home

Ventury Media

Publisher Information

Ventury Media is a software developer located in bergerac, Dordogne in France*.
Authority:
Thawte, Inc.

Valid from:
10/14/2013 2:00:00 AM

Valid to:
10/15/2014 1:59:59 AM

Subject:
CN=Ventury Media, O=Ventury Media, L=bergerac, S=dordogne, C=FR

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
227c91379426395851cf4538358da932

Status:
Inconclusive detections from multiple engines

Scan engine
Details
Detections

Reason Heuristics
Adware.Crossrider (M), Adware.Goobzo, Threat.Win.Reputation.IMP
45.83%

Dr.Web
Trojan.DownLoad3.34798, Trojan.Crossrider.20
29.17%

Trend Micro House Call
Suspicious_GEN.F47V1111, Suspicious_GEN.F47V0810, TROJ_GEN.F47V0110, Suspicious_GEN.F47V0727
16.67%

Malwarebytes
PUP.Optional.ScramblePacker.A, Trojan.Downloader
12.50%

Vba32 AntiVirus
AdWare.Agent, Trojan.MSIL.gen.a.11
12.50%

McAfee
Artemis!5B6FA6B71291, Artemis!C9356FC8F34C, Artemis!35329477CC26
12.50%

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
8.33%

AegisLab AV Signature
Malware.Gen!c, W32.Sality.mBfR
8.33%

Quick Heal
AdWare.Agent.r4 (Not a Virus)
4.17%

NANO AntiVirus
Trojan.Win32.Generic.cthmre
4.17%

1 / 68      (Malware)
youshopping-helper.exe  (9be2467e963ad6e6894195d90128bcce)

1 / 68      (Adware)
youshopping-buttonutil64.exe (YouShopping by Ventury Media)  (e33de72dae67463b78aa6b6980fee3d8)

1 / 68      (Adware)
youshopping-buttonutil64.dll  (2c11f8ef714a34bae4c33f9d7a274751)

1 / 68      (Adware)
youshopping-buttonutil.exe (YouShopping by Ventury Media)  (321842a744a3bcec3931339df199e5c8)

1 / 68      (Adware)
youshopping-buttonutil.dll  (00e95dfec81807c9cab9d3416c3dbb84)

1 / 68      (Adware)
youshopping-bho64.dll (YouShopping by Ventury Media)  (91c453e2d9105f64c80f56eda1d34436)

1 / 68      (Adware)
youshopping-bho.dll (YouShopping by Ventury Media)  (b8f6d05c81194c6b36ea3d42bac2e313)

1 / 68      (Adware)
youshopping-bg.exe (YouShopping by Ventury Media)  (33286ef0950c4a3fdfc9771f2e4fdac7)

1 / 68      (PUP)
uninstall.exe  (98d4f52a6d7ded10afd1efdc63210961)

1 / 68      (Adware)
youshopping-codedownloader.exe (YouShopping by Ventury Media)  (b1a581f81be9855e610e583902e44671)

1 / 68      (Adware)
youshopping-chromeinstaller.exe (YouShopping by Ventury Media)  (03f10240e6156a4edbbceff0528299a3)

2 / 68      (inconclusive)
filmavolonte.exe (FilmaVolonte)  (f3b118931bc59c7bda3e05cb337b38df)

0 / 68
filmavolonte.exe (FilmaVolonte)  (f3b8e4ff7abafd9358a70dced7d2c4d0)

0 / 68
filmavolonte.exe (FilmaVolonte)  (7f4a138fdf958a3f8616290308c24553)

0 / 68
uninstall_webdirecttv.exe (uninstall_webdirecttv)  (da368ff9bf345739d7aae8ecfe3b5200)

0 / 68
uninstall_webdirecttv.exe (uninstall_webdirecttv)  (c04fcfbb71abd84776f54cf513ff764f)

0 / 68
webdirecttv.exe (WebdirectTV)  (820a6149d1293d664f2b4978711a272b)

0 / 68
gooclic_apps.exe (Amhjpucp by Bpxlaaods)  (2bd5da15a16d7498d6240228e49db966)

0 / 68
webupdate.exe (webupdate)  (9adc9111c47326f00ad74e6376e85f68)

0 / 68
unins000.exe  (975622bd868a8118c6ce2fa093f0bfe3)

0 / 68
webdirecttv.exe (WebdirectTV)  (78e5efb4a55adc3fec44b6b8bfd6f9a3)

0 / 68
uninstall_webdirecttv.exe (uninstall_webdirecttv)  (99f5d56c9457ef1285b9f9f0f259ed81)

0 / 68
webdirecttv.exe (WebdirectTV)  (6d1f581b94b917f250bdda9b362756b5)

0 / 68
webdirecttv.exe (WebdirectTV)  (36f69467234022424e425fffb5cfd670)

0 / 68
webdirecttv.exe (WebdirectTV)  (1f2a8f1942b71bccc9cd627330ec6041)

6 / 68      (Malware)
flashplayer.exe (FlashPlayer)  (35329477cc26d76ba1edca06c66f1abb)

3 / 68
unins000.exe  (c9356fc8f34c8e834b7f2f48839893cd)

0 / 68
uninstall_filmavolonte.exe (uninstall_filmavolonte)  (4fb0d20e03f5352aac9f818d54404d1e)

1 / 68      (inconclusive)
filmavolonte.exe (FilmaVolonte)  (abdddbca680e4c4347bc4a84a3419f3d)

0 / 68
ToolManager.exe (ToolManager)  (defcd6cca871954f85265ec599bca017)

 
Latest 30 of 64 files

Downloads URLs for files signed by Ventury Media.

7 / 68      (Malware)
http://www.pubdirecte.com/script/redirect.php?url=http://.../c.php?nwid=1035&apps=8&t1=48697-162489-[P_ID_CLICK]-1432340382-40762&t2=24692&t3=FR&said=48697&cp=40762&id=29097527&s=21442&bann=162489  (flashplayer.exe)

7 / 68      (Malware)
http://www.pubdirecte.com/script/redirect.php?url=http://.../c.php?nwid=1035&apps=8&t1=48697-162489-[P_ID_CLICK]-1484331331-40762&t2=24692&t3=FR&said=48697&cp=40762&id=27937020&s=21442&bann=162489  (flashplayer.exe)

0 / 68
http://www.pubdirecte.com/script/redirect.php?url=http://.../c.php?nwid=1035&apps=2&t1=48697-162034-[P_ID_CLICK]-522642316-40689&t2=24692&t3=FR&said=48697&cp=40689&id=21940409&s=21442&bann=162034  (filmavolonte.exe)

7 / 68      (Malware)
http://www.pubdirecte.com/script/redirect.php?url=http://.../c.php?nwid=1035&apps=8&t1=48697-162489-[P_ID_CLICK]-1546742333-40762&t2=24692&t3=FR&said=48697&cp=40762&id=26857960&s=21442&bann=162489  (flashplayer.exe)

7 / 68      (Malware)
http://www.securetelechargement.com/flashplayer/.../flashplayer.exe  (5b6fa6b712910313970a6ade1b4730c8)

7 / 68      (Malware)
http://www.pubdirecte.com/script/redirect.php?url=http://.../c.php?nwid=1035&apps=8&t1=48697-162489-[P_ID_CLICK]-1301315629-40762&t2=24692&t3=FR&said=48697&cp=40762&id=28857943&s=21442&bann=162489  (flashplayer.exe)

7 / 68      (Malware)
http://www.pubdirecte.com/script/redirect.php?url=http://.../c.php?nwid=1035&apps=8&t1=48697-162489-[P_ID_CLICK]-1415929495-40762&t2=24692&t3=FR&said=48697&cp=40762&id=25608481&s=21442&bann=162489  (flashplayer.exe)

7 / 68      (Malware)
http://www.pubdirecte.com/script/redirect.php?url=http://.../c.php?nwid=1035&apps=8&t1=48697-162489-[P_ID_CLICK]-1551921750-40762&t2=24692&t3=FR&said=48697&cp=40762&id=27945000&s=21442&bann=162489  (flashplayer.exe)

The following websites host and distribute files published by Ventury Media.

www.securetelechargement.com

www.pubdirecte.com

* Note, the details and description above are based on the code signing digital signature issued to Ventury Media by Thawte, Inc. on October 14, 2013 with the serial number '227c91379426395851cf4538358da932'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.