uninstall.exe

Panda Safe Web

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application uninstall.exe, “Panda Safe Web Uninstaller” by Visicom Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is the uninstaller utility registered in the Windows Control Panel for the program Panda Safe Web by Panda Security and Visicom Media Inc..
Publisher:
Panda Security and Visicom Media Inc.  (signed by Visicom Media Inc.)

Product:
Panda Safe Web

Description:
Panda Safe Web Uninstaller

Version:
4.3

MD5:
f38da1cd1df115ce1fef1fe374ec0346

SHA-1:
8c8d6b0f825270d2b97be3251d5cb66072cc5f06

SHA-256:
4b66414b5601600b108f3e941c267eb43596cf4aa9e1d7109c6b553c946eaa30

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 3:19:18 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Visicom (M)
17.3.12.5

File size:
734.8 KB (752,432 bytes)

Product version:
4.3.1.20

Copyright:
© Visicom Media Inc. (License)

Trademarks:
Panda Security and Visicom Media Inc., All Rights Reserved

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\Program Files\pandasecuritytb\uninstall.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
2/8/2015 7:00:00 PM

Valid to:
2/8/2017 6:59:59 PM

Subject:
CN=Visicom Media Inc., OU=Visicom Media Inc., O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
0F7022688814C950B353E71B8D1C1D84

File PE Metadata
Compilation timestamp:
12/5/2009 5:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
6.3043

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

Program Uninstaller
Program name:
Panda Safe Web

Display publisher:
Panda Security and Visicom Media Inc.

Display version:
4.3.1.20

Uninstall string:
C:\Program Files (x86)\pandasecuritytb\uninstall.exe


Remove uninstall.exe - Powered by Reason Core Security