What is Rockettab?

Rockettab is software application developed by Rich River Media, LLC. It is most commonly found on computers running Windows 7 with nearly 49.75% of installations running this operating system. Rockettab's installer is typically 4.00 MB in size and installs around 7 files. The most common release is 2.0 with 4.47% of all installations currently using this version.

Rockettab is most popular in the United States with 71.08% of installations residing in this country.

Rockettab adds 1 scheduled task to the Windows Task Scheduler launching the program at randomly scheduled times.

About Rockettab?

RocketTab is a program created by Adknowledge, Inc. that includes the 'BrowserSafeguard' feature designed to protect the user's web browser from threats. It does this by creating a local proxy server, routing all Internet traffic through it, and injecting advertising into the user's web browser. This includes various ads in the HTML of displaying web pages as well as text-links, banner ads, and other ad formats. The program is distributed by Adknowledge, Inc. and is supported via text advertising.

Multiple virus scanners have detected malware in Rockettab.

uninstall.exe (MD5: 17bdbea3321f0d7c842d2a1e1ff92448) has been flagged by 47 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	537	Gen:Variant.Adware.iBryte.10
Agnitum Outpost	7.1.1	PUA.iBryte
AhnLab-V3	2015.08.08	PUP/Win32.IBryte
ALYac	1.0.1.4	Gen:Variant.Adware.iBryte.10
Antiy-AVL	1.0.0.1	GrayWare[AdWare:not-a-virus]/Win32.iBryte
Arcabit	1.0.0.425	Trojan.Adware.iBryte.10
avast!	2014.9-150817	Win32:PUP-gen [PUP]
AVG	2016.0.3015	Downloader
Avira	8.3.1.6	ADWARE/iBryte.Gen
AVware	1.5.0.21	Trojan.Win32.Generic!BT
Baidu-International	4.0.3.15817	Adware.MSIL.iBryte.N
Bitdefender	1.0.20.1145	Gen:Variant.Adware.iBryte.10
Bkav FE	1.3.0.7062	HW32.Packed
CAT-QuickHeal	8.15.14.00	AdWare.iBryte.g5 (Not a Virus)
Comodo Security	22956	UnclassifiedMalware
Emsisoft Anti-Malware	8.15.08.17.01	Gen:Variant.Adware.iBryte.10
ESET-NOD32	9.12063	a variant of MSIL/Adware.iBryte.N
Fortinet FortiGate	8/17/2015	Adware/IBryte
F-Secure	11.2015-17-08_2	Gen:Variant.Adware.iBryte
G Data	15.8.25	Gen:Variant.Adware.iBryte.10
IKARUS anti.virus	t3scan.1.9.5.0	PUA.Downloader
Jiangmin	KV150817	Adware/iBryte.hjtv
K7 AntiVirus	13.207.16827	Adware
K7GW	13.207.16827	Adware ( 004b20c21 )
Kaspersky	14.0.0.1570	not-a-virus:AdWare.Win32.iBryte
Malwarebytes	v2015.08.17.01	PUP.Optional.RocketTab.PrxySvrRST
McAfee	5600.6671	PUP-FST
McAfee-GW-Edition	7.6671	BehavesLike.Win32.Almanahe.vc
MicroWorld-eScan	16.0.0.687	Gen:Variant.Adware.iBryte.10
NANO AntiVirus	0.30.24.3079	Riskware.Win32.IBryte.dltiln
Panda Antivirus	15.08.17.01	Trj/Genetic.gen
Qihoo-360	1.0.0.1015	HEUR/QVM10.1.Malware.Gen
Rising Antivirus	23.00.65.15815	PE:Trojan.Win32.Generic.17EBA268!401318504
Sophos	4.98	Generic PUA OC (PUA)
Symantec	8/17/2015 rev. 2	Trojan.Gen
Trend Micro	10.465.17	TROJ_SPNR.0BAM15
TrendMicro-HouseCall	7.2.229	TROJ_SPNR.0BAM15
Vba32 AntiVirus	3.12.26.4	AdWare.iBryte
VIPRE Antivirus	42714	Trojan.Win32.Generic!BT
Zillya	2.0.0.2341	Adware.iBryte.Win32.6199
Cyren	5.4.16.7	W32/Adware.VIAQ-6751
Dr.Web	7.0.13.5270	Adware.iBryte.576
SUPERAntiSpyware	5.6.0.1032	Adware.iBryte/Variant
ViRobot	2014.3.20.0	Adware.Agent.2647552[h]
F-Prot	v6.4.7.1.166	W32/S-9bc34199
nProtect	15.04.10.01	Adware.Agent.PAJ
Tencent	1.0.0.1	Win32.Risk.Adware.Dzuj

Client.exe (MD5: 7cee867f453c566c7ba04652ebdeb616) has been flagged by 39 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Gen:Variant.Adware.Mikey.1422
Agnitum Outpost	5.5.1.3	PUA.Agent!
AhnLab-V3	2015.08.08.00	Adware/Win32.Mikey
ALYac	1.0.1.4	Gen:Variant.Adware.Mikey.1422
Arcabit	1.0.0.425	Trojan.Adware.Mikey.D58E
avast!	8.0.1489.320	Win32:IBryte-JP [PUP]
AVG	15.0.0.4392	Downloader.DCE
Avira	8.3.1.6	ADWARE/iBryte.Gen4
AVware	1.5.0.21	Trojan.Win32.Generic!BT
Baidu-International	3.5.1.41473	Adware.Win32.Agent.Elnx
Bitdefender	7.2	Gen:Variant.Adware.Mikey.1422
CAT-QuickHeal	14.00	AdWare.iBryte.g5 (Not a Virus)
Comodo Security	22956	ApplicUnwnt
Cyren	5.4.16.7	W32/Adware.VIAQ-6751
Dr.Web	7.0.13.5270	Adware.iBryte.576
Emsisoft Anti-Malware	3.5.0.642	Gen:Variant.Adware.Mikey.1422 (B)
ESET-NOD32	12063	a variant of Win32/Adware.iBryte.CD
Fortinet FortiGate	5.1.220.0	MSIL/IBryte.A
F-Secure	11.0.19100.45	Gen:Variant.Adware.Mikey
G Data	25	Gen:Variant.Adware.Mikey.1422
Jiangmin	16.0.100	Adware/iBryte.hnnn
K7 AntiVirus	9.207.16827	Adware ( 004b32eb1 )
K7GW	9.207.16827	Adware ( 004b32eb1 )
Kaspersky	15.0.1.10	not-a-virus:AdWare.Win32.iBryte.jlr
Malwarebytes	2.1.1.1115	PUP.Optional.RocketTab.PrxySvrRST
McAfee	6.0.5.614	Artemis!7CEE867F453C
McAfee-GW-Edition	v2015	BehavesLike.Win32.CryptDoma.vh
MicroWorld-eScan	12.0.250.0	Gen:Variant.Adware.Mikey.1422
NANO AntiVirus	0.30.24.3079	Riskware.Win32.IBryte.dlufjx
Panda Antivirus	4.6.4.2	Generic Suspicious
Qihoo-360	1.0.0.1015	HEUR/QVM10.1.Malware.Gen
Rising Antivirus	25.0.0.17	PE:Trojan.Win32.Generic.17EC9DCE!401382862
Sophos	4.98.0	Mal/Wintrim-A
SUPERAntiSpyware	5.6.0.1032	Adware.iBryte/Variant
Symantec	20141.2.0.56	Trojan.Gen.2
Trend Micro	9.740.0.1012	TROJ_GEN.R000C0EAM15
VIPRE Antivirus	42714	Trojan.Win32.Generic!BT
ViRobot	2014.3.20.0	Adware.Agent.2647552[h]
Zillya	2.0.0.2341	Adware.iBryte.Win32.6303

BrowserSafeguard.exe (MD5: c9b4e288d6e7af76ef2f5d8c99047660) has been flagged by 44 scanners:

Scanner Software	Version	Result
Baidu-International	4.0.3.14825	Trojan.MSIL.iBryte.BF
Comodo Security	19302	ApplicUnwnt
ESET-NOD32	8.10307	a variant of MSIL/Adware.iBryte.F
TrendMicro-HouseCall	7.2.237	Suspicious_GEN.F47V0809
Lavasoft Ad-Aware	12.0.163.0	Gen:Variant.Adware.iBryte.10
Agnitum Outpost	5.5.1.3	PUA.iBryte!
AhnLab-V3	2015.08.08.00	PUP/Win32.IBryte
ALYac	1.0.1.4	Gen:Variant.Adware.iBryte.10
Antiy-AVL	1.0.0.1	GrayWare[AdWare:not-a-virus]/Win32.iBryte
Arcabit	1.0.0.425	Trojan.Adware.iBryte.10
avast!	8.0.1489.320	Win32:PUP-gen [PUP]
AVG	15.0.0.4392	Downloader.DCB
Avira	8.3.1.6	ADWARE/iBryte.Gen
AVware	1.5.0.21	Trojan.Win32.Generic!BT
Bitdefender	7.2	Gen:Variant.Adware.iBryte.10
Bkav FE	1.3.0.7062	HW32.Packed.6237
CAT-QuickHeal	14.00	AdWare.iBryte.g5 (Not a Virus)
Emsisoft Anti-Malware	3.5.0.642	Gen:Variant.Adware.iBryte.10 (B)
Fortinet FortiGate	5.1.220.0	Adware/IBryte
F-Secure	11.0.19100.45	Gen:Variant.Adware.iBryte
G Data	25	Gen:Variant.Adware.iBryte.10
IKARUS anti.virus	T3.1.9.5.0	PUA.Downloader
Jiangmin	16.0.100	Adware/iBryte.hjtv
K7 AntiVirus	9.207.16827	Adware ( 004b20c21 )
K7GW	9.207.16827	Adware ( 004b20c21 )
Kaspersky	15.0.1.10	not-a-virus:AdWare.Win32.iBryte.jjw
Malwarebytes	2.1.1.1115	PUP.Optional.RocketTab.PrxySvrRST
McAfee	6.0.5.614	PUP-FST
McAfee-GW-Edition	v2015	BehavesLike.Win32.Almanahe.vc
MicroWorld-eScan	12.0.250.0	Gen:Variant.Adware.iBryte.10
NANO AntiVirus	0.30.24.3079	Riskware.Win32.IBryte.dltiln
Panda Antivirus	4.6.4.2	Trj/Genetic.gen
Qihoo-360	1.0.0.1015	HEUR/QVM10.1.Malware.Gen
Rising Antivirus	25.0.0.17	PE:Trojan.Win32.Generic.17EBA268!401318504
Sophos	4.98.0	Generic PUA OC (PUA)
Symantec	20141.2.0.56	Trojan.Gen.2
Trend Micro	9.740.0.1012	TROJ_SPNR.0BAM15
Vba32 AntiVirus	3.12.26.4	AdWare.iBryte
VIPRE Antivirus	42714	Trojan.Win32.Generic!BT
Zillya	2.0.0.2341	Adware.iBryte.Win32.6199
Cyren	5.4.16.7	W32/Adware.VIAQ-6751
Dr.Web	7.0.13.5270	Adware.iBryte.576
SUPERAntiSpyware	5.6.0.1032	Adware.iBryte/Variant
ViRobot	2014.3.20.0	Adware.Agent.2647552[h]

Software Behaviors

Scheduled tasks:

uninstall.exe is scheduled as a task named 'RocketTab Update Task' (Next runs on 8/3/2016 at 3:17 PM).

Startup Entries

Startup tasks:

uninstall.exe is automatically launched at startup through a scheduled task named RocketTab Update Task.

Registry entries:

uninstall.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'RocketTab Update Task' and executes as "C:\users\user\appdata\Local\Search Extensions\uninstall.exe" /CheckUpdate=true.
Client.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'RocketTab' and executes as "C:\users\user\appdata\Local\Search Extensions\Client.exe".

Software Details

URL:

https://rockettab.com

Support:

–

Installation path:

C:\Program Files\Browsersafeguard

Uninstaller:

"C:\Program Files\Browsersafeguard\uninstall.BrowserSafeguard.exe" /u=true /UserID=08c6703e-2cd3-4864-a3ce-3bc355a0d954 /SourceID=browsersafeguard-roc

Size:

4.00 MB

Language:

English

Rockettab Executable Details

Primary executable:

BrowserSafeguard.exe

Name:

Rockettab

Path:

C:\Program Files\Browsersafeguard\BrowserSafeguard.exe

MD5:

c9b4e288d6e7af76ef2f5d8c99047660

SHA-1:

–

SHA-256:

–

File Type

Filename

MD5

EXE

uninstall.exe

Adware

17bdbea3321f0d7c842d2a1e1ff92448

EXE

MAKECERT.EXE

02783f258cb37ad93452f834d8113818

EXE

Client.exe

Adware

7cee867f453c566c7ba04652ebdeb616

EXE

certmanager.exe

e118dff41585b70576da4576e4756589

EXE

uninstall.browsersafeguard.exe

0edb6614a108a0f0308f790260509a10

EXE

BrowserSafeguard.exe

Adware

c9b4e288d6e7af76ef2f5d8c99047660

DLL

ewebstorewrapper.dll

e73db987c7ac58148b0decbab491018a

File Type	Filename	MD5
EXE	uninstall.exe Adware	17bdbea3321f0d7c842d2a1e1ff92448
EXE	MAKECERT.EXE	02783f258cb37ad93452f834d8113818
EXE	Client.exe Adware	7cee867f453c566c7ba04652ebdeb616
EXE	certmanager.exe	e118dff41585b70576da4576e4756589
EXE	uninstall.browsersafeguard.exe	0edb6614a108a0f0308f790260509a10
EXE	BrowserSafeguard.exe Adware	c9b4e288d6e7af76ef2f5d8c99047660
DLL	ewebstorewrapper.dll	e73db987c7ac58148b0decbab491018a

Rockettab

What is Rockettab?

About Rockettab?

Multiple virus scanners have detected malware in Rockettab.

Software Behaviors

Startup Entries

Software Details

Rockettab Executable Details