home

vidtomp3tb.dll

VidToMP3.com Toolbar

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The module vidtomp3tb.dll by Visicom Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Visicom Media Inc.  (signed and verified)

Product:
VidToMP3.com Toolbar

Version:
5, 0, 8, 92

MD5:
24b674338fae0261bfc6d520ee0b174d

SHA-1:
c4b5318a64516aee6b860dda2e9b2eadbfbce921

SHA-256:
7317203bd3a8fa5f64b5282e983921b49ab6e760074e9613e32ffe572542bf50

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/25/2024 7:55:43 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Visicom.VisicomMedia.Toolbar (M)
15.12.31.14

File size:
512.7 KB (524,968 bytes)

Product version:
5.0.8.92

Copyright:
© 2009 Visicom Media Inc.

Original file name:
vidtomp3tb.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\vidtomp3tb\vidtomp3tb.dll

Digital Signature
Signed by:
Visicom Media Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
5/28/2008 3:00:00 AM

Valid to:
6/23/2010 2:59:59 AM

Subject:
CN=Visicom Media Inc., OU=SECURE APPLICATION DEVELOPMENT, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
70DEF7A1CF826EC0B9F2257933EA429B

File PE Metadata
Compilation timestamp:
10/27/2009 11:01:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
12288:cLB/cn9+T1CfIroJxSGrnM1yWV/Sxzsd4NII9Npxohb67pCFAiHBV/SyWTsIr9f:cLB/cnoTrrh5cTxzoyB5uhbqwkyWTZ9f

Entry address:
0x38775

Entry point:
6A, 0C, 68, 00, 02, 06, 10, E8, 8F, CB, FF, FF, 33, C0, 40, 89, 45, E4, 8B, 75, 0C, 33, FF, 3B, F7, 75, 0C, 39, 3D, 10, 6C, 07, 10, 0F, 84, B3, 00, 00, 00, 89, 7D, FC, 3B, F0, 74, 05, 83, FE, 02, 75, 31, A1, BC, 85, 07, 10, 3B, C7, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D0, 89, 45, E4, 39, 7D, E4, 0F, 84, 85, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 22, FE, FF, FF, 89, 45, E4, 3B, C7, 74, 72, 8B, 5D, 10, 53, 56, FF, 75, 08, E8, 9D, F5, FC, FF, 89, 45, E4, 83, FE, 01, 75, 0E, 3B, C7, 75, 0A, 53, 57, FF...
 
[+]

Entropy:
6.6379

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
360 KB (368,640 bytes)

Remove vidtomp3tb.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.