» mystarttb64.dll
Overview
Analysis
File Details

mystarttb64.dll

MyStart Toolbar

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The module mystarttb64.dll by Visicom Media has been detected as a potentially unwanted program by 2 anti-malware scanners.

File name:

mystarttb64.dll

Publisher:

Visicom Media Inc (signed by Visicom Media Inc.)

Product:

MyStart Toolbar

Version:

5, 0, 8, 275

MD5:

cbea3d529514c8a3e10ff31ec14e2309

SHA-1:

44230e20e1819dcfd239b381f26791de47af696b

SHA-256:

daf27c6ed2703eb0fdcbf6a60b314dbf528b99512bf1f36c25a9c71fdb62fb6c

Scanner detections:

2 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 4:59:27 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Visicom

2017.0.2862

Reason Heuristics

PUP.Visicom.VisicomMedia.Toolbar (M)

16.1.16.17

File size:

807.3 KB (826,632 bytes)

Product version:

5.0.8.275

Original file name:

mystarttb.dll

File type:

Dynamic link library (Win64 DLL)

Language:

English (United States)

Common path:

C:\Program Files\mystarttb\mystarttb64.dll

Digital Signature

Signed by:

Visicom Media Inc.

Authority:

Thawte, Inc.

Valid from:

5/7/2014 8:00:00 PM

Valid to:

6/20/2016 7:59:59 PM

Subject:

CN=Visicom Media Inc., OU=SECURE APPLICATION DEVELOPMENT, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

266F9E30991B0C3EFC03DA9B8CDDB68D

File PE Metadata

Compilation timestamp:

3/10/2014 2:37:04 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

12288:OITqkJRcKLg8LXQPz3xxQOyd0VmTT6K6hOOABEM7cU6v6:zT5Jo88tly6VmTmK6gOI6v6

Entry address:

0x6882C

Entry point:

48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, C7, D0, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, AB, FE, FF, FF, CC, CC, CC, 40, 53, 48, 83, EC, 30, 48, 8B, D9, B9, 0E, 00, 00, 00, E8, 4D, 8D, 00, 00, 90, 48, 8B, 43, 08, 48, 85, C0, 74, 44, 48, 8B, 0D, 80, 60, 05, 00, 48, 89, 4C, 24, 20, 48, 8D, 15, 6C, 60, 05, 00, 48, 85, C9, 74, 1E, 48, 39, 01, 75, 0F, 48, 8B, 41, 08, 48, 89... 
[+]

Entropy:

6.1745

Code size:

554 KB (567,296 bytes)

Remove mystarttb64.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.