Should I block it?
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization
Additional versions
Relationships
RebateInf.exe
RebateInformer by Inbox.com
| Version: | 1.0.0.93 |
| MD5: | 3c1e8935aa5a768f0a5587db17aace41 |
| SHA1: | 69ea169aedb2dc2a1285a20f1cc887981ff717dd |
| SHA256: | 1266707c0b95fbe5e00bcb1e720a653425edbdb17599208c8a42012d466d2e38 |
Warning 4 antivirus scanners has detected malware.
What is RebateInf.exe?
RebateInformer (RebateGiant) is a web browser plugin that analyzes web site visits and attempts to find deals and coupons. If RebateInformer sees a corresponding deal, it will attempt to inject an affiliate 'code' in order to collect various affiliate based commissions. RebateInformer also bundles various software during installation such as the Inbox.com Toolbar for RebateInformer.
About RebateInf.exe (from Inbox.com)
“RebateInformer is an optional application powered by RebateGiant. RebateGiant offers consumers money-saving services including cash back rebates, discount coupons, special promotions and free shipping”
Details
| File name: | rebateinf.exe |
| Publisher: | Inbox.com, Inc. |
| Product name: | RebateInformer |
| Typical file path: | C:\Program Files\rebateinformer\rebateinf.exe |
| File version: | 1.0.0.93 |
| Size: | 1.27 MB (1,333,760 bytes) |
| Digital DNA |
| PE subsystem: | Windows GUI |
| Entropy: | 7.514219 |
| File packed: | No |
| .NET CLR: | No |
More details
Programs
The following program will install this file
RebateInformer (RebateGiant) is a web browser plugin for Internet Explorer that monitors the web pages the user is visiting and checks against an affiliate database for various rebates and coupons related to the context of the products being shown in the browser. The RebateInformer web browser add-in analyzes web sites your browser visits and attempts to find deals associated with the merchant's product offerings. If RebateInformer sees...
Behaviors
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'RebateInformer' → C:\Program Files1\REBATE~1\REBATE~1.EXE /STARTUP
Network connections
[TCP] 64.135.77.160:80
Malware detections
Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
| Antivirus engine | Engine version | Detection |
| Commtouch |
5.3.2.6 |
W32/Delf.AC.gen!Eldorado |
| F-Prot |
v6.4.6.5.141 |
W32/Delf.AC.gen!Eldorado |
| K7 AntiVirus |
9.147.7536 |
Riskware |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.RC1H1H6 |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.00899464% | |
| Kernel CPU: | 0.00491135% | |
| User CPU: | 0.00408329% | |
| Kernel CPU time: | 97 ms/min | |
| Context switches: | 24/sec | |
| Memory |
| Private memory: | 3.15 MB | |
| Private (maximum): | 1.17 MB | |
| Private (minimum): | 516 KB | |
| Non-paged memory: | 3.15 MB | |
| Virtual memory: | 48.75 MB | |
| Virtual memory (peak): | 55.33 MB | |
| Working set: | 1.04 MB | |
| Working set (peak): | 8.21 MB | |
| Resource allocations |
| Threads: | 4 | |
| Handles: | 191 | |
| GUI GDI count: | 42 | |
| GUI GDI peak: | 57 | |
| GUI USER count: | 7 | |
| GUI USER peak: | 40 | |
Process properties
Threads
Averages
| RebateInf.exe (main module) |
| Total CPU: | 0.00820156% | |
| Kernel CPU: | 0.00403625% | |
| User CPU: | 0.00416531% | |
| CPU cycles: | 95,448/sec | |
| Context switches: | 29/sec | |
| Memory: | 1.32 MB | |
| ole32.dll |
| Total CPU: | 0.00065866% | |
| Kernel CPU: | 0.00065866% | |
| User CPU: | 0.00000000% | |
| Memory: | 1.23 MB | |
| ntdll.dll |
| Total CPU: | 0.00048084% | |
| Kernel CPU: | 0.00048084% | |
| User CPU: | 0.00000000% | |
| CPU cycles: | 5,380/sec | |
| Memory: | 1.23 MB | |
Distribution by Windows OS
| OS version | distribution |
| Microsoft Windows XP |
52.94% |
|
| Windows 7 Ultimate N |
41.18% |
|
| Windows 7 Professional |
5.88% |
|
Distribution by country
United States installs about 100.00% of RebateInformer.
