home

ScanTackBrowserFilter.exe

Scan Tack

Installed as part of the Yontoo Scan Tack branded web browser extension, the BrowserFilter component is responsible for injecting advertising in the browser based on the context of the HTML being rendered. Ads are injected in the browser in the form of inline text, coupons, multi-site searching and additional offers. The application ScanTackBrowserFilter.exe by Scan Tack has been detected as adware by 20 anti-malware scanners. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
Publisher:
Scan Tack  (signed and verified)

Version:
0.0.0.0

MD5:
eeaa98e647af1efbd17d51e2a19d0ed0

SHA-1:
ac3ac33da9bc4fbea24ba933bddc2c276b9f0309

SHA-256:
788c2ad248f5f84834d786e947f6e9acc633c053e9bfade773e14e8f03d548c9

Scanner detections:
20 / 68

Status:
Adware

Explanation:
Part of the Yontoo ad injection web browser add-on.

Analysis date:
4/26/2024 12:03:34 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.SwiftBrowse.Y
767

Avira AntiVirus
Adware/BrowseFox.apb
7.11.197.30

avast!
Win32:BrowseFox-J [PUP]
2014.9-141229

AVG
Generic
2015.0.3245

Bitdefender
Adware.SwiftBrowse.Y
1.0.20.1815

Comodo Security
UnclassifiedMalware
20438

Emsisoft Anti-Malware
Adware.SwiftBrowse.Y
8.14.12.29.07

ESET NOD32
MSIL/BrowseFox (variant)
8.10912

Fortinet FortiGate
Adware/BrowseFox
12/29/2014

F-Prot
W32/S-2255da37
v6.4.7.1.166

F-Secure
Adware.SwiftBrowse.Y
11.2014-29-12_2

G Data
Adware.SwiftBrowse
14.12.24

IKARUS anti.virus
PUA.BrowseFox
t3scan.1.8.5.0

K7 AntiVirus
Unwanted-Program
13.188.14395

Malwarebytes
PUP.Optional.Sanbreel.A
v2014.12.29.07

McAfee
BrowseFox-SJ
5600.6901

MicroWorld eScan
Adware.SwiftBrowse.Y
15.0.0.1089

nProtect
Adware.SwiftBrowse.Y
14.12.19.01

Reason Heuristics
PUP.ScanTack.V
14.12.29.19

VIPRE Antivirus
Yontoo
35976

File size:
35.3 KB (36,128 bytes)

Product version:
0.0.0.0

Original file name:
ScanTackBrowserFilter.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\scantack\bin\scantackbrowserfilter.exe

Digital Signature
Signed by:
Scan Tack

Authority:
VeriSign, Inc.

Valid from:
1/22/2014 12:00:00 AM

Valid to:
1/22/2015 11:59:59 PM

Subject:
CN=Scan Tack, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Scan Tack, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
44D91A3142283CE62B23F23C84838B0D

File PE Metadata
Compilation timestamp:
12/7/2014 4:25:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:Wy+R7BhtvbOOyCQo8H8WbPiIxRQD2DQip:WRNhtvKO1Qo8HvbqIxR+2s8

Entry address:
0x88AA

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 6E, 00, 00, 00, EC, 88, 00, 00, EC, 6A, 00, 00, 52, 53, 44, 53, 52, 11, F6, 78, 5C, 3E, E3, 42, 81, 2D, 12, B6, 89, A6, 99, 1E, 01, 00, 00, 00, 44, 3A, 5C, 55, 74, 69, 6C, 69, 74, 69, 65, 73, 5C, 35, 77, 72, 64, 61, 71, 6B, 61, 2E, 6B, 67, 6C, 5C, 44, 65, 73, 6B, 74, 6F, 70, 5C, 42, 72, 6F, 77...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
26.5 KB (27,136 bytes)

Remove ScanTackBrowserFilter.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.