home

enterprise 1.1-bho.dll

enterprise 1.1

Porter Studio Plus

This web browser extension uses the Crossrider toolbar creation and distribution platform. The module enterprise 1.1-bho.dll, “enterprise 1.1 BHO” by Porter Studio Plus has been detected as adware by 33 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘89598d60f55e01318f2909dd7c8eb7090062170’. This file is typically installed with the program enterprise 1.1 by Naruto Source which is a potentially unwanted software program. This is the Browser Helper Object (BHO) for the Crossrider web browser platform for Internet Explorer. Instead of utilizing a traditional IE Toolbar, it installs a BHO in the browser in order to manage the functionality of the addon. It is distributed as part of the Brightcircle group of browser-extensions.
Publisher:
Marketi  (signed by Porter Studio Plus)

Product:
enterprise 1.1

Description:
enterprise 1.1 BHO

Version:
1000.1000.1000.1000

MD5:
4c18d7a9af4fbf26789c9287f981fd75

SHA-1:
568495a8942c0b5c1613008502be93ecb95fbd09

SHA-256:
2284646e9f71c9aaa4d9d6ca396452c44aa7502dc5717cbb46f7f7d388b9e39b

Scanner detections:
33 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements. Distributed through the Brightcircle investments brand.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Porter Studio Plus.

Analysis date:
4/19/2024 8:00:11 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.Graftor.159957
828

Agnitum Outpost
PUA.Adwapper
7.1.1

AhnLab V3 Security
PUP/Win32.BHO
2014.09.19

Avira AntiVirus
ADWARE/CrossRider.Gen7
7.11.182.78

avast!
Win32:Crossrider-AA [PUP]
2014.9-141102

AVG
Generic
2015.0.3306

Baidu Antivirus
PUA.Win32.CrossRider
4.0.3.14112

Bitdefender
Gen:Variant.Adware.Graftor.159957
1.0.20.1515

Comodo Security
ApplicUnwnt
19547

Dr.Web
Trojan.Crossrider.30979
9.0.1.0306

Emsisoft Anti-Malware
Gen:Variant.Adware.Graftor.159957
8.14.10.30.11

ESET NOD32
Win32/Toolbar.CrossRider.BA (variant)
8.10644

Fortinet FortiGate
Riskware/CrossRider
10/30/2014

F-Prot
W32/A-ee826839
v6.4.7.1.166

F-Secure
Gen:Variant.Adware.Graftor.159957
11.2014-30-10_5

G Data
Gen:Variant.Adware.Graftor.159957
14.10.24

IKARUS anti.virus
AdWare.WebToolbar.CroRi
t3scan.1.7.8.0

K7 AntiVirus
Trojan
13.183.13417

Kaspersky
Trojan.Win32.GoogUpdate
15.0.0.494

Malwarebytes
PUP.Optional.Enterprise.A
v2014.10.30.11

McAfee
Artemis!BF2789C2EB9B
5600.6959

MicroWorld eScan
Gen:Variant.Adware.Graftor.159957
15.0.0.909

NANO AntiVirus
Riskware.Win32.AdLoad.dcmlho
0.28.2.61721

Panda Antivirus
Trj/Chgt.F
14.11.02.11

Qihoo 360 Security
Win32/Virus.Adware.a87
1.0.0.1015

Quick Heal
AdWare.NSIS.r6 (Not a Virus)
11.14.14.00

Reason Heuristics
PUP.CrossRider.BHO.R
14.11.3.21

Rising Antivirus
PE:Malware.Obscure!1.9C59
23.00.65.141031

Sophos
Generic PUA FG
4.98

Trend Micro House Call
TROJ_GEN.F0C2H00IG14
7.2.306

Vba32 AntiVirus
AdWare.Adwapper
3.12.26.3

VIPRE Antivirus
Threat.4789396
34232

Zillya! Antivirus
Adware.Adwapper.Win32.80
2.0.0.1934

File size:
576.4 KB (590,240 bytes)

Product version:
1000.1000.1000.1000

Copyright:
Copyright 2011

Original file name:
enterprise 1.1.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\enterprise 1.1\enterprise 1.1-bho.dll

Digital Signature
Signed by:
Porter Studio Plus

Authority:
COMODO CA Limited

Valid from:
10/19/2014 8:00:00 PM

Valid to:
10/20/2015 7:59:59 PM

Subject:
CN=Porter Studio Plus, O=Porter Studio Plus, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00B7BA41CFBA8D50AF9A2A64362C08FA91

Registration
CLSIDs:
{11111111-1111-1111-1111-110611211170}, {22222222-2222-2222-2222-220622212270}

ProgIDs:
89598d60f55e01318f2909dd7c8eb7090062170.BHO.1, 89598d60f55e01318f2909dd7c8eb7090062170.Sandbox.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
10/27/2014 4:34:55 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:+Kb07iYLEYEP8gqhgpgeA4P2ULh9GyGq+mx3gQheaKTUZsiwZ7W:+Kb05o/7qhgpgeA4P2Ub3LfepT5iwM

Entry address:
0x436F4

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 9D, B2, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, 08, D1, 07, 10, E8, BD, 30, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 00, 37, 08, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 54, D3, 06, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Entropy:
6.5683

Developed / compiled with:
Microsoft Visual C++

Code size:
392.5 KB (401,920 bytes)

Internet Explorer BHO
Display name:
89598d60f55e01318f2909dd7c8eb7090062170

CLSID:
{11111111-1111-1111-1111-110611211170}

CLSID name:
enterprise 1.1


The file enterprise 1.1-bho.dll has been discovered within the following program.

enterprise 1.1  by Naruto Source
enterprise is an adware/advertising supported web browser plugin that is typically bundled by a 3rd-party download manager which includes potentially unwanted software offers in order to monetize installs (PPI) or through malvertising practices.
79% remove it
 
Powered by Should I Remove It?

Remove enterprise 1.1-bho.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.