Should I block it?

60%
60% of PCs block this file from running.
Possible reason:
Performance resource utilization

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegQueryValueExA, RegOpenKeyExA, RegCloseKey, RegSetValueExA, RegFlushKey, RegCreateKeyExA, ConvertStringSecurityDescriptorToSecurityDescriptorW, StartServiceA, QueryServiceStatus, OpenServiceA, OpenSCManagerA, CloseServiceHandle
comctl32.dll
_TrackMouseEvent, ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_GetIcon, ImageList_Remove, ImageList_DrawEx, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_Add, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create, InitCommonControls
comdlg32.dll
GetOpenFileNameA
gdi32.dll
UnrealizeObject, StretchBlt, SetWindowOrgEx, SetWinMetaFileBits, SetViewportOrgEx, SetTextColor, SetStretchBltMode, SetROP2, SetPixel, SetMapMode, SetEnhMetaFileBits, SetDIBitsToDevice, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SelectPalette, SelectObject, SelectClipRgn, SaveDC, RoundRect, RestoreDC, Rectangle, RectVisible, RealizePalette, Polyline, PlayEnhMetaFile, PatBlt, MoveToEx, MaskBlt, LineTo, LPtoDP, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetTextMetricsA, GetTextExtentPoint32A, GetSystemPaletteEntries, GetStockObject, GetRgnBox, GetPixel, GetPaletteEntries, GetObjectA, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileDescriptionA, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetClipBox, GetBrushOrgEx, GetBitmapBits, ExtTextOutA, ExtCreateRegion, ExcludeClipRect, Ellipse, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreateRectRgn, CreatePenIndirect, CreatePalette, CreateHalftonePalette, CreateFontIndirectA, CreateEnhMetaFileA, CreateDIBitmap, CreateDIBSection, CreateDCA, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, CombineRgn, CloseEnhMetaFile, BitBlt
kernel32.dll
GetACP, Sleep, VirtualFree, VirtualAlloc, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, ExitThread, CreateThread, CompareStringA, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle, TlsSetValue, TlsGetValue, LocalAlloc, lstrcpyA, lstrcmpA, WritePrivateProfileStringA, WaitNamedPipeA, WaitForSingleObject, WaitForMultipleObjects, UnmapViewOfFile, SuspendThread, SleepEx, SizeofResource, SetThreadLocale, SetNamedPipeHandleState, SetLastError, SetFilePointer, SetEvent, SetErrorMode, SetEndOfFile, ResumeThread, ResetEvent, ReadFile, OpenProcess, MulDiv, MapViewOfFile, LockResource, LocalFree, LoadResource, LoadLibraryA, LeaveCriticalSection, InitializeCriticalSection, GlobalUnlock, GlobalSize, GlobalLock, GlobalFree, GlobalFindAtomA, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetVersionExA, GetVersion, GetUserDefaultLCID, GetTickCount, GetPrivateProfileStringA, GetLocalTime, GetLastError, GetFullPathNameA, GetFileAttributesA, GetExitCodeThread, GetDriveTypeA, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentProcessId, GetComputerNameA, GetCPInfo, FreeResource, InterlockedExchange, FormatMessageA, FindResourceA, FindNextFileA, EnumCalendarInfoA, EnterCriticalSection, DeleteCriticalSection, CreateMutexA, CreateFileMappingA, CreateFileA, CreateEventA, CloseHandle
ole32.dll
CreateStreamOnHGlobal, IsAccelerator, OleDraw, OleSetMenuDescriptor, CoTaskMemFree, CoTaskMemAlloc, ProgIDFromCLSID, StringFromCLSID, CoCreateInstance, CoGetClassObject, CoUninitialize, CoInitialize, IsEqualGUID
oleaut32.dll
SysFreeString, SysReAllocStringLen, SysAllocStringLen, GetErrorInfo, GetActiveObject, SafeArrayPtrOfIndex, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayCreate, VariantChangeType, VariantCopy, VariantClear, VariantInit
shell32.dll
Shell_NotifyIconA, ShellExecuteA, SHGetFileInfoA, ExtractIconExA, SHGetSpecialFolderPathA
user32.dll
GetKeyboardType, DestroyWindow, LoadStringA, MessageBoxA, CharNextA, DllMain, AllowSetForegroundWindow
version.dll
VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA

comcastantispy.exe

By Visicom Media Inc. (Signed)

Remove comcastantispy.exe
Version:   2.3.0.103
MD5:   1192f1b00602918614e65b27b6560745
SHA1:   7cc22f23b57c1a57f84278559c8e5f06349e8cd0
SHA256:   156092fb62582a6af7b759edefec2c7a2b216ff236c9aa9d8382745647e89ba8

What is comcastantispy.exe?

Comcast Toolbar is a Visicom toolbar installed in your Web browser that collects and stores information about your web browsing habits and sends this information to Visicom so they can suggest services or provide ads via the toolbar. Comcast has a built in site scanner to look for web sites that could present security risks.

Overview

comcastantispy.exe executes as a process with the local user's privileges. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). The file is digitally signed by Visicom Media Inc. which was issued by the Thawte Consulting (Pty) Ltd. certificate authority (CA).

DetailsDetails

File name:comcastantispy.exe
Typical file path:C:\Program Files\comcasttb\comcastspywarescan\comcastantispy.exe
File version:2.3.0.103
Product version:1.0.0.0
Size:1.52 MB (1,589,208 bytes)
Certificate
Issued to:Visicom Media Inc.
Authority (CA):Thawte Consulting (Pty) Ltd.
Effective date:Tuesday, May 27, 2008
Expiration date:Tuesday, June 22, 2010
Digital DNA
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'ComcastAntispyClient' → "C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00291839%
0.028634%
Kernel CPU:0.00146251%
0.013761%
User CPU:0.00145588%
0.014873%
Kernel CPU time:868,426 ms/min
100,923,805ms/min
CPU cycles:2,371,555/sec
17,470,203/sec
Memory
Private memory:5.61 MB
21.59 MB
Private (maximum):6.91 MB
Private (minimum):4.2 MB
Non-paged memory:5.61 MB
21.59 MB
Virtual memory:58.82 MB
140.96 MB
Virtual memory (peak):58.82 MB
169.69 MB
Working set:4.26 MB
18.61 MB
Working set (peak):7.55 MB
37.95 MB
Page faults:5,949/min
2,039/min
I/O
I/O read transfer:4 Bytes/sec
1.02 MB/min
I/O read operations:1/sec
343/min
I/O write transfer:2 Bytes/sec
274.99 KB/min
I/O write operations:1/sec
227/min
I/O other transfer:6 Bytes/sec
448.09 KB/min
I/O other operations:146/sec
1,671/min
Resource allocations
Threads:2
12
Handles:136
600
GUI GDI count:47
103
GUI USER count:23
49

BehaviorsProcess properties

Integrety level:Medium
Platform:32-bit
Command line:"C:\Program Files\comcasttb\comcastspywarescan\comcastantispy.exe" /hide
Owner:User
Parent process:Explorer.EXE (Windows Explorer by Microsoft)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 50.00%
Windows Vista Home Premium 33.33%
Microsoft Windows XP 16.67%

Distribution by countryDistribution by country

United States installs about 100.00% of comcastantispy.exe.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Toshiba 50.00%
Dell 50.00%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE