enhancedNT.dll

enhancedNT

Woolik technologies ltd

The module enhancedNT.dll by Woolik technologies ltd has been detected as adware by 4 anti-malware scanners. Additionally, the file is typically installed by a number of programs including Delta Chrome Toolbar by Visual Tools and DaleSearch Chrome Toolbar by Babylon Ltd, both potentially unwanted software. It is also typically executed from the user's temporary directory.
Publisher:
Woolik technologies ltd  (signed and verified)

Product:
enhancedNT

Version:
1.0.0.4

MD5:
806c31db5f8d1ba3998a8df26882b7d2

SHA-1:
efdc391594727dc622075d0b689e8470b80559d9

SHA-256:
a2e6708504dfef66440d8db2f4eb4e7e2295da5b4364815bc97424bc9de284cb

Scanner detections:
4 / 68

Status:
Adware

Analysis date:
11/23/2024 6:19:22 AM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Optional.Wooliktechnologiesltd.K
188838

Comodo Security
Application.Win32.AdWare.Agent.bb
17332

Malwarebytes
PUP.Optional.Delta.A
v2014.01.02.02

Reason Heuristics
PUP.Wooliktechnologiesltd.K
14.8.7.21

File size:
184.9 KB (189,296 bytes)

Product version:
1.0.0.4

Copyright:
Copyright (C) 1997-2013

Original file name:
enhancedNT.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\latest\enhancednt.dll

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
7/25/2013 1:00:00 AM

Valid to:
7/26/2014 12:59:59 AM

Subject:
CN=Woolik technologies ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Woolik technologies ltd, L=Or Yeuda, S=israel, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
233D2998915945A85914A5071B609336

File PE Metadata
Compilation timestamp:
8/28/2013 9:08:38 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:bX3xX5tSzv9EVZpw0335TQdP1OBZt+lS4NjIa9rxDWVHaor:bXhMSf/335TuOBDi5AVaor

Entry address:
0xDF14

Entry point:
55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 2C, 7D, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, E8, 68, 02, 10, E8, 0D, FB, FF, FF, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 44, A2, 02, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 34, 03, 02, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
109.5 KB (112,128 bytes)

The file enhancedNT.dll has been discovered within the following programs.

DaleSearch Chrome Toolbar  by Babylon Ltd
Uses the SearchGol Toolbar Platform. As part of the installation process of the Software, publisher may offer changes to your Internet Browser settings.
info.dalesearch.com
66% remove it
Delta Chrome Toolbar  by Visual Tools
Delta Chrome Toolbar is part of the babylon toolbar system, a potentially unwanted program. It has alos been detected as malware by a few antivirus programs. TrendMicro-HouseCall detects it as TROJ_GEN.RCBH1C6 and Norman detects it as Babylon.A.
83% remove it
 
Powered by Should I Remove It?

Remove enhancedNT.dll - Powered by Reason Core Security