home

encyclopediabritannicagamesbarx.dll

dtx Dynamic Link Library

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The module encyclopediabritannicagamesbarx.dll, “dtx Dynamic Link Library” by Visicom Media has been detected as a potentially unwanted program by 8 anti-malware scanners. It is installed within the context of Internet Explore as a BHO (Browser Helper Object) under the name ‘Seventeen’.
Publisher:
Visicom Media Inc.  (signed and verified)

Product:
dtx Dynamic Link Library

Description:
dtx Dynamic Link Library

Version:
1, 0, 0, 20

MD5:
e77236a1a4aceefdca2fd52ce20a94b6

SHA-1:
3edfb0afd72c511520af22c01e731ac47d0f184c

SHA-256:
bb2cb58a9262180e225a4bd6ed41e8ce9aa44028f5d36d6dd8619cb0e5ed43ed

Scanner detections:
8 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 7:43:32 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
PUA.Toolbar.Agent
7.1.1

Baidu Antivirus
PUA.Win32.Visicom
4.0.3.1624

Bkav FE
W32.HfsAdware
1.3.0.6379

ESET NOD32
Win32/Toolbar.Visicom.B potentially unwanted application
10.7.0.302.0

K7 AntiVirus
Trojan
13.200.15187

Kaspersky
not-a-virus:WebToolbar.Win32.Agent
14.0.0.714

Reason Heuristics
PUP.Visicom.VisicomMedia (M)
16.2.4.2

Zillya! Antivirus
Adware.Agent.Win32.44662
2.0.0.2090

File size:
86.6 KB (88,704 bytes)

Product version:
1, 0, 0, 20

Copyright:
Copyright 2010 Visicom Media Inc.

Original file name:
dtx.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\seventeen\encyclopediabritannicagamesbarx.dll

Digital Signature
Signed by:
Visicom Media Inc.

Authority:
Thawte, Inc.

Valid from:
4/17/2012 5:00:00 PM

Valid to:
6/21/2014 4:59:59 PM

Subject:
CN=Visicom Media Inc., OU=SECURE APPLICATION DEVELOPMENT, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
2B19B54BB7ABEE1A2623111C029AF449

File PE Metadata
Compilation timestamp:
7/15/2010 8:21:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
1536:3NznD/GJR0M0DV0X9Umxe2OG8pixJkGCl6klluP2w53WHj:3dnDVM0I962Ol6klluP2G8j

Entry address:
0x4C36

Entry point:
6A, 0C, 68, C0, D5, 00, 10, E8, 6A, 05, 00, 00, 33, C0, 40, 89, 45, E4, 8B, 75, 0C, 33, FF, 3B, F7, 75, 0C, 39, 3D, 98, 0F, 01, 10, 0F, 84, B3, 00, 00, 00, 89, 7D, FC, 3B, F0, 74, 05, 83, FE, 02, 75, 31, A1, CC, 27, 01, 10, 3B, C7, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D0, 89, 45, E4, 39, 7D, E4, 0F, 84, 85, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 22, FE, FF, FF, 89, 45, E4, 3B, C7, 74, 72, 8B, 5D, 10, 53, 56, FF, 75, 08, E8, F9, DB, FF, FF, 89, 45, E4, 83, FE, 01, 75, 0E, 3B, C7, 75, 0A, 53, 57, FF...
 
[+]

Entropy:
6.0368

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
48 KB (49,152 bytes)

Internet Explorer BHO
Display name:
Seventeen

CLSID:
{b92a9c40-9a96-45e8-9bc1-c05b0a660e5b}


Remove encyclopediabritannicagamesbarx.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.