home

pandasecuritytb.exe

Panda Security Toolbar

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application pandasecuritytb.exe, “Panda Security Toolbar Installer” by Visicom Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application and has been known to bundle potentially unwanted software. It is also typically executed from the user's temporary directory.
Publisher:
Panda Security and Visicom Media Inc.  (signed by Visicom Media Inc.)

Product:
Panda Security Toolbar

Description:
Panda Security Toolbar Installer

Version:
4.0

MD5:
c459ae4b04b1a5a2b2286504c9d82fe6

SHA-1:
17df92657e6922e928531e2f91baa48c8b7bfca4

SHA-256:
6cda04346d32bbb07ec1dedf7a210d1946e6d561dfe9831967edbd6ed0628003

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/26/2024 4:00:17 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Visicom.Installer
17.2.24.16

File size:
2.8 MB (2,909,176 bytes)

Product version:
4.0.0.17

Copyright:
© Visicom Media Inc. (License)

Trademarks:
Panda Security and Visicom Media Inc., All Rights Reserved

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\Program Files\panda security\panda cloud antivirus\tools\pandasecuritytb.exe

Digital Signature
Signed by:
Visicom Media Inc.

Authority:
Thawte, Inc.

Valid from:
4/17/2012 9:00:00 PM

Valid to:
6/21/2014 8:59:59 PM

Subject:
CN=Visicom Media Inc., OU=SECURE APPLICATION DEVELOPMENT, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
2B19B54BB7ABEE1A2623111C029AF449

File PE Metadata
Compilation timestamp:
12/5/2009 7:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x323C

Entry point:
C3, C3, C3, C3, C3, C3, C3, C3, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Code size:
23 KB (23,552 bytes)

Remove pandasecuritytb.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.