uninstall.exe

Panda Security URL Filtering

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application uninstall.exe, “Panda Security URL Filtering Uninstaller” by Visicom Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer.
Publisher:
Panda Security  (signed by Visicom Media Inc.)

Product:
Panda Security URL Filtering

Description:
Panda Security URL Filtering Uninstaller

Version:
2.0

MD5:
a7bdd669848d130e285fee7897315ab9

SHA-1:
5410b96247fb6a4fcc73e55a9a89dae1788c6ac6

SHA-256:
6fb80ec9393b5d3cec304a9743c69c79f9045ac6d62bc8ae532bc63208a7847c

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 3:31:29 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Visicom (M)
17.3.9.5

File size:
173.3 KB (177,504 bytes)

Product version:
2.0.1.48

Copyright:
© Panda Security

Trademarks:
Panda Security, All Rights Reserved

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Common path:
C:\Program Files\panda security url filtering\uninstall.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
2/9/2015 3:00:00 AM

Valid to:
2/9/2017 2:59:59 AM

Subject:
CN=Visicom Media Inc., OU=Visicom Media Inc., O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
0F7022688814C950B353E71B8D1C1D84

File PE Metadata
Compilation timestamp:
12/6/2009 1:50:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
6.3230

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

Remove uninstall.exe - Powered by Reason Core Security