Technical information: |
|
| Icon status | No tray icon |
| Icon setting | Not in the system tray |
| Executable file | C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe |
| Version | 1.0 |
| Parent process | C:\WINDOWS\explorer.exe |
| Can be uninstalled | Yes |
| Autorun | Started form registry |
| Key | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
| Value | Anti-phishing Domain Advisor |
| Encrypted | No |
| Size on disk | 212.1 Kb |
| Minimum recorded memory usage | 6.4 Mb |
| Average recorded memory usage | 6.4 Mb |
| Maximum recorded memory usage | 6.4 Mb |
| Date when maximum memory usage occured | 4/30/2012 11:35:00 AM |
| Minimum recorded CPU usage | 0% |
| Average recorded CPU usage | 0% |
| Maximum recorded CPU usage | 0% |
| Date when maximum CPU usage occured | 4/30/2012 11:35:00 AM |
| Started at | 4/30/2012 11:17:28 AM |
| Total CPU time | 3 seconds |
| Imported functions | [-] Imported from KERNEL32.dllCloseHandle
CopyFileA
CreateDirectoryA
CreateFileA
CreateFileMappingA
CreateMutexA
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCPInfo
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileAttributesA
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LocalFileTimeToFileTime
LocalFree
MapViewOfFile
MoveFileA
MultiByteToWideChar
OpenMutexA
QueryPerformanceCounter
RaiseException
ReadFile
RemoveDirectoryA
RtlUnwind
SetEndOfFile
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
[-] Imported from ADVAPI32.dllConvertStringSecurityDescriptorToSecurit...
GetSecurityDescriptorSacl
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetSecurityInfo
|
| Some relevant texts from the exe file | [-] Click here to hide detailswww.visicommedia.com0
http://ocsp.thawte.com0
-http://crl.thawte.com/ThawteCodeSigningCA.crl0
0http://crl.verisign.com/ThawteTimestampingCA.crl0
http://ocsp.verisign.com0
http://crl.verisign.com/tss-ca.crl0
/http://crl.thawte.com/ThawtePremiumServerCA.crl0
www.cloudantivirus.com/testurlfilter/
www.visicommedia.com/phishingtest/
!This program cannot be run in DOS mode.
invalid string position
Unknown exception
CorExitProcess
mscoree.dll
EncodePointer
KERNEL32.DLL
DecodePointer
FlsSetValue
FlsGetValue
runtime error
SING error
DOMAIN error
Please contact the application
s support team for more information.
- not enough space for locale information
- Attempt to initialize the CRT more than once.
This indicates a bug in your application.
- CRT not initialized
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
- not enough space for environment
- not enough space for arguments
- floating point support not loaded
Microsoft Visual C++ Runtime Library
<program name unknown>
Runtime Error!
SunMonTueWedThuFriSat
JanFebMarAprMayJunJulAugSepOctNovDec
bad exception
GetProcessWindowStation
GetUserObjectInformationA
GetLastActivePopup
GetActiveWindow
MessageBoxA
USER32.DLL
Complete Object Locator
Class Hierarchy Descriptor
Base Class Descriptor at (
Type Descriptor
`local static thread guard
`managed vector copy constructor iterator
`vector vbase copy constructor iterator
`vector copy constructor iterator
`dynamic atexit destructor for
`dynamic initializer for
`eh vector vbase copy constructor iterator
`eh vector copy constructor iterator
`managed vector destructor iterator
`managed vector constructor iterator
`placement delete[] closure
`placement delete closure
`omni callsig
`local vftable constructor closure
`local vftable
`udt returning
`copy constructor closure
`eh vector vbase constructor iterator
`eh vector destructor iterator
`eh vector constructor iterator
`virtual displacement map
`vector vbase constructor iterator
`vector destructor iterator
`vector constructor iterator
`scalar deleting destructor
`default constructor closure
`vector deleting destructor
`vbase destructor
`local static guard
__unaligned
bad allocation
Software\AppDataLow\Software\
HaulConfig 22:
product_status
last_version
copy_files
HaulConfig 90:
HaulConfig 91:
urlfilter.vmn.net/vmnsbf/stamp.txt
HaulCatalog, Stamp-
urlfilter.vmn.net/vmnsbf/catalog.list
HaulCatalog 33-
\catalog.list
urlfilter.vmn.net/vmnsbf/data/
HaulKegs 22:
HaulKegs 44:
HaulKegs 66:
LoadRisk 22:
Load less keg:
Load more keg:
LoadRisk: total keg size:
_sbf_risk_file_name_
_sbf_mutex_risk_access_
LoadRisk RiskFileName:
LoadRisk riskSize:
SetObjectToLowIntegrity:mmfRisk
PriorityLevel:
_nea_priority_
_nea_single_
map/set<T> too long
invalid map/set<T> iterator
incompatible version
buffer error
insufficient memory
data error
stream error
file error
need dictionary
inflate 1.1.3 Copyright 1995-1998 Mark Adler
- unzip 0.15 Copyright 1998 Gilles Vollant
invalid literal/length code
invalid distance code
invalid block type
invalid stored block lengths
too many length or distance symbols
invalid bit length repeat
oversubscribed dynamic bit lengths tree
incomplete dynamic bit lengths tree
oversubscribed literal/length tree
incomplete literal/length tree
oversubscribed distance tree
incomplete distance tree
empty distance tree with lengths
unknown compression method
invalid window size
incorrect header check
incorrect data check
GetProcessHeap
.?AVtype_info@@
abcdefghijklmnopqrstuvwxyz
.?AVbad_exception@std@@
.?AVexception@std@@
.?AVout_of_range@std@@
.?AVlogic_error@std@@
.?AVlength_error@std@@
Safe Browsing Firewall
All Files (*.*)
an unnamed file
No error message is available.
Attempted an unsupported operation.
A required resource was unavailable.
Out of memory.
Incorrect filename.
Failed to open document.
Failed to save document.
Save changes to
1? Failed to create empty document.
The file is too large to open.
Could not start print job.
Failed to launch help.
Internal application error.
Enter an integer.
Enter a number.
Enter an integer between
2.!Enter a number between
2.!Enter no more than
Select a button.
Enter an integer between 0 and 255.
Enter a positive integer.
Enter a date and/or time.
Enter a currency.
Enter a GUID.
Enter a time.
Unexpected file format.O
Cannot find this file.
1.1Encountered an unexpected error while writing
Continue running script?
Dispatch exception:
Unable to read write-only property.
Unable to write read-only property.
Unable to load mail system support.
1 was not found.
1 contains an incorrect path.8Could not open
1 because there are too many open files.
Access to
1.8Could not remove
1 because the directory is full.
Seek failed on
Disk full while accessing
Attempted to access
1 past its end.
Attempted to write to the reading
Attempted to read from the writing
1 contained an unexpected object.
1 contains an incorrect schema.
VS_VERSION_INFO
VarFileInfo
Translation
StringFileInfo
CompanyName
Visicom Media Inc. (Powered by Panda Security)
FileDescription
Visicom Media Anti-phishing Domain Advisor
FileVersion
LegalCopyright
Copyright (C) 2010 Visicom Media Inc.
ProductName
Anti-phishing Domain Advisor
ProductVersion
urn:schemas-microsoft-com:asm.v1
manifestVersion=
<trustInfo xmlns=
urn:schemas-microsoft-com:asm.v3
<security>
uiAccess=
></requestedExecutionLevel>
</security>
</trustInfo>
=*=0=7=>=E=L=S=Z=a=i=q=y=
Cape Town1
Thawte Consulting cc1(0
Certification Services Division1!0
Thawte Premium Server CA1(0
premium-server@thawte.com0
Thawte Consulting (Pty) Ltd.1
Thawte Code Signing CA0
PrivateLabel2-1440
VeriSign Time Stamping Services CA0
+VeriSign Time Stamping Services Signer - G20
Durbanville1
Thawte Certification1
Thawte Timestamping CA0
Visicom Media Inc.1
SECURE APPLICATION DEVELOPMENT1
Visicom Media Inc.0
Thawte Code Signing CA
VeriSign Time Stamping Services CA
|
"Visicom Media Anti-phishing Domain Advisor" that belongs to "Anti-phishing Domain Advisor" made by "Visicom Media Inc. (Powered by Panda Security)" 
