ConstaSurf

Known Adware

What is ConstaSurf?

ConstaSurf is software application developed by Yontoo Technology, Inc.. It is most commonly found on computers running Windows 7 with nearly 59.47% of installations running this operating system. ConstaSurf's installer is typically 2.00 MB in size and installs around 41 files. The most common release is 2014.06.13.224637 with 1.54% of all installations currently using this version.

ConstaSurf is most popular in the United States with 46.11% of installations residing in this country.

About ConstaSurf?

ConSurf is a browser extension designed to inject advertising and redirect web searches. It operates as a Browser Helper Object in Internet Explorer and is known to hijack advertising on non-associated websites. The add-in injects advertising in the form of contextual link ads, banner ads, popups, and pop-overs, including on well-known ad serving sites. This adware is often bundled with unwanted third-party applications and distributed through web browser exploits. Its functionality includes injecting advertising in the form of contextual ads, links, and pop-ups.

Multiple virus scanners have detected malware in ConstaSurf.

updateConstaSurf.exe (MD5: dfb0f3e9bc199415e9de334b3dc06f0c) has been flagged by 41 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Adware.SwiftBrowse.N
Agnitum Outpost	5.5.1.3	Riskware.Agent!
AhnLab-V3	2014.11.14.00	PUP/Win32.Generic
Antiy-AVL	1.0.0.1	GrayWare[AdWare:not-a-virus,HEUR]/MSIL.Kranet
avast!	8.0.1489.320	Win32:BrowseFox-AC [PUP]
AVG	15.0.0.4189	Consurf
Avira	7.11.185.112	ADWARE/BrowseFox.Gen7
AVware	1.5.0.21	Yontoo (fs)
Baidu-International	3.5.1.41473	Adware.Win32.BrowseFox.BI
Bitdefender	7.2	Adware.SwiftBrowse.N
CAT-QuickHeal	14.00	AdWare.MSIL.r3 (Not a Virus)
Comodo Security	20075	ApplicUnwnt
Dr.Web	7.0.10.8210	Trojan.BPlug.250
Emsisoft Anti-Malware	3.0.0.600	Adware.SwiftBrowse.N (B)
ESET-NOD32	10722	a variant of Win32/BrowseFox.H
Fortinet FortiGate	5.0.999.0	Adware/Kranet
F-Secure	11.0.19100.45	Adware.SwiftBrowse.N
G Data	24	Adware.SwiftBrowse.N
IKARUS anti.virus	T3.1.8.3.0	PUA.BrowseFox
K7 AntiVirus	9.185.14007	Trojan ( 0049f7ad1 )
K7GW	9.185.14007	Trojan ( 0049f7ad1 )
Kaspersky	12.0.0.1225	not-a-virus:HEUR:AdWare.MSIL.Kranet.heur
Malwarebytes	1.75.0.1	PUP.Optional.ConstaSurf.A
McAfee	6.0.5.614	BrowseFox.c
McAfee-GW-Edition	v2014.2	BrowseFox.c
MicroWorld-eScan	12.0.250.0	Adware.SwiftBrowse.N
nProtect	2014-11-13.01	Adware.SwiftBrowse.N
Panda Antivirus	4.6.4.1	Trj/Chgt.G
Qihoo-360	1.0.0.1015	Win32/Virus.Adware.708
Sophos	4.98.0	Browse Fox
Symantec	20141.1.0.330	Trojan.Gen.2
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Wwea
Trend Micro	9.740.0.1012	TROJ_GEN.R047C0EJH14
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.R047C0EJH14
VIPRE Antivirus	34778	Yontoo (fs)
Zillya	2.0.0.1982	Backdoor.PePatch.Win32.46235
Avira AntiVir	7.11.155.202	APPL/BrowseFox.Gen2
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Agent.ah.(kcloud)
NANO AntiVirus	0.28.0.60253	Riskware.Win32.Agent.cqycvd
SUPERAntiSpyware	5.6.0.1032	Adware.BrowseFox/Variant
Vba32 AntiVirus	3.12.26.3	AdWare.Agent

ConstaSurfBHO.dll (MD5: 52cf76ff95902cf8f4b0992e8b2290a5) has been flagged by 49 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Adware.SwiftBrowse.N
Agnitum Outpost	5.5.1.3	Riskware.Agent!
AhnLab-V3	2015.08.14.00	PUP/Win32.BrowseFox
ALYac	1.0.1.4	Adware.SwiftBrowse.N
Arcabit	1.0.0.425	Adware.SwiftBrowse.N
avast!	8.0.1489.320	Win32:BrowseFox-AC [PUP]
AVG	15.0.0.4392	AdPlugin.DIY
Avira	8.3.1.6	ADWARE/BrowseFox.apf
AVware	1.5.0.21	Yontoo (fs)
Baidu-International	3.5.1.41473	Adware.Win32.BrowseFox.AE
Bitdefender	7.2	Adware.SwiftBrowse.N
Bkav FE	1.3.0.7062	W32.BrowseFoxAC.Adware
CAT-QuickHeal	14.00	PUA.Constasurf.Gen
Clam AntiVirus	0.98.5.0	Win.Adware.Agent-48082
Comodo Security	23003	ApplicUnwnt
Cyren	5.4.16.7	W32/S-304afd20!Eldorado
Dr.Web	7.0.14.8060	Trojan.Yontoo.1734
Emsisoft Anti-Malware	3.5.0.642	Adware.SwiftBrowse.N (B)
ESET-NOD32	12091	a variant of Win32/BrowseFox.AE potentially unwanted
Fortinet FortiGate	5.1.220.0	Adware/BrowseFox
F-Prot	4.7.1.166	W32/S-304afd20!Eldorado
F-Secure	11.0.19100.45	Adware.SwiftBrowse.N
G Data	25	Adware.SwiftBrowse.N
IKARUS anti.virus	T3.1.9.5.0	PUA.BrowseFox
Jiangmin	16.0.100	AdWare/SwiftBrowse.dxt
K7 AntiVirus	9.208.16884	Adware ( 004b8df51 )
K7GW	9.208.16885	Adware ( 004b8df51 )
Malwarebytes	2.1.1.1115	PUP.Optional.ConstaSurf.A
McAfee	6.0.5.614	BrowseFox
McAfee-GW-Edition	v2015	BrowseFox
MicroWorld-eScan	12.0.250.0	Adware.SwiftBrowse.N
NANO AntiVirus	0.30.24.3079	Trojan.Win32.Yontoo.dnkubo
nProtect	2015-08-13.01	Adware.SwiftBrowse.N
Panda Antivirus	4.6.4.2	Trj/CI.A
Qihoo-360	1.0.0.1015	Win32/Virus.Adware.4f7
Rising Antivirus	25.0.0.17	PE:Trojan.Win32.Generic.180AB115!403353877
Sophos	4.98.0	Browse Fox (PUA)
SUPERAntiSpyware	5.6.0.1032	Adware.Riskware/Variant
Symantec	20141.2.0.56	PUA.Yontoo.C
Trend Micro	9.800.0.1009	TROJ_GEN.R00UC0EBB15
Vba32 AntiVirus	3.12.26.4	AdWare.MSIL.Agent
VIPRE Antivirus	42864	Yontoo (fs)
Zillya	2.0.0.2351	Adware.BrowseFox.Win32.8717
Antiy-AVL	1.0.0.1	GrayWare[AdWare:not-a-virus,HEUR]/MSIL.Kranet
Kaspersky	12.0.0.1225	not-a-virus:HEUR:AdWare.MSIL.Kranet.heur
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Wwea
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.R047C0EJH14
Avira AntiVir	7.11.155.202	APPL/BrowseFox.Gen2
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Agent.ah.(kcloud)

71A8372B-B4E5-4463-B982-39E380902274.dll (MD5: 0924f3764acf7efd13df34bb9dee8fd4) has been flagged by 49 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	959	Adware.SwiftBrowse.N
Agnitum Outpost	7.1.1	PUA.Agent
Avira AntiVir	7.11.155.202	APPL/BrowseFox.Gen2
Antiy-AVL	1.0.0.1	GrayWare[AdWare:not-a-virus]/Win32.Agent
AVG	2015.0.3437	BrowseFox.F
Baidu-International	4.0.3.14620	Adware.Win32.BrowseFox.bF
Bitdefender	1.0.20.855	Adware.SwiftBrowse.N
Comodo Security	18602	Application.Win32.Altbrowse.AK
Dr.Web	9.0.0.0171	Trojan.BPlug.17
Emsisoft Anti-Malware	8.14.06.20.04	Adware.SwiftBrowse.N
ESET-NOD32	8.9971	a variant of Win32/BrowseFox.F
Fortinet FortiGate	6/20/2014	Adware/Agent
G Data	14.6.24	Adware.SwiftBrowse
IKARUS anti.virus	t3scan.1.6.1.0	not-a-virus:AdWare.Win32.Agent
K7 AntiVirus	13.180.12463	Unwanted-Program
K7GW	13.180.12463	Unwanted-Program ( 00454f261 )
Kaspersky	14.0.0.3682	not-a-virus:AdWare.Win32.Agent
Kingsoft AntiVirus	331020.49267	Win32.Troj.Agent.ah.(kcloud)
Malwarebytes	v2014.06.20.04	PUP.Optional.ConstaSurf.A
McAfee	5600.7093	Artemis!0924F3764ACF
McAfee-GW-Edition	7.7093	Artemis!0924F3764ACF
MicroWorld-eScan	15.0.0.513	Adware.SwiftBrowse.N
NANO AntiVirus	0.28.0.60253	Riskware.Win32.Agent.cqycvd
nProtect	14.06.19.01	Adware.SwiftBrowse.N
Panda Antivirus	14.06.20.04	Trj/CI.A
Sophos	4.98	Generic PUA IF
SUPERAntiSpyware	10532	Adware.BrowseFox/Variant
TrendMicro-HouseCall	7.2.171	Suspicious_GEN.F47V0614
Vba32 AntiVirus	3.12.26.3	AdWare.Agent
VIPRE Antivirus	30468	Yontoo (fs)
AhnLab-V3	2015.08.14.00	PUP/Win32.BrowseFox
ALYac	1.0.1.4	Adware.SwiftBrowse.N
Arcabit	1.0.0.425	Adware.SwiftBrowse.N
avast!	8.0.1489.320	Win32:BrowseFox-AC [PUP]
Avira	8.3.1.6	ADWARE/BrowseFox.apf
AVware	1.5.0.21	Yontoo (fs)
Bkav FE	1.3.0.7062	W32.BrowseFoxAC.Adware
CAT-QuickHeal	14.00	PUA.Constasurf.Gen
Clam AntiVirus	0.98.5.0	Win.Adware.Agent-48082
Cyren	5.4.16.7	W32/S-304afd20!Eldorado
F-Prot	4.7.1.166	W32/S-304afd20!Eldorado
F-Secure	11.0.19100.45	Adware.SwiftBrowse.N
Jiangmin	16.0.100	AdWare/SwiftBrowse.dxt
Qihoo-360	1.0.0.1015	Win32/Virus.Adware.4f7
Rising Antivirus	25.0.0.17	PE:Trojan.Win32.Generic.180AB115!403353877
Symantec	20141.2.0.56	PUA.Yontoo.C
Trend Micro	9.800.0.1009	TROJ_GEN.R00UC0EBB15
Zillya	2.0.0.2351	Adware.BrowseFox.Win32.8717
Tencent	1.0.0.1	Win32.Trojan.Falsesign.Wwea

6B4ED544-12FB-4E23-8808-29BE760D57FD.dll (MD5: 5a64be16e215a39032ce1f7b5266bcfb) has been flagged by 33 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Adware.SwiftBrowse.N
Agnitum Outpost	5.5.1.3	PUA.Agent!
Avira AntiVir	7.11.155.202	APPL/BrowseFox.Gen2
AVG	14.0.0.3972	BrowseFox.F
Baidu-International	3.5.1.41473	Adware.Win32.Agent.APX
Bitdefender	7.2	Adware.SwiftBrowse.N
Comodo Security	18602	Application.Win32.Altbrowse.AK
Dr.Web	7.0.7.12100	Trojan.BPlug.17
Emsisoft Anti-Malware	3.0.0.600	Adware.SwiftBrowse.N (B)
ESET-NOD32	9971	a variant of Win32/BrowseFox.F
Fortinet FortiGate	5.1.152.0	Adware/Agent
F-Secure	11.0.19100.45	Adware.SwiftBrowse.N
G Data	24	Adware.SwiftBrowse.N
IKARUS anti.virus	T3.1.6.1.0	not-a-virus:AdWare.Win32.Agent
K7 AntiVirus	9.180.12463	Unwanted-Program ( 00454f261 )
K7GW	9.180.12463	Unwanted-Program ( 00454f261 )
Kaspersky	12.0.0.1225	not-a-virus:AdWare.Win32.Agent.ahbx
Kingsoft AntiVirus	2013.4.9.267	Win32.Troj.Agent.ah.(kcloud)
Malwarebytes	1.75.0.1	PUP.Optional.ConstaSurf.A
McAfee	6.0.4.564	Artemis!5A64BE16E215
McAfee-GW-Edition	2013	Artemis!5A64BE16E215
MicroWorld-eScan	12.0.250.0	Adware.SwiftBrowse.N
NANO AntiVirus	0.28.0.60253	Riskware.Win32.Agent.cqycvd
nProtect	2014-06-19.01	Adware.SwiftBrowse.N
Panda Antivirus	10.0.3.5	Trj/CI.A
Qihoo-360	1.0.0.1015	Win32/Trojan.Adware.5a2
Sophos	4.98.0	Generic PUA CD
SUPERAntiSpyware	5.6.0.1032	Adware.BrowseFox/Variant
TrendMicro-HouseCall	9.700.0.1001	Suspicious_GEN.F47V0610
Vba32 AntiVirus	3.12.26.3	AdWare.Agent
VIPRE Antivirus	30468	Yontoo (fs)
Antiy-AVL	1.0.0.1	GrayWare[AdWare:not-a-virus]/Win32.Agent
CAT-QuickHeal	14.00	AdWare.Agent.r5 (Not a Virus)

6580EF5E-A748-4AD0-998E-01DFE09286D2.dll (MD5: c7985194e9c9646b0569e1ce4c9b0f52) has been flagged by 30 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Adware.SwiftBrowse.N
Agnitum Outpost	5.5.1.3	PUA.Agent!
Avira AntiVir	7.11.150.188	APPL/BrowseFox.Gen2
Antiy-AVL	0.1.0.1	GrayWare[AdWare:not-a-virus]/Win32.Agent
AVG	14.0.0.3950	BrowseFox.F
Bitdefender	7.2	Adware.SwiftBrowse.N
CAT-QuickHeal	14.00	AdWare.Agent.r5 (Not a Virus)
Comodo Security	18306	Application.Win32.Altbrowse.AK
Dr.Web	7.00.9.04080	Trojan.BPlug.17
Emsisoft Anti-Malware	3.0.0.599	Adware.SwiftBrowse.N (B)
ESET-NOD32	9827	a variant of Win32/BrowseFox.F
Fortinet FortiGate	4	Adware/Agent
F-Secure	11.0.19100.45	Adware.SwiftBrowse.N
G Data	24	Adware.SwiftBrowse.N
IKARUS anti.virus	T3.1.6.1.0	not-a-virus:AdWare.Win32.Agent
K7 AntiVirus	9.178.12140	Unwanted-Program ( 00454f261 )
K7GW	9.178.12140	Unwanted-Program ( 00454f261 )
Kaspersky	12.0.0.1225	not-a-virus:AdWare.Win32.Agent.ahbx
Kingsoft AntiVirus	2013.04.09.267	Win32.Troj.Agent.ah.(kcloud)
Malwarebytes	1.75.0001	PUP.Optional.ConstaSurf.A
McAfee	6.0.4.564	Artemis!C7985194E9C9
McAfee-GW-Edition	2013	Artemis!C7985194E9C9
MicroWorld-eScan	12.0.250.0	Adware.SwiftBrowse.N
NANO AntiVirus	0.28.0.59921	Riskware.Win32.Agent.cqycvd
Panda Antivirus	10.0.3.5	Trj/CI.A
Sophos	4.98.0	Generic PUA AK
SUPERAntiSpyware	5.6.0.1032	Adware.BrowseFox/Variant
TrendMicro-HouseCall	9.700-1001	TROJ_GEN.F47V0501
Vba32 AntiVirus	3.12.26.0	AdWare.Agent
VIPRE Antivirus	29442	Yontoo (fs)

Software Behaviors

Services:: updateConstaSurf.exe runs as a service named 'Util ConstaSurf' (Util ConstaSurf).

Software Details

URL:: https://constasurf.info/support
Support:: https://mailto:
Installation path:: C:\Program Files\ConstaSurf
Uninstaller:: C:\Program Files\ConstaSurf\ConstaSurfuninstall.exe
Size:: 2.00 MB
Language:: English

ConstaSurf Executable Details

Primary executable:: 71A8372B-B4E5-4463-B982-39E380902274.dll
Name:: ConstaSurf
Path:: C:\Program Files\ConstaSurf\71A8372B-B4E5-4463-B982-39E380902274.dll
MD5:: 0924f3764acf7efd13df34bb9dee8fd4
SHA-1:: –
SHA-256:: –

Files installed by ConstaSurf

File Type	Filename	MD5
EXE	7za.exe	e92604e043f51c604b6d1ac3bcd3a202
EXE	Updater.exe	c5bc3d856c77bc50fb4f06591205e1b1
EXE	updateConstaSurf.exe Adware	dfb0f3e9bc199415e9de334b3dc06f0c
CRX	imnmlgndokmgocfabbcnfnjfopjkbinb.crx	3d2fb6d853fa0e98ed42454077eb7e02
EXE	ConstaSurfUninstall.exe	7d5e6d0d91ced70580de6594f84c153b
EXE	ConstaSurfUn.exe	3579ec208d243217d4ae82a6db3874d5
EXE	ConstaSurf.FirstRun.exe	501b92eda26cfda868440baf613468bc
DLL	FD8A2BC3-BC33-456D-85EB-C63380DA9E6C.dll	9c336c994072742ec48799745ae16dac
DLL	EB4DC18A-C4A3-4B74-ABEF-A51ABF92E113.dll	5a64be16e215a39032ce1f7b5266bcfb
DLL	E8D87163-6742-4D0F-8D9B-13A17B2F2C17.dll	ecf9187e7c24e3585ff9b690808e8c38

Repair ConstaSurf

Having issues with ConstaSurf?

We recommend Fortect System Repair to automatically fix these issues

Download Now

Popularity

13% of users keep ConstaSurf installed

Overall Rating

Bad

Known Versions (51)

2014.06.19.061052: 0.22%
2014.06.18.141041: 0.66%
2014.06.18.061036: 0.44%
2014.06.18.021035: 0.22%
2014.06.17.221033: 0.22%
2014.06.17.101030: 0.66%
2014.06.17.061030: 0.22%
2014.06.16.221023: 0.44%
2014.06.16.181022: 0.22%
2014.06.16.141022: 0.44%
2014.06.16.101021: 0.66%
2014.06.16.061018: 0.22%
2014.06.15.181014: 0.22%
2014.06.15.141012: 0.44%
2014.06.14.181006: 0.88%
2014.06.14.101004: 0.22%
2014.06.14.061000: 0.44%
2014.06.13.224637: 1.54%
2014.06.13.224614: 0.44%
2014.06.13.180955: 0.22%
2014.06.13.140954: 0.88%
2014.06.13.100952: 0.66%
2014.06.13.060952: 0.22%
2014.06.13.020953: 0.44%
2014.06.12.220954: 0.22%
2014.06.12.205711: 0.88%
2014.06.12.205657: 0.22%
2014.06.12.180950: 0.88%
2014.06.12.140948: 1.10%
2014.06.12.100946: 0.44%
2014.06.12.020940: 0.66%
2014.06.11.215937: 0.22%
2014.06.11.210202: 0.22%
2014.06.11.170159: 0.22%
2014.06.11.130158: 0.44%
2014.06.11.090156: 0.66%
2014.06.11.050154: 0.22%
2014.06.10.220116: 0.88%
2014.06.10.170150: 0.88%
2014.06.10.130151: 1.10%
2014.06.10.010142: 0.22%
2014.06.09.210141: 0.66%
2014.06.09.170140: 1.10%
2014.06.09.130142: 0.44%
2014.06.08.210132: 0.44%
2014.06.08.170131: 1.10%
2014.06.08.090127: 0.44%
2014.06.07.170120: 0.22%
2014.06.07.130119: 0.66%
2014.06.07.050116: 0.44%
2014.06.07.010114: 0.44%

Geography Distribution