Adware.StartSurf malicious file

The Adware.StartSurf is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Adware.StartSurf virus can do?

Executable code extraction
Creates RWX memory
Unconventionial binary language: Russian
Unconventionial language used in binary resources: Russian
Anomalous binary characteristics

Related domains:

lamp.troublerifle.bid

light.representativeglass.bid

How to determine Adware.StartSurf?


File Info:
crc32: 21774B63
md5: dbc1324b04b5c17d6873ecc1ffe05145
name: DBC1324B04B5C17D6873ECC1FFE05145.mlw
sha1: cff25efdfd6c21895e493335b1163969f052401b
sha256: 4f8d864801e78d10db09937b904b1453c2cfa320a57e6b00431d2b7432237cfb
sha512: a532390be5cf2e384f207559b9a9ca5851c2844f7842119951559d02838e51f3664f704e65c909da7ae3873c06a6d865add8a87f97752acf242e6508779ba6a5
ssdeep: 12288:riwWKJH/LYN+7nLWG82tg6Jvl52hU9B99aN1mOT2VZnlF:riwWKR/sN+WGg6Jvl52+99B1VZn
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright (C) 2018
FileVersion: 1.0.0.1
CompanyName: TODO: 
ProductName: TODO: 
ProductVersion: 1.0.0.1
FileDescription: TODO: 
Translation: 0x0419 0x04b0

Adware.StartSurf also known as:

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
DrWeb	Trojan.Vittalia.14640
MicroWorld-eScan	Gen:Variant.Ransom.GandCrab.1787
FireEye	Generic.mg.dbc1324b04b5c17d
CAT-QuickHeal	SWB.Prepscram.JK6
ALYac	Gen:Variant.Ransom.GandCrab.1787
Malwarebytes	Adware.IStartSurf
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Adware.Win32.Generic.2!c
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 00528e801 )
BitDefender	Gen:Variant.Ransom.GandCrab.1787
K7GW	Trojan ( 005267551 )
Cybereason	malicious.b04b5c
BitDefenderTheta	Gen:NN.ZexaF.34590.pz0@aSKZhHbk
Cyren	W32/S-ec8ab2eb!Eldorado
Symantec	Adware.IstartSurf
ESET-NOD32	a variant of Win32/Kryptik.GCWT
APEX	Malicious
Avast	FileRepMetagen [Malware]
Kaspersky	not-a-virus:HEUR:AdWare.Win32.Generic
Alibaba	Trojan:Win32/Kryptik.9a9f09d5
NANO-Antivirus	Riskware.Win32.Vittalia.eydedk
Rising	Trojan.Kryptik!1.B032 (CLOUD)
Ad-Aware	Gen:Variant.Ransom.GandCrab.1787
Emsisoft	Gen:Variant.Ransom.GandCrab.1787 (B)
Comodo	Application.Win32.IStartSurf.BS@7lng48
F-Secure	Heuristic.HEUR/AGEN.1103309
Zillya	Adware.Generic.Win32.77284
McAfee-GW-Edition	BehavesLike.Win32.Generic.tt
Sophos	Generic PUA MP (PUA)
SentinelOne	Static AI – Malicious PE
Jiangmin	AdWare.Generic.mdax
Avira	HEUR/AGEN.1103309
MAX	malware (ai score=81)
Antiy-AVL	Trojan/Win32.TSGeneric
Microsoft	SoftwareBundler:Win32/Prepscram
Arcabit	Trojan.Ransom.GandCrab.D6FB
SUPERAntiSpyware	Ransom.GandCrab/Variant
ZoneAlarm	not-a-virus:HEUR:AdWare.Win32.Generic
GData	Gen:Variant.Ransom.GandCrab.1787
Cynet	Malicious (score: 100)
AhnLab-V3	PUP/Win32.IStartSurf.R220101
Acronis	suspicious
McAfee	Packed-ZA!DBC1324B04B5
VBA32	Adware.StartSurf
Cylance	Unsafe
Panda	Trj/Genetic.gen
Tencent	Win32.Adware.Generic.Wvan
Yandex	Trojan.GenAsa!FWPhcEJUJ/g
Ikarus	Trojan.Kryptik
eGambit	Unsafe.AI_Score_100%
Fortinet	W32/Kryptik.FXGV!tr
AVG	FileRepMetagen [Malware]
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_70% (D)
Qihoo-360	Win32/Trojan.177

How to remove Adware.StartSurf?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Adware.StartSurf malicious file