» blockandsurf.exe
Overview
Analysis
File Details
Programs (1)

blockandsurf.exe

The application blockandsurf.exe has been detected as adware by 19 anti-malware scanners. This file is typically installed with the program BlockAndSurf by Revizer Technologies which is a potentially unwanted software program. This is part of the Revizer line of web browser extensions that inject 3rd-party advertisements in the user's web browser as well as setup a proxy server for the browser in order to track behaviors and display context based-ads from various partners (mostly adware).

File name:

blockandsurf.exe

MD5:

edaa2fa7bb1c149d5fc8cda58104a76c

SHA-1:

f11297f4b551c45c6724eec2d74e63b97c642747

SHA-256:

5bbcc23e13a63029115eb3e335e3ff518bbe894c8176d4269788396c4639b5cf

Scanner detections:

19 / 68

Status:

Adware

Analysis date:

4/20/2024 1:38:50 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Strictor.77461

701

Agnitum Outpost

PUA.AddLyrics

7.1.1

Avira AntiVirus

ADWARE/Adware.Gen7

7.11.211.168

AVG

Adware AddLyrics_r.IR

2014.0.4257

Baidu Antivirus

Adware.Win32.AddLyrics

4.0.3.1535

Bitdefender

Gen:Variant.Adware.Strictor.77461

1.0.20.320

Dr.Web

Trojan.Lyrics.356

9.0.1.064

Emsisoft Anti-Malware

Gen:Variant.Adware.Strictor.77461

8.15.03.05.08

ESET NOD32

Win32/Adware.AddLyrics.DK application

9.7.0.302.0

F-Secure

Gen:Variant.Adware.Strictor.77461

11.2015-05-03_5

G Data

Gen:Variant.Adware.Strictor.77461

15.3.25

herdProtect (fuzzy)

variant of safer-surf.exe

2015.6.12.13

MicroWorld eScan

Gen:Variant.Adware.Strictor.77461

16.0.0.192

NANO AntiVirus

Trojan.Win32.Lyrics.dnoqyk

0.30.0.126

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1015

Reason Heuristics

Adware.Revizer

15.3.5.20

Sophos

PUA 'BlockNSurf' (of type Adware)

5.11

VIPRE Antivirus

Threat.4150696

36694

Zillya! Antivirus

Adware.AddLyrics.Win32.2230

2.0.0.2089

File size:

214.5 KB (219,648 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\ver7blockandsurf\blockandsurf.exe

File PE Metadata

Compilation timestamp:

3/4/2015 5:00:03 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3072:1E4ZZZi+BJ55pjZx7DDIphgsChlRX+FoaOf86HRHL5EQ:1EP+HNZx7DMPKRXI6xyQ

Entry address:

0x585A

Entry point:

E8, EB, 44, 00, 00, E9, 39, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 57, 56, 8B, 74, 24, 10, 8B, 4C, 24, 14, 8B, 7C, 24, 0C, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, 68, 03, 00, 00, 0F, BA, 25, D4, C4, 42, 00, 01, 73, 07, F3, A4, E9, 17, 03, 00, 00, 81, F9, 80, 00, 00, 00, 0F, 82, CE, 01, 00, 00, 8B, C7, 33, C6, A9, 0F, 00, 00, 00, 75, 0E, 0F, BA, 25, D8, B1, 42, 00, 01, 0F, 82, DA, 04, 00, 00, 0F, BA, 25, D4, C4, 42, 00, 00, 0F, 83, A7, 01, 00, 00, F7, C7, 03, 00, 00, 00... 
[+]

Code size:

124.5 KB (127,488 bytes)

The file blockandsurf.exe has been discovered within the following program.

BlockAndSurf by Revizer Technologies

BlockAndSurf is an adware browser extension that will display banner and text-context link ads aimed to promote the installation of additional questionable content including web browser toolbars, optimization utilities and other products.

www.revizer.com

82% remove it

Remove blockandsurf.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.