VidShake

VidShake

Known Malware

by Pinball Corporation

What is VidShake?

VidShake is software application developed by Pinball Corporation. It is most commonly found on computers running Windows 7 with nearly 66.67% of installations running this operating system. VidShake's installer is typically 1.00 MB in size and installs around 4 files. The most common release is 1.0.9.0 with 33.33% of all installations currently using this version.

VidShake is most popular in the United States with 87.50% of installations residing in this country.

VidShake adds 1 scheduled task to the Windows Task Scheduler launching the program at randomly scheduled times.

About VidShake?

The software may include third-party software from a Pinball Corporation partner, and by registering for and using any third-party software, you agree to the third party's privacy policy, if applicable. When you register for or use third-party software, both Pinball Corporation and the third-party software provider will have access to any information collected by Pinball Corporation during your registration, and Pinball Corporation's use of your information will be governed by our Privacy Policy. If you would like to understand how a Pinball Corporation partner may use your registration information, or if they are independently collecting information through your use of third-party software, please refer to the third-party software provider's privacy policy.

Multiple virus scanners have detected malware in VidShake.

VidShakeUninstaller.exe (MD5: 6dcd90b88da77e48ad6c721e3604f124) has been flagged by 12 scanners:
Scanner Software Result
Avira AntiVir TR/NSIS.Bar.A.11
avast! NSIS:HotBar-A [Adw]
AVG Zango
Comodo Security UnclassifiedMalware
Fortinet FortiGate Adware/Shopper
G Data NSIS:HotBar-A
IKARUS anti.virus not-a-virus:AdWare.Win32.Shopper
Jiangmin AdWare/Shopper.dt
Kaspersky not-a-virus:AdWare.Win32.Shopper.aad
Kingsoft AntiVirus VIRUS_UNKNOWN
Panda Antivirus Suspicious file
TrendMicro-HouseCall TROJ_GEN.F47V1116
vidshakeSAHook.dll (MD5: 18e48c211b4f7b193a2074fc90f91da0) has been flagged by 33 scanners:
Scanner Software Result
Avira AntiVir Adware/Hotbar.GT.10
Antiy-AVL AdWare/Win32.Shopper
AVG Skodna.Generic_r.M
Baidu-International Adware.Win32.HotBar.S
Bitdefender Adware.Hotbar.GT
Comodo Security UnclassifiedMalware
Dr.Web Adware.Shopper.312
Emsisoft Anti-Malware Adware.Hotbar.GT (B)
ESET-NOD32 a variant of Win32/Adware.HotBar.S
F-Secure Adware.Hotbar.GT
G Data Adware.Hotbar.GT
IKARUS anti.virus AdWare.Win32.HotBar
Jiangmin AdWare/Shopper.du
K7 AntiVirus Riskware
K7GW Riskware
Kingsoft AntiVirus Win32.Troj.Generic.a.(kcloud)
Malwarebytes Adware.HotBar.VS
Microsoft Security Essentials Adware:Win32/Hotbar
NANO AntiVirus Trojan.Win32..bczajp
Sophos Hotbar
Symantec WS.Reputation.1
Trend Micro TROJ_GEN.RCBCDF9
TrendMicro-HouseCall TROJ_GEN.RCBCDF9
Vba32 AntiVirus AdWare.Shopper.rn.7697342
VIPRE Antivirus Hotbar
Agnitum Outpost Adware.Agent!FfOa0qAufaw
avast! Win32:HotBar-CB [Adw]
CAT-QuickHeal AdWare.Hotbar (Not a Virus)
MicroWorld-eScan Gen:Adware.Heur.qu0@ReFS4Sii
SUPERAntiSpyware Adware.Agent/Gen-Pinball
Fortinet FortiGate Adware/Shopper
Kaspersky not-a-virus:AdWare.Win32.Shopper.aad
Panda Antivirus Suspicious file
vidshakeSA.exe (MD5: 13152f230357fa136f7472de23b7c5a1) has been flagged by 37 scanners:
Scanner Software Result
Agnitum Outpost Adware.Agent
Avira AntiVir SPR/Tool.746496.1
avast! Win32:HotBar-BZ [Adw]
AVG Skodna.Generic_r.L
Bitdefender Application.Generic.430515
Comodo Security UnclassifiedMalware
Dr.Web Adware.Zango.15
ESET-NOD32 probably a variant of Win32/Adware.180Solutions
F-Prot W32/180Solutions.D.gen
F-Secure Application.Generic.430515
G Data Application.Generic.430515
IKARUS anti.virus not-a-virus:AdWare.Win32.Shopper
Jiangmin Trojan/Genome.dpkt
K7 AntiVirus Adware
K7GW Riskware
Kaspersky Trojan.Win32.Genome
Malwarebytes Adware.HotBar.CP
McAfee RDN/Generic PUP.x!rb
McAfee-GW-Edition RDN/Generic PUP.x!rb
Microsoft Security Essentials Adware:Win32/Hotbar
MicroWorld-eScan Application.Generic.430515
NANO AntiVirus Trojan.Win32.Zango.bcieys
PC Tools Adware.ZangoSearch!rem
Sophos Generic PUA HJ
Symantec Adware.ZangoSearch
VIPRE Antivirus Pinball Corporation
Antiy-AVL AdWare/Win32.Shopper
Baidu-International Adware.Win32.HotBar.S
Emsisoft Anti-Malware Adware.Hotbar.GT (B)
Kingsoft AntiVirus Win32.Troj.Generic.a.(kcloud)
Trend Micro TROJ_GEN.RCBCDF9
TrendMicro-HouseCall TROJ_GEN.RCBCDF9
Vba32 AntiVirus AdWare.Shopper.rn.7697342
CAT-QuickHeal AdWare.Hotbar (Not a Virus)
SUPERAntiSpyware Adware.Agent/Gen-Pinball
Fortinet FortiGate Adware/Shopper
Panda Antivirus Suspicious file
VidShakeSACB.exe (MD5: c66ed83993d3c94921d805a252a19c16) has been flagged by 24 scanners:
Scanner Software Result
Agnitum Outpost Adware.Agent!FfOa0qAufaw
Avira AntiVir Adware/Agent.274944.8
avast! Win32:HotBar-CB [Adw]
AVG Generic5.NPC
Bitdefender Gen:Adware.Heur.qu0@ReFS4Sii
CAT-QuickHeal AdWare.Hotbar (Not a Virus)
Comodo Security UnclassifiedMalware
Emsisoft Anti-Malware Gen:Adware.Heur.qu0@ReFS4Sii (B)
F-Secure Gen:Adware.Heur.qu0@ReFS4Sii
G Data Gen:Adware.Heur.qu0@ReFS4Sii
IKARUS anti.virus not-a-virus:AdWare.Win32.Shopper
K7 AntiVirus Riskware
Malwarebytes Adware.HotBar.Gen
Microsoft Security Essentials Adware:Win32/Hotbar
MicroWorld-eScan Gen:Adware.Heur.qu0@ReFS4Sii
SUPERAntiSpyware Adware.Agent/Gen-Pinball
Symantec WS.Reputation.1
Trend Micro TROJ_GEN.RCBCDL2
TrendMicro-HouseCall TROJ_GEN.RCBCDL2
Fortinet FortiGate Adware/Shopper
Jiangmin AdWare/Shopper.dt
Kaspersky not-a-virus:AdWare.Win32.Shopper.aad
Kingsoft AntiVirus VIRUS_UNKNOWN
Panda Antivirus Suspicious file

Software Behaviors

Scheduled tasks:
  • vidshakeSA.exe is scheduled as a task named 'RunAsStdUser Task' (runs on registration).

Startup Entries

Registry entries:
  • vidshakeSA.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'vidshakeSA' and executes as "C:\users\user\appdata\Local\vidshakeSA\bin\1.0.8.0\vidshakeSA.exe".

Software Details

URL:
https://www.vidshake.com
Support:
https://www.vidshake.com/support.html
Installation path:
C:\users\user\appdata\local\vidshakesa\bin\1.0.9.0
Uninstaller:
"C:\users\user\appdata\Local\vidshakeSA\bin\1.0.9.0\VidShakeUninstaller.exe" Web
Size:
1.00 MB
Language:
English

VidShake Executable Details

Primary executable:
vidshakeSA.exe
Name:
VidShake
Path:
C:\users\user\appdata\local\vidshakesa\bin\1.0.9.0\vidshakeSA.exe
MD5:
13152f230357fa136f7472de23b7c5a1
SHA-1:
SHA-256:
Files installed by VidShake
File Type Filename MD5
EXE
VidShakeUninstaller.exe
Malware
6dcd90b88da77e48ad6c721e3604f124
DLL
vidshakeSAHook.dll
Malware
18e48c211b4f7b193a2074fc90f91da0
EXE
vidshakeSA.exe
Malware
13152f230357fa136f7472de23b7c5a1
EXE
VidShakeSACB.exe
Malware
c66ed83993d3c94921d805a252a19c16