFSD84A.tmp\license-br.txt
34. %Temp%\RFSD84A.tmp\license-de.txt
35. %Temp%\RFSD84A.tmp\license-es.txt
36. %Temp%\RFSD84A.tmp\license-he.txt
37. %Temp%\RFSD84A.tmp\license-jp.txt
38. %Temp%\RFSD84A.tmp\license-nl.txt
39. %Temp%\RFSD84A.tmp\license-sb.txt
40. %Temp%\RFSD84A.tmp\license-tr.txt
41. %CommonAppData%\RoboForm\license.rfo
42. %Temp%\RFSD84A.tmp\install.bmp
43. %Temp%\RFSD84A.tmp\Opera\config.xml
44. %Temp%\RFSD84A.tmp\dndhandle.gif
45. %Temp%\RFSD84A.tmp\Firefox\components\rfhelper32.js
46. %Temp%\RFSD84A.tmp\Chrome\filler.js
47. %Temp%\RFSD84A.tmp\Chrome\robo128.png
48. %Temp%\RFSD84A.tmp\Chrome\robo48.png
49. %Temp%
50. %Temp%\RFSD84A.tmp\Firefox\components\rfproxy_31.xpt
51. %Temp%\RFSD84A.tmp\he-Hebrew.rfi
52. %Temp%\RFSD84A.tmp\br-Brasilian.rfi
53. %Temp%\RFSD84A.tmp\de-German.rfi
54. %Temp%\RFSD84A.tmp\es-Spanish.rfi
55. %Temp%\RFSD84A.tmp\it-Italian.rfi
56. %Temp%\RFSD84A.tmp\lt-Lithuanian.rfi
57. %Temp%\RFSD84A.tmp\pl-Polish.rfi
58. %Temp%\RFSD84A.tmp\sc-Serbian.rfi
59. %Temp%\RFSD84A.tmp\tr-Turkish.rfi
60. %Temp%\RFSD84A.tmp\license-ar.txt
61. %Temp%\RFSD84A.tmp\license-cz.txt
62. %Temp%\RFSD84A.tmp\license-en.txt
63. %Temp%\RFSD84A.tmp\license-fr.txt
64. %Temp%\RFSD84A.tmp\license-it.txt
65. %Temp%\RFSD84A.tmp\license-lt.txt
66. %Temp%\RFSD84A.tmp\license-ru.txt
67. %Temp%\RFSD84A.tmp\license-se.txt
68. %Temp%\RFSD84A.tmp\license-zh.txt
69. %Temp%\_rf.log
70. %Temp%\RFSD84A.tmp\Opera\index.html
71. %Temp%\RFSD84A.tmp\Firefox\chrome\roboform.jar
72. %Temp%\RFSD84A.tmp\Chrome\manifest.json
73. %Temp%\RFSD84A.tmp\Chrome\content.js
74. %Temp%\RFSD84A.tmp\Opera\includes\roboform.js
75. %Temp%\RFSD84A.tmp\Chrome\robo32.png
76. %Temp%\RFSD84A.tmp\Opera\robo18.png
77. %Temp%\RFSD84A.tmp\Firefox\chrome.manifest
78. %Temp%\RFSD84A.tmp\Firefox\rfhelper32.manifest%Temp%\RFSD84A.tmp\fr-French.rfi
79. %Temp%\RFSD84A.tmp\ar-Arabic.rfi
80. %Temp%\RFSD84A.tmp\cz-Czech.rfi
81. %Temp%\RFSD84A.tmp\en-english.rfi
82. %Temp%\RFSD84A.tmp\fi-Finnish.rfi
83. %Temp%\RFSD84A.tmp\kr-Korean.rfi
84. %Temp%\RFSD84A.tmp\no-Norwegian.rfi
85. %Temp%\RFSD84A.tmp\sb-Serbian.rfi
86. %Temp%\RFSD84A.tmp\sk-Slovak.rfi
87. %Temp%\RFSD84A.tmp\affid.txt
88. %Temp%\RFSD84A.tmp\license-cn.txt
89. %Temp%\RFSD84A.tmp\license-dk.txt
90. %Temp%\RFSD84A.tmp\license-fi.txt
91. %Temp%\RFSD84A.tmp\license-hr.txt
92. %Temp%\RFSD84A.tmp\license-kr.txt
93. %Temp%\RFSD84A.tmp\license-pl.txt
94. %Temp%\RFSD84A.tmp\license-sc.txt
95. %Temp%\RFSD84A.tmp\license-ua.txt

Registry Details

Adware.ActiveSearch!rem may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Test.Class.1
HKEY_CURRENT_USER\Software\Siber Systems
HKEY_CURRENT_USER\Software\Classes\CLSID\{724d43a1-0d85-11d4-9908-00400523e39a}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{724d43a1-0d85-11d4-9908-00400523e39a}
HKEY_LOCAL_MACHINE\SOFTWARE\Siber Systems
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{724d43a1-0d85-11d4-9908-00400523e39a}\Implemented Categories
HKEY_LOCAL_MACHINE\SOFTWARE\Siber Systems\RoboForm
HKEY_CURRENT_USER\Software\Siber Systems\RoboForm
\Implemented Categories

Trending

Most Viewed

Loading...