Should I remove “Win32/IStartSurf.CC potentially unwanted”?

The Win32/IStartSurf.CC potentially unwanted is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/IStartSurf.CC potentially unwanted virus can do?

Dynamic (imported) function loading detected
Reads data out of its own binary image
Authenticode signature is invalid

How to determine Win32/IStartSurf.CC potentially unwanted?


File Info:
name: 8E0E38608205F8DE9B55.mlw
path: /opt/CAPEv2/storage/binaries/f17c7b135ba628e638cc3d0f56e5c7fd23f451f08c78a587896608ca960bcdbd
crc32: 8F6505C6
md5: 8e0e38608205f8de9b551f74ebeb738f
sha1: 06ba0d986eaed11f40b47edaf7c8a1d885a9e938
sha256: f17c7b135ba628e638cc3d0f56e5c7fd23f451f08c78a587896608ca960bcdbd
sha512: c05bf1941f34c411bb1e667900f0f205205dee712b214ce65407ed6b82a4fb9458c680a60a59d40a2f3768e4592b29281c0429ce0e7e961462be971b39d006fa
ssdeep: 768:l1cVhpQI2EQK0iPDh84nScF15GYbWjXO3XJYPVN53aJQh2I4aChHxsWVaHuH+7:TQpQ5EP0ijnRTXJIVN5cQ8IvChOHIa
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T164339E5636C0C8F7D46A4A71CAA3DBF6D3B5EF01E9610A575B503FAF39320978606283
sha3_384: cfdc25eebc0bb2278e186efc5dd70df145de81107ff6625ae14e2f17c48bd0e8651c8faeb3b1eceb63bafaf143c6a220
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2009-12-05 22:50:46

Version Info:
0: [No Data]

Win32/IStartSurf.CC potentially unwanted also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Application.Bundler.Outbrowse.15
CAT-QuickHeal	Downloader.Adload.18342
ALYac	Gen:Variant.Application.Bundler.Outbrowse.15
Cylance	Unsafe
K7AntiVirus	Trojan ( 00532db71 )
K7GW	Trojan ( 00532db71 )
CrowdStrike	win/grayware_confidence_90% (W)
Cyren	W32/S-43ed6a3a!Eldorado
ESET-NOD32	Win32/IStartSurf.CC potentially unwanted
APEX	Malicious
ClamAV	Win.Trojan.Agent-1355991
Kaspersky	not-a-virus:Downloader.Win32.Agent.ebgx
BitDefender	Gen:Variant.Application.Bundler.Outbrowse.15
NANO-Antivirus	Trojan.Win32.Agent.dufhqt
Avast	Win32:DropperX-gen [Drp]
Ad-Aware	Gen:Variant.Application.Bundler.Outbrowse.15
Sophos	Generic ML PUA (PUA)
Comodo	TrojWare.Win32.TrojanDownloader.Agent.DA@5vr2um
TrendMicro	TROJ_GEN.R067C0OCI22
McAfee-GW-Edition	GenericR-FMG!352EBD611FF2
Trapmine	suspicious.low.ml.score
FireEye	Gen:Variant.Application.Bundler.Outbrowse.15
Emsisoft	Gen:Variant.Application.Bundler.Outbrowse.15 (B)
GData	Gen:Variant.Application.Bundler.Outbrowse.15
Avira	HEUR/AGEN.1233789
MAX	malware (ai score=79)
Arcabit	Trojan.Application.Bundler.Outbrowse.15
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 99)
AhnLab-V3	PUP/Win32.Downloader.R159834
Acronis	suspicious
McAfee	Artemis!8E0E38608205
VBA32	Downloader.Agent
Malwarebytes	Trojan.IStartSurf
TrendMicro-HouseCall	TROJ_GEN.R067C0OCI22
Rising	Trojan.Generic@AI.100 (RDML:tuv9geKKacSyPFOkCm0TCg)
Yandex	PUA.Downloader!uMgiwQmLN/U
Ikarus	not-a-virus:Downloader.Agent
Fortinet	W32/IStartSurf.CC!tr
BitDefenderTheta	Gen:NN.ZedlaF.34742.bu4@ay!gPKgi
AVG	Win32:DropperX-gen [Drp]
Cybereason	malicious.08205f
Panda	Trj/CI.A

How to remove Win32/IStartSurf.CC potentially unwanted?

Win32/IStartSurf.CC potentially unwanted removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X