» antispy.exe
Overview
Analysis
File Details

antispy.exe

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application antispy.exe by Visicom Media has been detected as a potentially unwanted program by 2 anti-malware scanners.

File name:

antispy.exe

Publisher:

Visicom Media Inc. (signed and verified)

Version:

3.0.2.1

MD5:

1ef5916322205360931df8932aed23b7

SHA-1:

3dcb636abf0f3f8e180ea73c5102650c869216f6

SHA-256:

d12b8f07f8c334e2d218c52e90b9020c4ed84b0b50815069b013de8c8ea76282

Scanner detections:

2 / 68

Status:

Potentially unwanted

Analysis date:

4/16/2024 4:35:05 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.VisicomMedia.H

14.12.25.1

Vba32 AntiVirus

Signed-AdWare.Win32.BHO.w

3.12.10.2

File size:

678.3 KB (694,624 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

English (Canada)

Common path:

C:\Program Files\common files\scanner\antispy.exe

Digital Signature

Signed by:

Visicom Media Inc.

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

5/30/2006 5:00:00 PM

Valid to:

6/21/2007 4:59:59 PM

Subject:

CN=Visicom Media Inc., OU=SECURE APPLICATION DEVELOPMENT, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

46009F112341EB9E47AD9A71D868DC95

File PE Metadata

Compilation timestamp:

6/19/1992 3:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:6Qo2+WWYPow9ZCYddYdvleW1bWAo4NWsgN:CD+ow9cYddYX1bWVN

Entry address:

0x8F848

Entry point:

55, 8B, EC, 83, C4, E8, 33, C0, 89, 45, EC, 89, 45, E8, B8, 84, E5, 48, 00, E8, D8, 72, F7, FF, 33, C0, 55, 68, 3E, FA, 48, 00, 64, FF, 30, 64, 89, 20, 33, C0, A3, A8, 68, 49, 00, 68, 00, 01, 00, 00, 68, A8, 67, 49, 00, A1, 58, 20, 49, 00, 8B, 00, 8B, 40, 30, 50, E8, F5, 7B, F7, FF, 68, 00, 01, 00, 00, 68, A8, 66, 49, 00, A1, 58, 20, 49, 00, 8B, 00, 8B, 40, 30, 50, E8, 7B, 7A, F7, FF, 6A, 00, 68, D0, E4, 48, 00, E8, 27, 7A, F7, FF, 83, 3D, A8, 68, 49, 00, 00, 76, 4C, A1, A8, 68, 49, 00, 50, E8, E3, 7A, F7... 
[+]

Entropy:

6.6250

Developed / compiled with:

Microsoft Visual C++

Code size:

569 KB (582,656 bytes)

Remove antispy.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.