» encyclopediabritannicagamesbar.dll
Overview
Analysis
File Details

encyclopediabritannicagamesbar.dll

DTX Toolbar

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The module encyclopediabritannicagamesbar.dll, “DTX kernel Module” by Visicom Media has been detected as a potentially unwanted program by 9 anti-malware scanners.

File name:

Publisher:

Visicom Media Inc (signed by Visicom Media Inc.)

Product:

DTX Toolbar

Description:

DTX kernel Module

Version:

5, 0, 8, 250

MD5:

502fce0264125bd6bbf37aa0d477ff17

SHA-1:

a94331ad1231018e7d73ed59d9f8b37b0557f13f

SHA-256:

095af0977d96174b61bc99c0a237ea7ce82f83adf77315fc079e278290e884a8

Scanner detections:

9 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 9:35:20 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Trash.Gen

7.11.30.172

Dr.Web

DLOADER.Trojan

9.0.1.044

Emsisoft Anti-Malware

Gen:Variant.Zusy.81792

8.16.02.13.01

ESET NOD32

Win32/Toolbar.Visicom (variant)

10.10130

Fortinet FortiGate

Riskware/Toolbar_Visicom

2/13/2016

McAfee

Artemis!8370F1E1F0D3

5600.6491

Reason Heuristics

PUP.Visicom.VisicomMedia.Toolbar (M)

16.2.13.1

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

9327

Trend Micro House Call

TROJ_GEN.F47V0521

7.2.44

File size:

454.6 KB (465,536 bytes)

Product version:

5, 0, 8, 250

Original file name:

dtBand.dll

File type:

Dynamic link library (Win32 DLL)

Language:

English (United States)

Digital Signature

Signed by:

Visicom Media Inc.

Authority:

Thawte, Inc.

Valid from:

4/18/2012 2:00:00 AM

Valid to:

6/22/2014 1:59:59 AM

Subject:

CN=Visicom Media Inc., OU=SECURE APPLICATION DEVELOPMENT, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

2B19B54BB7ABEE1A2623111C029AF449

File PE Metadata

Compilation timestamp:

11/19/2012 9:17:22 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

12288:2FKw9/jF7ks7MFDkHVzlnDZcEO7YGBAdqrEyRrmUe0XPrHs5ha0WxS:2FKwxjT7/TDUY6QQjKyXrs5ha0WxS

Entry address:

0x40130

Entry point:

6A, 0C, 68, A0, 6E, 05, 10, E8, D0, C9, FF, FF, 33, C0, 40, 89, 45, E4, 8B, 75, 0C, 33, FF, 3B, F7, 75, 0C, 39, 3D, 18, 6D, 06, 10, 0F, 84, B3, 00, 00, 00, 89, 7D, FC, 3B, F0, 74, 05, 83, FE, 02, 75, 31, A1, AC, 85, 06, 10, 3B, C7, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D0, 89, 45, E4, 39, 7D, E4, 0F, 84, 85, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 22, FE, FF, FF, 89, 45, E4, 3B, C7, 74, 72, 8B, 5D, 10, 53, 56, FF, 75, 08, E8, 3E, 56, FC, FF, 89, 45, E4, 83, FE, 01, 75, 0E, 3B, C7, 75, 0A, 53, 57, FF... 
[+]

Developed / compiled with:

Microsoft Visual C++ v7.1

Code size:

320 KB (327,680 bytes)

Remove encyclopediabritannicagamesbar.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.