Visual Tools

Publisher Information

Visual Tools is a software publisher located in Belgrade, Serbia in Republic of Serbia*. The company is a primary distributor of unwanted software. Visual Tools is a develper that builds marketing and back-office affiliate networks used to distribute legitimate as well as some potentially unwanted software applications. In addition Visual Tools developes web browser toolbars and extensions for third-party companies including Babylon which developes and distributes search toolbars through bundled software offers. There is one additional code signing certificate issued to this publisher.
Remove Visual Tools Malware - Powered by Reason Core Security
Authority:
Thawte, Inc.

Valid from:
1/9/2013 9:00:00 PM

Valid to:
1/10/2015 8:59:59 PM

Subject:
CN=Visual Tools, O=Visual Tools, L=Belgrade, S=Serbia, C=RS

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
789958b0264f06055619270074afa61f

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Babylon.Banylon (M), PUP.Babylon.Banylon.Installer (M)
100.00%

Bkav FE
W32.Clod2b6.Trojan, W32.Vetor.PE
12.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen, Virus.Virut.14
12.00%

Trend Micro House Call
TROJ_GEN.F47V0927, TROJ_GEN.F47V0726
12.00%

VIPRE Antivirus
Threat.4721115, Threat.4737366
12.00%

Microsoft Security Essentials
Threat.Undefined
12.00%

avast!
Win32:Kukacka, Win32:Virtu-A
12.00%

K7 Gateway Antivirus
Virus
12.00%

K7 AntiVirus
Virus
12.00%

Norman
Sality.ZHB, Virut.HL
12.00%

24 / 68    (Adware)
setup.exe (Setup Module by Babylon)  (c049736764cb766e8b41ca0fa0da4b8a)

1 / 68      (Adware)
buenosearchtb.exe  (7f913733dda3501696c112d780a1cc56)

1 / 68      (Adware)
mz-game-accelerator-1-1-0-en.exe  (41864ca14e20a4f536f0af958c268760)

27 / 68    (Adware)
guninstaller.exe (Uninstaller by Babylon)  (65f9a14fb1000512dd98726878a2a96d)

24 / 68    (Adware)
setup.exe (Setup Module by Babylon)  (08c9e7a6594a04bfd071ae22c059f505)

1 / 68      (Adware)
utorrent-portable-3-3-1-29963-en-win.exe  (d093d1eff6e4d69049d09c149dff819f)

1 / 68      (Adware)
youtube-downloader-hd-2-9-8-9-en-win.exe  (80515c4bdd8a1712e87d2206aca53d8e)

1 / 68      (Adware)
dreamweaver8-es.exe  (a73549f123983c34ff5b1ebd0356cdda)

1 / 68      (Adware)
mathtype-6-9-en-win.exe  (5687eb63fbec7cdfad4ed8376bff90c8)

1 / 68      (Adware)

27 / 68    (Adware)
guninstaller.exe (Uninstaller by Babylon)  (3c9879979349aa2b0269fa6592867d16)

1 / 68      (Adware)
zilla jpg to pdf converter v2.0.0.exe  (ebc33ccb907891815a356507cf56e91a)

1 / 68      (Adware)
bobylyricsdisplay2.exe (BobyLyrics by BestOnlineBounty)  (ac797885b9dfa69a2ef533148492ccad)

1 / 68      (Adware)
ccleaner-4-04-4197-es-en-br-fr-de-it-cn-jp-win.exe  (3fcb26bfee05b94c8b3ed5c31da0b3ed)

1 / 68      (Adware)
bubble-bobble-nostalgie-2.9.exe  (a3e9f584e8d94284caf3267830e01464)

1 / 68      (Adware)
teclado-virtual-gratuito-2-7-en-win.exe  (f3d5cb352718f3d18ae2b5b3963a58ad)

1 / 68      (Adware)
showmypc-3050.exe  (8b3dfffad466ca3eaec98b491ade930b)

1 / 68      (Adware)

1 / 68      (Adware)
winrar-4-11-es-win.exe  (a53768449339af6c302660a60b9f40b0)

1 / 68      (Adware)
fireworks8-es.exe  (7bb7523826e97513725988cb235c9ade)

1 / 68      (Adware)
daemon-tools-4-46-1-lite-es-en-br-fr-de-it-cn-jp-win.exe  (0733a17e3a79fc5ed71634d2d7625c30)

24 / 68    (Adware)
setup.exe (Setup Module by Babylon)  (8d635b72761a97a519dfe0bfb4a39355)

24 / 68    (Adware)
setup.exe (Setup Module by Babylon)  (a0533e684781852370da46cc531bfbb5)

1 / 68      (Adware)
setiathome-win-3-08.exe  (b4508de10536020b9753ba41a3a76758)

1 / 68      (Adware)
game-booster-3-2-en-win.exe  (0e08beaa6fbb5d775a1b7349636c8d47)

1 / 68      (Adware)
buenosearchtb.exe  (fe1c09eebe5dd1f31b11722eea2d82c2)

1 / 68      (Adware)
utorrent-3-3-1-es-en-br-fr-de-it-cn-jp-ar-ru-win.exe  (db8dfa0a3e67c964419be01e64bf828f)

1 / 68      (Adware)

1 / 68      (Adware)
the-treasures-of-montezuma-3-en-win.exe  (185db08990817acb99aa92e8cbd445a2)

1 / 68      (Adware)

 
Latest 30 of 275 files

Downloads URLs for files signed by Visual Tools.

The following certificate is also signed by Visual Tools.

408E6A1AC8A6BFBB9F655878B36BA3AE  (Jan 19, 2015 to Jan 18, 2017)

The following publishers (by Authenticode signature organization name) are related.

Remove Visual Tools Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Visual Tools by Thawte, Inc. on January 09, 2013 with the serial number '789958b0264f06055619270074afa61f'.