home

updateenterdigital.exe

EnterDigital

Part of the Yontoo web browser plugin (delivers advertisements to the web browser in the form of injected banners, text-links, popups, etc.) the updater mechanism for EnterDigital will automatically keep the extension patched by downloaded new functionality which is auto-enabled by default. The application updateenterdigital.exe by EnterDigital has been detected as adware by 20 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Update EnterDigital”. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
Publisher:
EnterDigital  (signed and verified)

Version:
1.0.5442.40259

MD5:
3b1681c874d6770749799f26f37b4187

SHA-1:
2fd57a895bd9cb802d3f11b08d1cc43d3aa3f4cd

SHA-256:
a0d982071290f606bf4357b66510ff4472d3d5dd62b1b90184cdfb8bf66615d6

Scanner detections:
20 / 68

Status:
Adware

Explanation:
Part of the Yontoo adware web browser extension update process.

Analysis date:
5/4/2024 4:44:03 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.SwiftBrowse.CR
800

AhnLab V3 Security
PUP/Win32.SwiftBrowse
2014.11.26

Avira AntiVirus
Adware/BrowseFox.aoj
7.11.188.238

AVG
EnterDigital
2015.0.3278

Baidu Antivirus
Adware.MSIL.BrowseFox
4.0.3.141126

Bitdefender
Adware.SwiftBrowse.CR
1.0.20.1650

Dr.Web
Trojan.Yontoo.115
9.0.1.0330

Emsisoft Anti-Malware
Adware.SwiftBrowse.CR
8.14.11.26.12

ESET NOD32
MSIL/BrowseFox (variant)
8.10783

F-Secure
Adware.SwiftBrowse.CR
11.2014-26-11_4

G Data
Adware.SwiftBrowse.CR
14.11.24

IKARUS anti.virus
PUA.MSIL.BrowseFox
t3scan.1.8.3.0

K7 AntiVirus
Unwanted-Program
13.185.14134

Kaspersky
not-a-virus:AdWare.Win64.Agent
14.0.0.2887

McAfee
Artemis!3B1681C874D6
5600.6934

MicroWorld eScan
Adware.SwiftBrowse.CR
15.0.0.990

nProtect
Adware.SwiftBrowse.CR
14.11.26.01

Panda Antivirus
Trj/CI.A
14.11.26.12

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Reason Heuristics
PUP.Service.EnterDigital.S
14.11.26.12

File size:
413.2 KB (423,152 bytes)

Product version:
1.0.5442.40259

Original file name:
EnterDigital2014112606.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\enterdigital\updateenterdigital.exe

Digital Signature
Signed by:
EnterDigital

Authority:
VeriSign, Inc.

Valid from:
9/2/2014 2:00:00 AM

Valid to:
9/3/2015 1:59:59 AM

Subject:
CN=EnterDigital, O=EnterDigital, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1E3B5C4453E4282F35D4B16FE677D245

File PE Metadata
Compilation timestamp:
11/26/2014 7:21:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:Zi7Y9Dlx9nmYolcIp//6YmqFNprjqKNX/JNhAT6JQmQ6f+Rt954rGpvHEP:o7Y3yVd//zp6KNvpafmQb4aC

Entry address:
0x6713E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
404.5 KB (414,208 bytes)

Service
Display name:
Update EnterDigital

Type:
Win32OwnProcess


Remove updateenterdigital.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.