» Vid.exe
Overview
Analysis
File Details
Behaviors (1)

Vid.exe

Logitech Vid

SightSpeed Inc.

The executable Vid.exe has been detected as malware by 10 anti-virus scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Logitech Vid’.

File name:

Vid.exe

Publisher:

Logitech Inc. (signed by SightSpeed Inc.)

Product:

Logitech Vid

Version:

6, 1, 6909, 0

MD5:

f6614449528e79adf310f25fe693f069

SHA-1:

0d404cb8dd164b8a20c431d36f630bf6126cd862

SHA-256:

4130afd5f43468f9033aa1ed2f7edc0b10d884c5652b10b62483efb78ef4a4fe

Scanner detections:

10 / 68

Status:

Malware

Analysis date:

4/19/2024 6:57:53 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:SaliCode

160518-2

AVG

Win32/Sality

2015.0.4604

Emsisoft Anti-Malware

Win32.Sality

11.5.0.6191

ESET NOD32

Win32/Sality.NBA virus

8.0.319.0

F-Prot

W32/Sality.gen2

4.6.5.141

F-Secure

Win32.Sality.3

5.15.96

Kaspersky

Virus.Win32.Sality

15.0.0.562

Microsoft Security Essentials

Threat.Undefined

1.225.1055.0

Norman

Win32.Sality.3

28.05.2016 15:32:18

VIPRE Antivirus

Threat.4721115

50516

File size:

5.3 MB (5,540,624 bytes)

Product version:

6, 1, 6909, 0

Trademarks:

Logitech, the Logitech logo, Logitech Vid, SightSpeed and the SightSpeed logo

Original file name:

Vid.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\logitech\logitech vid\vid.exe

Digital Signature

Signed by:

SightSpeed Inc.

Authority:

SightSpeed Inc.

Valid from:

4/10/2005 9:36:57 PM

Valid to:

12/18/2018 8:36:57 PM

Subject:

E=info@sightspeed.com, CN=ssl.sightspeed.com, OU=Master Cert, O=SightSpeed Inc., L=Berkeley, S=California, C=US

Issuer:

E=info@sightspeed.com, CN=ssl.sightspeed.com, OU=Master Cert, O=SightSpeed Inc., L=Berkeley, S=California, C=US

Serial number:

00D3C1AB8D2AEE6DEE

File PE Metadata

Compilation timestamp:

7/15/2009 10:34:14 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

98304:X7Chj1kzzrvn4KnKoAP+CgOO1bLB4b6EW:Xevgrv4K/5C4R

Entry address:

0x17BD3D

Entry point:

F2, 22, F8, F2, 68, 67, 61, FD, 00, 87, DD, 84, C8, 0D, C6, 10, 49, 6B, FF, CB, C7, C1, 20, 79, 7B, 16, 10, EE, 84, E3, C7, C1, 66, 27, 0A, C2, 0F, AF, CE, C7, C1, 17, 18, 1C, 60, 8A, FE, F6, C6, 9E, 8D, 2E, EB, 07, 08, C5, 86, FF, 80, C1, 25, 80, FB, C7, C6, C1, B8, 0F, BE, CD, 55, F2, 85, D9, 5F, C7, C1, B8, EE, D0, AB, 87, D9, 0F, AF, D9, EB, 05, F6, C4, CF, FF, CB, 57, 69, CD, 1F, AD, BD, A1, 4D, 5A, B7, 53, 84, EB, 81, D9, 89, 21, 3A, 10, FE, C7, 8A, D8, 0F, AF, FF, 8B, C2, 72, 02, 87, DD, 80, ED, 1E... 
[+]

Code size:

3.9 MB (4,112,384 bytes)

Startup File (User Run)

Registry location:

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Logitech Vid

Command:

"C:\Program Files\logitech\logitech vid\vid.exe" -bootmode

Remove Vid.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.