» blockandsurfv.exe
Overview
Analysis
File Details
Programs (1)

blockandsurfv.exe

The application blockandsurfv.exe has been detected as adware by 17 anti-malware scanners. This file is typically installed with the program BlockAndSurf by Revizer Technologies which is a potentially unwanted software program. This is part of the Revizer line of web browser extensions that inject 3rd-party advertisements in the user's web browser as well as setup a proxy server for the browser in order to track behaviors and display context based-ads from various partners (mostly adware).

File name:

blockandsurfv.exe

MD5:

08297142e24b7927baf007a65caab23f

SHA-1:

fb8cd84d1220676db62c31d9408ae34453c734fb

SHA-256:

34115d39dd635d7d6f7f2e07a0bf60361890901191b0b00af9edacf913f92cb1

Scanner detections:

17 / 68

Status:

Adware

Analysis date:

5/10/2024 5:49:43 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.11393272

926

avast!

Win32:Malware-gen

2014.9-140723

AVG

Adware Generic5

2015.0.3351

Baidu Antivirus

Trojan.Win32.AddLyrics

4.0.3.14915

Bitdefender

Trojan.Generic.11393272

1.0.20.1020

Comodo Security

Application.Win32.Adware.WDUnlocker.A

18710

Emsisoft Anti-Malware

Trojan.Generic.11393272

8.14.07.23.07

ESET NOD32

Win32/AdWare.AddLyrics.AT application

8.7.0.302.0

F-Secure

Trojan.Generic.11393272

11.2014-23-07_4

G Data

Trojan.Generic.11393272

14.7.24

IKARUS anti.virus

PUA.AddLyrics

t3scan.1.7.8.0

Kaspersky

not-a-virus:AdWare.Win32.AddLyrics

14.0.0.3250

MicroWorld eScan

Trojan.Generic.11393272

15.0.0.612

Panda Antivirus

Trj/Genetic.gen

14.09.15.01

Reason Heuristics

Adware.Revizer.N

14.7.23.19

Trend Micro House Call

Suspicious_GEN.F47V0615

7.2.204

VIPRE Antivirus

Threat.4150696

32938

File size:

98.5 KB (100,864 bytes)

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\blockandsurf-soft\blockandsurfv.exe

File PE Metadata

Compilation timestamp:

6/11/2014 2:00:03 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

1536:Xiu/8IlduIOetfXbAAPlc9mPusWjcdl+nG1eH5:Su/7zZfXblPUmJl+nG1eH5

Entry address:

0x4C9A

Entry point:

E8, 8E, 3F, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 83, 25, FC, 62, 41, 00, 00, 83, EC, 10, 53, 33, DB, 43, 09, 1D, 48, 50, 41, 00, 6A, 0A, E8, E8, 70, 00, 00, 85, C0, 0F, 84, 0E, 01, 00, 00, 33, C9, 8B, C3, 89, 1D, FC, 62, 41, 00, 0F, A2, 56, 8B, 35, 48, 50, 41, 00, 57, 8D, 7D, F0, 83, CE, 02, 89, 07, 89, 5F, 04, 89, 4F, 08, 89, 57, 0C, F7, 45, F8, 00, 00, 10, 00, 89, 35, 48, 50, 41, 00, 74, 13, 83, CE, 04, C7, 05, FC, 62, 41, 00, 02, 00, 00, 00, 89, 35, 48, 50, 41, 00, F7, 45, F8, 00, 00, 00, 10, 74, 13... 
[+]

Entropy:

5.6627

Code size:

48.5 KB (49,664 bytes)

The file blockandsurfv.exe has been discovered within the following program.

BlockAndSurf by Revizer Technologies

BlockAndSurf is an adware browser extension that will display banner and text-context link ads aimed to promote the installation of additional questionable content including web browser toolbars, optimization utilities and other products.

www.revizer.com

82% remove it

Remove blockandsurfv.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.