» g5blockandsurfw.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)

g5blockandsurfw.exe

The application g5blockandsurfw.exe has been detected as adware by 18 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered daily at a specified time. This file is typically installed with the program BlockAndSurf by Revizer Technologies which is a potentially unwanted software program.

File name:

g5blockandsurfw.exe

MD5:

da6852427c2baec2a80ff69c7487802d

SHA-1:

865358cf03ca8800a1c2e1e7b7d5722cfff3a04b

SHA-256:

1454ef5b941848fbf2f5877bd5ae1ca2c4d46cb047c3dedc77d8602fe1d31e60

Scanner detections:

18 / 68

Status:

Adware

Analysis date:

4/24/2024 7:14:55 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Application.Generic.689481

904

Avira AntiVirus

SPR/Tool.100864.15

7.11.165.22

avast!

Win32:Adware-gen [Adw]

2014.9-140730

AVG

Generic5

2015.0.3398

Baidu Antivirus

Adware.Win32.AddLyrics

4.0.3.14730

Bitdefender

Application.Generic.689481

1.0.20.1135

Comodo Security

Application.Win32.Adware.WDUnlocker.A

18959

ESET NOD32

Win32/AdWare.AddLyrics.AY (variant)

8.10148

F-Secure

Application.Generic.689481

11.2014-15-08_6

G Data

Application.Generic.689481

14.8.24

K7 AntiVirus

Adware

13.182.12926

McAfee

Artemis!1BAA519D31D4

5600.7038

MicroWorld eScan

Application.Generic.689481

15.0.0.681

Qihoo 360 Security

Win32/Trojan.Dropper.c9f

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.8.15.11

Sophos

Generic PUA ML

4.98

Trend Micro House Call

Suspicious_GEN.F47V0727

7.2.227

VIPRE Antivirus

Trojan.Win32.Generic

31886

File size:

98.5 KB (100,864 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\ver7blockandsurf\g5blockandsurfw.exe

File PE Metadata

Compilation timestamp:

7/27/2014 1:32:47 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

1536:CzXi9yPwznWGo12xOwBszf/6c/iWmhOsWjcdB+aSC6qvr:Czhgpww6zfvyhRB+aP6

Entry address:

0x41A4

Entry point:

E8, C5, 4D, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A1, 60, 50, 41, 00, 33, C5, 89, 45, FC, 83, 7D, 08, FF, 57, 74, 09, FF, 75, 08, E8, 37, 1A, 00, 00, 59, 83, A5, E0, FC, FF, FF, 00, 6A, 4C, 8D, 85, E4, FC, FF, FF, 6A, 00, 50, E8, 08, 4F, 00, 00, 8D, 85, E0, FC, FF, FF, 89, 85, D8, FC, FF, FF, 8D, 85, 30, FD, FF, FF, 83, C4, 0C, 89, 85, DC, FC, FF, FF, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8, FD, FF, FF, 89, 9D, D4, FD, FF, FF, 89, B5, D0, FD, FF, FF, 89, BD, CC... 
[+]

Code size:

49.5 KB (50,688 bytes)

Scheduled Task

Task name:

BlockAndSurf_wd

Trigger:

Daily (Runs daily at 11:04)

The file g5blockandsurfw.exe has been discovered within the following program.

BlockAndSurf by Revizer Technologies

BlockAndSurf is an adware browser extension that will display banner and text-context link ads aimed to promote the installation of additional questionable content including web browser toolbars, optimization utilities and other products.

www.revizer.com

82% remove it

Remove g5blockandsurfw.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.