RightSurf Description

RightSurf is adware that may display unwanted pop-up advertisements, coupons, offers and deals when PC users are shopping online or visiting various other websites. RightSurf may install itself on Internet Explorer, Mozilla Firefox and Google Chrome without a PC user’s authorization. RightSurf may be usually delivered bundled with free software that computer users download from the Web. When the computer user chooses to install a free app, it may encompass additional toolbars, browser extensions, add-ons or plug-ins added to the installation wizard.

» Learn more about SpyHunter's Spyware Detection Tool
and steps to uninstall SpyHunter.

These additional free programs, in this case, RightSurf, may be marked as optional software, but if the computer user does not uncheck a box to add them, he may end up with unwanted system changes on the computer. RightSurf may keep track of the computer user’s surfing routine and send collected data to third-parties for targeted advertising purposes.


a variant of Win32/BrowseFox.G [ESET-NOD32]Trojan/Win32.Zapchast [AhnLab-V3]TROJ_GEN.F47V0125 [TrendMicro-HouseCall]Artemis!5215978785A6 [McAfee]a variant of Win32/BrowseFox.F [ESET-NOD32]Win32.Troj.Agent.ah.(kcloud) [Kingsoft]AdWare/Win32.Agent [Antiy-AVL]Generic PUA PP [Sophos]Application.Win32.Altbrowse.AK [Comodo]not-a-virus:AdWare.Win32.Agent.ahbx [Kaspersky]

More aliases (13)

RightSurf Automatic Detection Tool (Recommended)

Is your PC infected with RightSurf? To safely & quickly detect RightSurf we highly recommend you run the malware scanner listed below.

Technical Details

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}SOFTWARE\Microsoft\Tracing\RightSurf_RASAPI32SOFTWARE\Microsoft\Tracing\RightSurf_RASMANCSSOFTWARE\Microsoft\Tracing\updateRightSurf_RASAPI32SOFTWARE\Microsoft\Tracing\updateRightSurf_RASMANCSSOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{88be1aa9-6740-461c-9e3e-f35eb8fa741c}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{88BE1AA9-6740-461C-9E3E-F35EB8FA741C}Software\RightSurfSOFTWARE\Wow6432Node\Google\Chrome\Extensions\ajjpgnlpolfpnebjjaciccmmjnmjfjklSOFTWARE\Wow6432Node\Microsoft\Tracing\RightSurf_RASMANCSSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{88be1aa9-6740-461c-9e3e-f35eb8fa741c}SOFTWARE\Wow6432Node\RightSurfSYSTEM\ControlSet001\services\eventlog\Application\Update RightSurfSYSTEM\ControlSet001\services\Update RightSurfSYSTEM\ControlSet001\Services\Util RightSurfSYSTEM\ControlSet002\Services\Util RightSurfSYSTEM\CurrentControlSet\services\eventlog\Application\Update RightSurfSYSTEM\CurrentControlSet\services\Update RightSurfSYSTEM\CurrentControlSet\Services\Util RightSurfHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}RightSurf
  • The following CLSID's were detected:
    HKEY..\..\{CLSID Path} {88be1aa9-6740-461c-9e3e-f35eb8fa741c}{A4F32137-598E-41B6-B601-9965084C8F08}{C64BA349-1F34-4BFC-8D23-A317279D0CB9}
Posted: December 17, 2013 | By
Rate this article:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Threat Metric
Threat Level: 2/10
Detection Count: 938,381

Leave a Reply

What is 13 + 11 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)