home

ilividau.dll

ilivid Toolbar

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The module ilividau.dll, “ilivid Toolbar Security Helper” by Visicom Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Visicom Media  (signed by Visicom Media Inc.)

Product:
ilivid Toolbar

Description:
ilivid Toolbar Security Helper

Version:
1.0.0.18

MD5:
55f7dd4e17c5ba8677a208001d0d43a4

SHA-1:
f24e321133cbef8a155c6d3a90308d71e93e70f4

SHA-256:
cce4b2501d60f7b9aa4f4ad6b1ed88d5d3164055b3c5358d609c06621c9d7cd2

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/25/2024 2:47:05 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Visicom.VisicomMedia.Toolbar (M)
16.1.12.5

File size:
256.2 KB (262,312 bytes)

Product version:
1.0.0.18

Copyright:
© 2010 Visicom Media Inc.

Original file name:
AuxBHO.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\ilividtb\auxi\ilividau.dll

Digital Signature
Signed by:
Visicom Media Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
5/28/2008 5:30:00 AM

Valid to:
6/23/2010 5:29:59 AM

Subject:
CN=Visicom Media Inc., OU=SECURE APPLICATION DEVELOPMENT, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
70DEF7A1CF826EC0B9F2257933EA429B

File PE Metadata
Compilation timestamp:
3/26/2010 11:06:31 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3072:TMmh+n1mLDNMXeTF3Qllzr59sIprrS2uydx8aIrdoxP0Q54ky8LTkT:TyWgl9dCIM3yb8aj6RkrQT

Entry address:
0x1B536

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 53, B5, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, 68, 70, 88, 01, 10, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, 18, AE, 03, 10, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, C3...
 
[+]

Entropy:
6.5790

Code size:
189.5 KB (194,048 bytes)

Remove ilividau.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.