home

Visual Tools

Publisher Information

Visual Tools is a software publisher located in Belgrade, Serbia in Republic of Serbia*. The company is a primary distributor of unwanted software. Visual Tools is a develper that builds marketing and back-office affiliate networks used to distribute legitimate as well as some potentially unwanted software applications. In addition Visual Tools developes web browser toolbars and extensions for third-party companies including Babylon which developes and distributes search toolbars through bundled software offers. There is one additional code signing certificate issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
1/10/2013 1:00:00 AM

Valid to:
1/11/2015 12:59:59 AM

Subject:
CN=Visual Tools, O=Visual Tools, L=Belgrade, S=Serbia, C=RS

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
789958b0264f06055619270074afa61f

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Babylon (M), Win32.Generic, PUP.Banylon
100.00%

1 / 68      (Adware)
deltatb.exe  (03b65e045900a31bcb83312a6773a0a4)

1 / 68      (Adware)
buenosearchtb.exe  (90649f63fb8057aee5b09e42abb18ad6)

1 / 68      (Adware)
zilla-jpg-to-pdf-converter-2-1-0-en-win.exe  (b7433eb5297fcb59f91a7fd1e5d41e9d)

1 / 68      (Adware)
uddownload.tmp  (e07ae5d4918e873b8595bd58b98555d8)

1 / 68      (Adware)
emoticones-animaux-messenger-1.0.exe  (8daaec380b7ce1cce1948fd1f1f724ff)

1 / 68      (Adware)
crxupdater_d.exe  (ed162ff58591a1482749fb412edfa472)

1 / 68      (Adware)
adobe-flash-player-squared-.exe  (9b972a2f4498630e82b7943e7535a466)

1 / 68      (Adware)
youtube-mate-7.18.exe  (cfc1c6a626424c0c07e72bacdfb8ac7c)

1 / 68      (Adware)
youtube-downloader-hd-2-9-8-9-en-win.exe  (a0487df94f3d741725ab171953dc9af0)

1 / 68      (Adware)
celtx-2-9-1-es-en-win.exe  (0a8ffea74acffb00dd8159a38074bff3)

1 / 68      (Adware)
visual-basic-2008-express-edition-9.0.exe  (d286b7fd808cd1b90dfdc1199dff6f6e)

1 / 68      (Adware)
uddownload.tmp  (9a636b54a6f6cbe9057f02a285665d8c)

1 / 68      (Adware)
deltatb.exe  (676cc4b7a44d8196f1a6427fe4988a7c)

1 / 68      (Adware)
directx-9-29-1974-es-en-win.exe  (1bdbaa1c1992fc0f2a4a3ef44f0f5527)

1 / 68      (Adware)
youtube-downloader-4-62-en-win.exe  (0c7c7187fe5d0a2c0ccd326b39b95a34)

1 / 68      (Adware)
webcam-effects-1-0-0-2-en-win.exe  (6a72b4095384849c0d3ba60fad9daa15)

1 / 68      (Adware)
spider-solitarie-en-win.exe  (b6a61176beaf8845e5ec559417c4c1a1)

1 / 68      (Adware)
guninstaller.exe (Uninstaller by Babylon)  (00e0eecfe1cf1e6e4600e1d69f1234cc)

1 / 68      (Adware)
babmaint.exe  (f030fe8f07362e3c169f8ae1aeff0a06)

1 / 68      (Adware)
crxupdater_d.exe  (ed162ff58591a1482749fb412edfa472)

1 / 68      (Adware)
nokia-connectivity-cable-driver-7-1-34-0-en-win.exe  (4590f671da8548663b401b668ab668ef)

1 / 68      (Adware)
BUSolution.dll (BU Dynamic Link Library)  (30fddc8310bdc66dbee77118f86e50c9)

1 / 68      (Adware)
guitar-pro-6-0-en-win.exe  (6b37545d3f5d45a9db12db75d8874244)

1 / 68      (Adware)
convexsoft-dj-audio-mixer-1.4.exe  (0d642f68ac09c5be3a5ec39a49ae153d)

1 / 68      (Adware)
cradle-rome-2-.exe  (1de3831585cb995d184d82fd650a5199)

1 / 68      (Adware)
3d-simulator-5-0-de-en-win.exe  (f1dcaf197f88c16c30a04785a7e89ed8)

1 / 68      (Adware)
free-html5-video-player-and-converter-5-0-26-es-en-br-fr-it-pl-gr-tr-win.exe  (a596288b70b218acd25662eec7c10a42)

1 / 68      (Adware)
enhancedNT.dll (enhancedNT)  (e8acd9ba00ff35b2f9671b98cec3d092)

1 / 68      (Adware)
setup.exe (Setup Module by Babylon)  (82266aa57cb732b02344e855dc7b4294)

1 / 68      (Adware)
guninstaller.exe (Uninstaller by Babylon)  (91f752acc44cde45fe95b4e5fed1cc1e)

 
Latest 30 of 963 files

Downloads URLs for files signed by Visual Tools.

1 / 68      (Adware)
http://dw1.uptodown.com/dm/3/1382202700/9e7f90e0800017689fd39f8eb8b3402321ffdbba/.../visual-basic-2008-express-edition-9-0-en-win-setup.exe  (d286b7fd808cd1b90dfdc1199dff6f6e)

The following certificate is also signed by Visual Tools.

408E6A1AC8A6BFBB9F655878B36BA3AE  (Jan 19, 2015 to Jan 18, 2017)

The following publishers (by Authenticode signature organization name) are related.

Woolik technologies ltd

Babylon Ltd.

* Note, the details and description above are based on the code signing digital signature issued to Visual Tools by Thawte, Inc. on January 10, 2013 with the serial number '789958b0264f06055619270074afa61f'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.