» panda_url_filtering.exe.nsd30a4.tmp
Overview
Analysis
File Details
Programs (1)

panda_url_filtering.exe.nsd30a4.tmp

Anti-phishing Domain Advisor

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The file panda_url_filtering.exe.nsd30a4.tmp, “Visicom Media Anti-phishing Domain Advisor (Powered by Panda Security)” by Visicom Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Panda Security URL Filtering by Panda Security.

File name:

Publisher:

Panda Security (signed by Visicom Media Inc.)

Product:

Anti-phishing Domain Advisor

Description:

Visicom Media Anti-phishing Domain Advisor (Powered by Panda Security)

Version:

1, 0, 1, 33

MD5:

85e357c191fcbdd32bdd1e62795ef3c5

SHA-1:

2dde63465024ffee80b46a7aa0858952c271c812

SHA-256:

9577c5459111eac5554b17169e80030d5d41cddb55ecdb5f4a25660b2027e2cc

Scanner detections:

1 / 68

Status:

Potentially unwanted

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/26/2024 7:44:21 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Visicom.VisicomMedia (M)

16.2.5.12

File size:

227.2 KB (232,616 bytes)

Product version:

1.0

Language:

English (United States)

Common path:

C:\ProgramData\panda security url filtering\panda_url_filtering.exe.nsd30a4.tmp

Digital Signature

Signed by:

Visicom Media Inc.

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

6/23/2010 8:00:00 PM

Valid to:

6/21/2012 7:59:59 PM

Subject:

CN=Visicom Media Inc., OU=SECURE APPLICATION DEVELOPMENT, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

73C74D9445094BFD79759F7B9CAFD730

File PE Metadata

Compilation timestamp:

1/17/2012 3:14:53 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

3072:syevx2hjsvS2IHxhK5oi26EfaeF/FQUZ1AIDwXQxf6xM5vrWMCpwkk8FvLjDso:JMUgr0hWoiGfaRgA3fxaHMwkD

Entry address:

0x1222B

Entry point:

E8, AF, 7D, 00, 00, E9, 78, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B... 
[+]

Entropy:

6.3307

Code size:

126.5 KB (129,536 bytes)

The file panda_url_filtering.exe.nsd30a4.tmp has been discovered within the following program.

Panda Security URL Filtering by Panda Security

The Panda Security Toolbar is a free optional toolbar that comes with Panda Cloud. The toolbar provides web filtering along with some features that may come in handy for users. The toolbar works on Internet Explorer and Firefox only.

60% remove it

Remove panda_url_filtering.exe.nsd30a4.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.