RocketMediaPlayerPlus
from Revizer Technologies
What is RocketMediaPlayerPlus?
Rocket Media is a potentially unwanted program that integrates into the user's web browsers (IE, Chrome, Firefox) and will perform a number of functions mostly designed to generate advertising supported or affiliate revenue. In order to do so the program will display a number of different ad formats by injecting the ads directly in the user's browser based on either the activity of the user's past and present behavior or based on the context of the web page. Ads are displayed as banners, text-links, search related adverts or in many cases malvertising in order to get a user to download and install additional software, mostly bundled adware. This adware will also track and report back the user's surfing behavior including web pages and domains visited as well as the advertisements displayed and clicked.
Additionally Rocket Media Player Plus may modify/hijack the web browser's homepage and search provider as well as change a number of the security settings of the browser. These changes will allow it to perform additional ad-supported functions in the browser. Typically it comes bundled with free applications from the Internet through a bundles offer for free software including video utilities or for updates.
Overview
During setup, the program registers itself to launch on boot through a Windows Schedule Task in order to automatically start-up (this is typically done to avoid any UAC prompts). Upon being installed, the software adds a Windows Service which is designed to run continuously in the background. Manually stopping the service has been seen to cause the program to stop functing properly. It adds a background controller service that is set to automatically run. Delaying the start of this service is possible through the service manager. A scheduled task is added to Windows Task Scheduler in order to launch the program at various scheduled times (the schedule varies depending on the version). The primary executable is named RocketMediaPlayerPlusk85.exe. A majority of users end up uninstalling this less than a week of it being installed. The setup package generally installs about 10 files and is usually about 1.37 MB (1,433,847 bytes).
- Malware detected in the program
- Automatically starts with Windows
- Installs a Windows Service
- Typically distributed through a pay-per-install bundle
- Displays unwanted advertisements
- Hijacks the browser's default search provider
- The experts agree, you should remove it!
Warning, multiple anti-virus scanners have detected possible malware in RocketMediaPlayerPlus.
RocketMediaPlayerPlusV.exe (5a1257403bed7b72a638c62fb95fa75c) has been flagged by the following 34 scanners: |
Anti-Virus software | Version | Detection |
Lavasoft Ad-Aware |
912 |
Gen:Variant.Adware.AddLyrics.10 |
Agnitum Outpost |
7.1.1 |
PUA.Agent |
AhnLab-V3 |
2014.07.09 |
Adware/Win32.Gen |
Avira AntiVir |
7.11.159.108 |
TR/Zusy.95019.3 |
Antiy-AVL |
1.0.0.1 |
GrayWare[AdWare:not-a-virus]/Win32.Agent |
avast! |
2014.9-140807 |
Win32:Adware-gen [Adw] |
AVG |
2015.0.3390 |
Generic5 |
Baidu-International |
4.0.3.1487 |
Adware.Win32.AddLyrics.BAO |
Bitdefender |
1.0.20.1095 |
Gen:Variant.Adware.AddLyrics.10 |
CAT-QuickHeal |
8.14.14.00 |
AdWare.Agent.r5 (Not a Virus) |
Comodo Security |
18811 |
Application.Win32.Adware.WDUnlocker.A |
Emsisoft Anti-Malware |
8.14.08.07.02 |
Gen:Variant.Adware.AddLyrics.10 |
ESET-NOD32 |
8.10066 |
a variant of Win32/AdWare.AddLyrics.AO |
Fortinet FortiGate |
8/7/2014 |
Adware/Agent |
F-Secure |
11.2014-07-08_5 |
Gen:Variant.Adware.AddLyrics.10 |
IKARUS anti.virus |
t3scan.1.6.1.0 |
not-a-virus:AdWare.Agent |
Jiangmin |
KV140807 |
Adware/Agent.kva |
K7 AntiVirus |
13.180.12657 |
Adware |
K7GW |
13.180.12657 |
Trojan ( 050000001 ) |
Kaspersky |
14.0.0.3445 |
not-a-virus:AdWare.Win32.Agent |
McAfee |
5600.7046 |
RDN/Generic PUP.x!cfh |
McAfee-GW-Edition |
7.7046 |
RDN/Generic PUP.x!cfh |
MicroWorld-eScan |
15.0.0.657 |
Gen:Variant.Adware.AddLyrics.10 |
NANO AntiVirus |
0.28.0.60698 |
Riskware.Win32.Agent.damxet |
Panda Antivirus |
14.08.07.02 |
Trj/OCJ.F |
Qihoo-360 |
1.0.0.1015 |
Win32/Trojan.c9c |
Sophos |
4.98 |
Generic PUA GA |
Symantec |
8/7/2014 rev. 5 |
Trojan.Gen |
Tencent |
1.0.0.1 |
Win32.Trojan.Zusy.Suxm |
Trend Micro |
10.465.07 |
TROJ_GEN.R0CBC0PFE14 |
TrendMicro-HouseCall |
7.2.219 |
TROJ_GEN.R0CBC0PFE14 |
Vba32 AntiVirus |
3.12.26.3 |
AdWare.Agent |
VIPRE Antivirus |
31100 |
Trojan.Win32.Generic!BT |
Zillya |
2.0.0.1851 |
Adware.Agent.Win32.9498 |
RocketMediaPlayerPlusn.exe (62a90046ccd7bb8de98512b730f58055) has been flagged by the following 15 scanners: |
Anti-Virus software | Software version | Detection |
Lavasoft Ad-Aware |
12.0.163.0 |
Gen:Variant.Adware.Graftor.141159 |
Agnitum Outpost |
5.5.1.3 |
PUA.Agent! |
Avira AntiVir |
7.11.149.166 |
Adware/Graftor.141159.37 |
Antiy-AVL |
0.1.0.1 |
GrayWare[AdWare:not-a-virus]/Win32.Agent |
Bitdefender |
7.2 |
Gen:Variant.Adware.Graftor.141159 |
Emsisoft Anti-Malware |
3.0.0.599 |
Gen:Variant.Adware.Graftor.141159 (B) |
ESET-NOD32 |
9801 |
a variant of Win32/AdWare.AddLyrics.AJ |
F-Secure |
11.0.19100.45 |
Gen:Variant.Adware.Graftor.141159 |
G Data |
24 |
Gen:Variant.Adware.Graftor.141159 |
Kaspersky |
12.0.0.1225 |
not-a-virus:AdWare.Win32.Agent.akxf |
MicroWorld-eScan |
12.0.250.0 |
Gen:Variant.Adware.Graftor.141159 |
Panda Antivirus |
10.0.3.5 |
Trj/CI.A |
Qihoo-360 |
1.0.0.1015 |
HEUR/Malware.QVM10.Gen |
Sophos |
4.98.0 |
Generic PUA AC |
TrendMicro-HouseCall |
9.700-1001 |
TROJ_GEN.R08NH07ED14 |
View all 49 all detections
RocketMediaPlayerPlus has been found to be bundled with 3rd party software. If you have not purposefully installed this, you should be safe uninstalling it.
Program details
Displayed publisher: RocketMediaPlayerPlus-software
Installation folder: C:\Program Files\rocketmediaplayerplus-soft
Uninstaller: C:\Program Files\RocketMediaPlayerPlus-soft\Uninstall.exe
Estimated size: 1.37 MB
Files installed by RocketMediaPlayerPlus
Program executable: | RocketMediaPlayerPlusk85.exe |
Path: | C:\Program Files\rocketmediaplayerplus-soft\RocketMediaPlayerPlusk85.exe |
MD5: | 10b5079ac74e39cf9e1130c1233d6565 |
Additional files:
-
Uninstall.exe
-
RocketMediaPlayerPlusk85.exe
-
RocketMediaPlayerPlusKJ161.dll
-
RocketMediaPlayerPlusKJ161.exe
-
RocketMediaPlayerPluslP171.dll
-
RocketMediaPlayerPluslP171.exe
-
(Malware detected) RocketMediaPlayerPlusn.exe
-
RocketMediaPlayerPlusq05.exe
-
(Malware detected) RocketMediaPlayerPlusV.exe
-
Sqlite3.dll
Behaviors exhibited
4 Scheduled Tasks
- RocketMediaPlayerPlusV.exe is scheduled as a task named 'RocketMediaPlayerPlus_wd' (runs daily at 8:17 PM).
- RocketMediaPlayerPlusq05.exe is scheduled as a task named 'RocketMediaPlayerPlus Update' (runs daily at 8:06 PM).
- RocketMediaPlayerPlusn.exe is scheduled as a task named 'RocketMediaPlayerPlus_wd' (runs daily at 10:46 AM).
- RocketMediaPlayerPlusk85.exe is scheduled as a task named 'RocketMediaPlayerPlus Update' (runs daily at 10:35 AM).
4 Scheduled Tasks (Boot/Login)
- RocketMediaPlayerPlusV.exe is automatically launched at startup through a scheduled task named RocketMediaPlayerPlus_wd.
- RocketMediaPlayerPlusq05.exe is automatically launched at startup through a scheduled task named RocketMediaPlayerPlus Update.
- RocketMediaPlayerPlusn.exe is automatically launched at startup through a scheduled task named RocketMediaPlayerPlus_wd.
- RocketMediaPlayerPlusk85.exe is automatically launched at startup through a scheduled task named RocketMediaPlayerPlus Update.
2 Services
- RocketMediaPlayerPluslP171.exe runs as a service named 'RocketMediaPlayerPlus' (RocketMediaPlayerPlus) "RocketMediaPlayerPlus".
- RocketMediaPlayerPlusKJ161.exe runs as a service named 'RocketMediaPlayerPlus' (RocketMediaPlayerPlus) "RocketMediaPlayerPlus".
How do I remove RocketMediaPlayerPlus?
You can uninstall RocketMediaPlayerPlus from your computer by using the Add/Remove Program feature in the Window's Control Panel.
- On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
- Windows Vista/7/8/10: Click Uninstall a Program.
- Windows XP: Click Add or Remove Programs.
- When you find the program RocketMediaPlayerPlus, click it, and then do one of the following:
- Windows Vista/7/8/10: Click Uninstall.
- Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
- Follow the prompts. A progress bar shows you how long it will take to remove RocketMediaPlayerPlus.
- If for some reason uninstallation fails, please install Microsoft's uninstall fixer utility which will help fix problems with programs that can't be uninstalled at support.microsoft.com.
OS VERSIONS
Win 7 (SP1) 67%
Win 10 33%
|
|
HOW IT RUNS
Windows Service? Yes
(Installs a service)
|
|
USER ACTIONS
|
Uninstall it 80%
Keep it 20%
|
|
Windows
Which Windows OS versions does it run on?
Windows 7 |
66.67% |
|
Windows 10 |
33.33% |
|
Which OS releases does it run on? |
Windows 7 Home Premium |
66.67% |
|
Windows 8.1 |
33.33% |
|
Geography
87.50% of installs come from the United States
Which countries install it?
United States |
87.50% |
Australia |
12.50% |
PC manufacturers
What PC manufacturers (OEMs) have it installed?
Hewlett-Packard |
66.67% |
|
Dell |
33.33% |
|
Common models |
Hewlett-Packard p6510y |
33.33% |
|
HP Pavilion dv6 Notebook ... |
33.33% |
|
Dell Inspiron 3520 |
33.33% |
|