mediasrv.exe
Intel PROSet\Wireless Bluetooth by Intel Corporation (Signed)
| Version: | 1.2.0.0071 |
| MD5: | e43d73caf1023976efba1d0f0e69e271 |
| SHA1: | 8a0d21a4f1f92fc619950e2497f5cd453ef3b8e4 |
| SHA256: | 65e721a6fbb5a4e652e34241e7c9a921a9bb76d6c68f20f4bfac03bc7f87aef8 |
Warning 3 antivirus scanners has detected malware.
Overview
mediasrv.exe is malware that runs as a service under the name Bluetooth Media Service with extensive SYSTEM privileges (full administrator access) as a shared service. The file is digitally signed by Intel Corporation.
Details
| File name: | mediasrv.exe |
| Publisher: | Intel Corporation |
| Product name: | Intel PROSet\Wireless Bluetooth |
| Description: | Bluetooth Media Service |
| Typical file path: | C:\Program Files\intel\bluetooth\mediasrv.exe |
| File version: | 1.2.0.0071 |
| Size: | 1.27 MB (1,335,360 bytes) |
| Certificate |
| Issued to: | Intel Corporation |
| Authority (CA): | Intel Corporation |
| Digital DNA |
| File packed: | No |
| .NET CLR: | No |
More details
Behaviors
Service
Runs under 'SYSTEM\CurrentControlSet\Services' as a shared service by the Service Host (svchost.exe)
- 'Bluetooth Media Service'
Malware detections
Based on 40+ industry antivirus scanners, 3 of them detected the following malware.
| Antivirus engine | Engine version | Detection |
| Bkav Security |
1.3.0.4923 |
HW32.CDB.B9f7 |
| CMC |
1.1.0.977 |
Trojan.Win32.Krap.1!O |
| Rising Antivirus |
25.0.0.11 |
PE:Malware.XPACK/RDM!5.1 |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.00012137% | |
| Kernel CPU: | 0.00000950% | |
| User CPU: | 0.00011187% | |
| Kernel CPU time: | 74 ms/min | |
| CPU cycles: | 23,318/sec | |
| Context switches: | 1/sec | |
| Memory |
| Private memory: | 4.34 MB | |
| Private (maximum): | 6.82 MB | |
| Private (minimum): | 6.55 MB | |
| Non-paged memory: | 4.34 MB | |
| Virtual memory: | 75.83 MB | |
| Virtual memory (peak): | 81.15 MB | |
| Working set: | 6.74 MB | |
| Working set (peak): | 8.22 MB | |
| Page faults: | 2,981/min | |
| I/O |
| I/O read transfer: | 32 Bytes/sec | |
| I/O read operations: | 1/sec | |
| I/O other transfer: | 4 Bytes/sec | |
| I/O other operations: | 1/sec | |
| Resource allocations |
| Threads: | 20 | |
| Handles: | 204 | |
Process properties
| Integrety level: | System |
| Platform: | 64-bit |
| Command line: | "C:\Program Files\intel\bluetooth\mediasrv.exe" |
| Owner: | SYSTEM |
| Windows Service |
| Service name: | Bluetooth Media Service |
| Description: | “Provides Bluetooth Media Profiles support” |
| Type: | Win32ShareProcess |
| Parent process: | services.exe (Services and Controller app by Microsoft) |
Threads
Averages
| mediasrv.exe (main module) |
| Total CPU: | 0.00035781% | |
| Kernel CPU: | 0.00002529% | |
| User CPU: | 0.00033252% | |
| CPU cycles: | 9,104/sec | |
| Memory: | 1.27 MB | |
| wow64.dll (Win32 Emulation on NT64 by Microsoft) |
| Total CPU: | 0.00007357% | |
| Kernel CPU: | 0.00000158% | |
| User CPU: | 0.00007200% | |
| CPU cycles: | 1,057/sec | |
| Memory: | 252 KB | |
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
65.52% |
|
| Windows 7 Ultimate |
20.69% |
|
| Windows 7 Professional |
13.79% |
|
Distribution by country
United States installs about 37.93% of Intel PROSet\Wireless Bluetooth.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Dell |
44.44% |
|
| Sony |
22.22% |
|
| Hewlett-Packard |
19.44% |
|
| ASUS |
11.11% |
|
| Acer |
2.78% |
|
