uninstall.exe

Visicom Media Inc.

This is part of the Visicom VMN web browser toolbar and extension that will modify the browser's default search provider, DNS, and home page functions. The application uninstall.exe by Visicom Media has been detected as a potentially unwanted program by 4 anti-malware scanners. This file is typically installed with the program VMN Toolbar by Visicom Media Inc. which is a potentially unwanted software program.
Publisher:
Visicom Media Inc.  (signed and verified)

MD5:
4445ff71f98239492cd2cea863da6992

SHA-1:
bab2baa9e30faa7e2aaaed364aab5dc2b5211934

SHA-256:
fb5b23401716a6d45159ca08f184fbd9bdb58a72a3c2c82dd26b132cfe1ba1b8

Scanner detections:
4 / 68

Status:
Potentially unwanted

Analysis date:
11/14/2024 2:55:07 PM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Adware.VisicomMedia.J
2013.8.29.21

Dr.Web
Adware.VMN
9.0.1.0241

Reason Heuristics
PUP.VisicomMedia.J
14.8.7.19

Vba32 AntiVirus
Signed-AdWare.Win32.MegaSearch.j
3.12.16.4

File size:
69.3 KB (70,936 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\temp\~\$programfiles\vmntoolbar\uninstall.exe

Digital Signature
Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
6/23/2005 4:48:39 PM

Valid to:
6/20/2006 1:44:48 AM

Subject:
CN=Visicom Media Inc., OU=Secure Application Development, O=Visicom Media Inc., L=Brossard, S=Quebec, C=CA

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
3F88F4

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
1536:cNtY4MevGUUiT2M8GJHEp/rDtMm81exE1vnobT:cE4MmDOi6/rDt/Kexwni

Entry address:
0xE3C0

Entry point:
55, 8B, EC, 83, C4, F0, B8, 50, E3, 40, 00, E8, 90, 6A, FF, FF, 33, C0, 55, 68, 47, E4, 40, 00, 64, FF, 30, 64, 89, 20, BA, 30, 07, 41, 00, B8, 01, 00, 00, 00, E8, B7, 47, FF, FF, A1, 30, 07, 41, 00, BA, 5C, E4, 40, 00, E8, 2C, 62, FF, FF, 75, 0A, E8, 59, E2, FF, FF, E8, B4, CE, FF, FF, A1, 30, 07, 41, 00, BA, 70, E4, 40, 00, E8, 11, 62, FF, FF, 75, 0A, E8, FE, F2, FF, FF, E8, 99, CE, FF, FF, A1, 30, 07, 41, 00, BA, 84, E4, 40, 00, E8, F6, 61, FF, FF, 75, 05, E8, D3, FD, FF, FF, 33, C0, 5A, 59, 59, 64, 89...
 
[+]

Entropy:
6.6156

Developed / compiled with:
Microsoft Visual C++

Code size:
53.5 KB (54,784 bytes)

Startup File (All Users Run Once)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Name:
vmntoolbar

Command:
C:\users\{user}\appdata\local\temp\{random}.tmp\Program Files\vmntoolbar\"


The file uninstall.exe has been discovered within the following program.

VMN Toolbar  by Visicom Media Inc.
The VMN Toolbar is a Visicom toolbar installed in your Web browser that collects and stores information about your web browsing habits and sends this information to Visicom so they can suggest services or provide ads via the toolbar.
software.visicommedia.com
78% remove it
 
Powered by Should I Remove It?

Remove uninstall.exe - Powered by Reason Core Security