home

updatefocusbase.exe

focusbase

Part of the Yontoo web browser plugin (delivers advertisements to the web browser in the form of injected banners, text-links, popups, etc.) the updater mechanism for focusbase will automatically keep the extension patched by downloaded new functionality which is auto-enabled by default. The application updatefocusbase.exe by focusbase has been detected as adware by 10 anti-malware scanners. This file is typically installed with the program focusbase by Yontoo Technology, Inc. which is a potentially unwanted software program. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
Publisher:
focusbase  (signed and verified)

Version:
1.0.5373.4085

MD5:
2e9fca6cc8e20ca1ada6ae13fabf1674

SHA-1:
b60d9b9cb37306ae43eebdae2f2644cda69757f4

SHA-256:
728d379b957e696f32cccc7be28d525fcdc3dbc822f540a513dafb4c8c39684d

Scanner detections:
10 / 68

Status:
Adware

Explanation:
Part of the Yontoo adware web browser extension update process.

Analysis date:
4/26/2024 5:23:15 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/BrowseFox.Gen
7.11.173.16

AVG
Focusbase
2015.0.3348

Baidu Antivirus
Adware.Win32.BrowseFox
4.0.3.14917

ESET NOD32
Win32/BrowseFox.H potentially unwanted application
7.0.302.0

Kaspersky
not-a-virus:HEUR:AdWare.MSIL.Kranet
14.0.0.3235

Malwarebytes
PUP.Optional.FocusBase.A
v2014.09.17.10

Panda Antivirus
Adware/BrowserFox
14.09.17.10

Reason Heuristics
Adware.Yontoo.focusbase.P
14.9.17.15

Sophos
Generic PUA LG
4.98

VIPRE Antivirus
Threat.4741131
32938

File size:
317.3 KB (324,896 bytes)

Product version:
1.0.5373.4085

Original file name:
focusbase.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\focusbase\updatefocusbase.exe

Digital Signature
Signed by:
focusbase

Authority:
VeriSign, Inc.

Valid from:
4/21/2014 7:00:00 PM

Valid to:
4/22/2015 6:59:59 PM

Subject:
CN=focusbase, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=focusbase, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
229BE95AFAF17766126629CC0A897C5F

File PE Metadata
Compilation timestamp:
9/16/2014 10:16:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:Z5mjT+s/4y0SUABrBmq4iqAYYWpXADk9M83b6eGbxAq/:Z5mjPAy9UihxgK83b1m1

Entry address:
0x4F11E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.0948

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
308.5 KB (315,904 bytes)

The file updatefocusbase.exe has been discovered within the following programs.

focusbase  by Yontoo Technology, Inc.
focusbase is an adware web browser extension that is display banners ads as well as contextual link ads . The ads are injected by the web browser plugin (IE, FF and Chrome) and will display on any web site, even those not associated or affiliated with the publisher.
focusbase.info/support
87% remove it
 
Powered by Should I Remove It?

Remove updatefocusbase.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.