home

Vid.exe

Logitech Vid

SightSpeed Inc.

The executable Vid.exe has been detected as malware by 3 anti-virus scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Logitech Vid’.
Publisher:
Logitech Inc.  (signed by SightSpeed Inc.)

Product:
Logitech Vid

Version:
6, 1, 6909, 0

MD5:
547571c5ad1fadff7b02e2b4623d5a42

SHA-1:
3edaa781cb5b65ada1b140a63cf8fee5fcc7d110

SHA-256:
b360df15a31041b9d7578a1e3000e8dc84da8bec3f4ef95d7cb4a56abcdcd7e4

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
12/27/2024 5:44:13 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Gardih
160807-0

AVG
Win32/Hidrag.A
2013.0.4447

ESET NOD32
Win32/Jeefo.A virus
6.3

File size:
5.2 MB (5,495,056 bytes)

Product version:
6, 1, 6909, 0

Copyright:
Copyright © 2003-2009 Logitech Inc. All Rights Reserved

Trademarks:
Logitech, the Logitech logo, Logitech Vid, SightSpeed and the SightSpeed logo

Original file name:
Vid.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\logitech\logitech vid\vid.exe

Digital Signature
Signed by:
SightSpeed Inc.

Authority:
SightSpeed Inc.

Valid from:
4/10/2005 12:36:57 PM

Valid to:
12/18/2018 11:36:57 AM

Subject:
E=info@sightspeed.com, CN=ssl.sightspeed.com, OU=Master Cert, O=SightSpeed Inc., L=Berkeley, S=California, C=US

Issuer:
E=info@sightspeed.com, CN=ssl.sightspeed.com, OU=Master Cert, O=SightSpeed Inc., L=Berkeley, S=California, C=US

Serial number:
00D3C1AB8D2AEE6DEE

File PE Metadata
Compilation timestamp:
8/24/2001 8:00:00 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.55

CTPH (ssdeep):
49152:cgI1Lh8vs10WzE2Q/vxBzwypNnXgpXKnKWcw4SANR+ClHMIAM0h4zodk9UmNmE8J:Uhj1k1zrvn4KnKoAP+CgOO1bLB4b6R

Entry address:
0x11F0

Entry point:
55, 89, E5, 83, EC, 08, 83, C4, F4, 6A, 02, A1, C8, B2, 40, 00, FF, D0, E8, 79, FF, FF, FF, C9, C3, 00, 00, 00, 00, 00, 00, 00, 49, 6A, 65, 65, 66, 6F, 21, 45, 73, 62, 68, 70, 6F, 21, 77, 6A, 73, 76, 74, 2F, 21, 43, 70, 73, 6F, 21, 6A, 6F, 21, 62, 21, 75, 73, 70, 71, 6A, 64, 62, 6D, 21, 74, 78, 62, 6E, 71, 2F, 00, 5C, 00, 20, 00, 22, 00, 8D, 76, 00, 55, 89, E5, 8B, 4D, 08, 8B, 55, 0C, 31, C0, 39, D0, 73, 08, 00, 04, 08, 40, 39, D0, 72, F8, C9, C3, 8D, 76, 00, 55, 89, E5, 8B, 4D, 08, 8B, 55, 0C, 31, C0, 39...
 
[+]

Entropy:
6.5573

Packer / compiler:
Video-Lan-Client

Code size:
32.5 KB (33,280 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Logitech Vid

Command:
"C:\Program Files\logitech\logitech vid\vid.exe" -bootmode


Remove Vid.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.