home

ue_toolbar.dll

UltraEdit Toolbar

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The module ue_toolbar.dll by Visicom Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
IDM Computer Solutions Inc.  (signed by Visicom Media Inc.)

Product:
UltraEdit Toolbar

Version:
5.0.0.20

MD5:
cdf1ba86f345bec5764eed734be9657c

SHA-1:
26d776433373f03e80f3621b328068a9f5465f87

SHA-256:
55b0e59c1893fc3f5043cf5e1d57c8f728fefe4e6c6a2c4bcf3d59fcabedf25d

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/14/2024 2:43:49 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Visicom.VisicomMedia.Toolbar (M)
16.2.23.14

File size:
1.8 MB (1,927,360 bytes)

Product version:
1.0.0.0

Trademarks:
IDM Computer Solutions Inc.

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\ue_toolbar\ue_toolbar.dll

Digital Signature
Signed by:
Visicom Media Inc.

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
5/30/2006 5:00:00 PM

Valid to:
6/21/2007 4:59:59 PM

Subject:
CN=Visicom Media Inc., OU=SECURE APPLICATION DEVELOPMENT, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
46009F112341EB9E47AD9A71D868DC95

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:3rO70iE3Cvu9R1qODJTmF1XN4YylpcrufN7wNKzpxWrmNx0:3rOYiESsR8ODJTmFdNZepYgp8rmNm

Entry address:
0x18F024

Entry point:
55, 8B, EC, 83, C4, C4, B8, F4, D3, 58, 00, E8, F0, 87, E7, FF, 83, 3D, FC, 57, 59, 00, 00, 75, 14, B8, 04, D3, 58, 00, A3, FC, 57, 59, 00, B8, 01, 00, 00, 00, E8, B3, E2, FF, FF, E8, 12, 60, E7, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.3409

Developed / compiled with:
Microsoft Visual C++

Code size:
1.6 MB (1,629,184 bytes)

Remove ue_toolbar.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.