home

MediaSave Co., Ltd.

Publisher Information

MediaSave Co., Ltd. is a software developer located in Haeundae-gu, Busan in Korea*.
Authority:
Thawte, Inc.

Valid from:
8/17/2010 9:00:00 AM

Valid to:
8/17/2012 8:59:59 AM

Subject:
CN="MediaSave Co., Ltd.", OU=EC Team, O="MediaSave Co., Ltd.", L=Haeundae-gu, S=Busan, C=KR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
5e0397df89b2f3684c31972bf965b73c

Scanner detections:
Malware distribution  (52% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MediaSaveCo.Reputation, Threat.Win.Reputation.IMP
70.00%

AVG
Suspicion: unknown virus, Adware Skodna.Generic.MK, Generic4, MalSign.Generic, Generic35, SHeur4
40.00%

AhnLab V3 Security
PUP/Win32.MulDown, PUP/Win32.TopUtil, PUP/Win32.Searchhost, Win-PUP/Downloader.TopUtil.1693360, PUP/Win32.Helper, Win-PUP/Helper.Searchhost.1813640
26.67%

Comodo Security
TrojWare.Win32.Trojan.Agent.Gen, ApplicUnwnt.Win32.AdWare.Delf.D, Heur.Suspicious, UnclassifiedMalware
23.33%

IKARUS anti.virus
Trojan-GameThief.Win32.Tibia, Trojan.SuspectCRC
20.00%

VIPRE Antivirus
Threat.4150696, Trojan.Win32.Generic, Trojan.Win32.Generic!SB.0
16.67%

Malwarebytes
Adware.Filenolja, Adware.SearchIn, Adware.KorAd
16.67%

Avira AntiVirus
SPR/Tool.502400, SPR/Tool.502408.1, Adware/Dldr.Joy.B, Adware/JOY.A, TR/Qutil.A
16.67%

McAfee
Artemis!61E1F4276B91, Artemis!CCA055D45DC7, Artemis!423F109ADA0A, Artemis!1F0B487BEB67, Artemis!73A934F1F367
16.67%

Trend Micro House Call
TROJ_GEN.F47V0723, TROJ_GEN.F47V0404, ADW_SEARCHHOST, TROJ_DLOADR.BTC
13.33%

1 / 68      (Malware)
mp3_converter.exe (Download Launcher)  (9a26b71a0c6fca30c5bae88b339bd708)

1 / 68      (Malware)
totobrowser(ver2.2.1.7).zip.exe (Download Launcher)  (0ea42abb0d17a7976b949840548539ff)

1 / 68      (Malware)
curriculum_vitae.zip.exe (Download Launcher)  (b09ad2042e273bb9dddf42d02c25842c)

23 / 68    (PUP)
34788_bublbobl.exe  (73a934f1f367cc83a12555f684112634)

2 / 68
goldwave 5.58.exe (Download Launcher)  (47843c0dcd9d7f5fab30d2b56ec40b12)

1 / 68      (Malware)
deluxe1.0.rar.exe (Download Launcher)  (15eae34dfecfea8bab258fc2de1b3594)

0 / 68
Searchhost.exe (by MediaSave)  (2a84d0058b96659ebdd6f9b5d99049a1)

1 / 68      (Malware)
sosi_h.exe (Download Launcher)  (e710c953825471599ae1ebb4d8c46b41)

1 / 68      (Malware)
samsung_usb_driver.exe (Download Launcher)  (98e7d0d28bbca24dbe56b4a519be2066)

0 / 68
searchhost_setup.exe  (7e5dceddfb0093b192862ad4562302e3)

0 / 68
setup_thecine.exe  (9a21f5eb82705551694f66a2537dbc4a)

0 / 68
dbfile.exe  (dfc67e198be3a662a2d88e54c4a72337)

0 / 68
34964_내용증명서양식.exe.part0  (55588a61c84ff31cb463d64de2c933f5)

0 / 68
totobrowser_2.2.1.1.alz.exe (Download Launcher)  (03aeb271093a7630259b30f2ab01f81a)

0 / 68
dbfileup.exe  (b955a662783206a09f7d429c5487cca2)

0 / 68
dbfiledown.exe  (c82c9be066fe05066f7153ce02557edc)

0 / 68
UpdateWindow.exe  (cb032b140bcbb4519b07f0f81b73319b)

1 / 68      (Malware)
d3dx9_43.dll.exe (Download Launcher)  (912eeb6ec501dfee657400082b5a4fa6)

0 / 68
sinfiledown.exe (down_client by SinFile)  (6ff80717418c9cfd90112897a2b29718)

6 / 68      (Malware)
34814_gomrecordersetup.exe  (1f0b487beb67817584e87b65d178f9ee)

13 / 68    (PUP)
SearchhostUpdate.exe (SearchhostUpdate by Mediasave)  (423f109ada0a5108789a61c8a60da0e9)

1 / 68      (Malware)
chaos_faction2.swf.exe (Download Launcher)  (c7b5d9523dc9fe9d3b5d6961491ee9b9)

0 / 68
setup_freeauction_bacon.exe  (ecd1fd66f8b9c51888365fe78a5b6690)

0 / 68
rename.exe  (dd505474bf46af179165267af70e9673)

0 / 68
URLManager.exe  (0d956b09f3c81a06cb52b7407afcea69)

1 / 68      (Malware)
zloader.zip.exe (Download Launcher)  (9ce05d53d6a8f27c023cf6a16418dae8)

0 / 68
pd.zip.exe (Download Launcher)  (84fa7760d20a55787edff1de4961600e)

1 / 68      (Malware)
fish_sever.reg.exe (Download Launcher)  (69eaa9229bf5b0863987d87101af32ed)

0 / 68
setup_movie.exe  (b6ce4ff3ddfae7c3d409148b2a182941)

0 / 68
JoyUtilService.exe  (c7c35490e35a73fc7fc38a3ce8256bc4)

 
Latest 30 of 50 files

* Note, the details and description above are based on the code signing digital signature issued to MediaSave Co., Ltd. by Thawte, Inc. on August 17, 2010 with the serial number '5e0397df89b2f3684c31972bf965b73c'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.