home

loader.dll

Application Manager

MediaTechSoft Inc.

This is the Performersoft setup installer. The module loader.dll by MediaTechSoft has been detected as adware by 22 anti-malware scanners. The program is a setup application that uses the InstallBrain installer. This file is typically installed with the program BitGuard by MediaTechSoft Inc. which is a potentially unwanted software program. The setup program bundles additional offers, mostly adware, using the InstallBrain installer, a pay-per-install monetization download manager. InstallBrain will also install a background updater service that will update any installed browser add-ons and plug-ins.
Publisher:
PerformerSoft LLC  (signed by MediaTechSoft Inc.)

Product:
Application Manager

Version:
2,7,1,0

MD5:
86958c2c033219f56c9f0b3a181b4628

SHA-1:
36ae28e4cc008845e5e58cbc87f3360b489a87c0

SHA-256:
40d996173ad9972be43e3f0843b836cdeba9631cb527830fdb107bcf468247da

Scanner detections:
22 / 68

Status:
Adware

Explanation:
Uses the InstallBrain monetization platform from iBario to deliver bundled adware both search toolbars and PC optimizers from Performersoft.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
4/26/2024 7:00:36 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.BHO.BProtector.F
1138

Agnitum Outpost
Adware.BProtector
7.1.1

AhnLab V3 Security
Trojan/Win32.Rotbrow
2013.12.07

Avira AntiVirus
APPL/Adware.BProtector.E
7.11.122.196

AVG
Dropper.Generic9
2015.0.3588

Bitdefender
Adware.BHO.BProtector.F
1.0.20.1785

Bkav FE
W32.Clode7e.Trojan
1.3.0.4613

Emsisoft Anti-Malware
Adware.BHO.BProtector
8.13.12.23.10

ESET NOD32
Win64/bProtector
8.9233

F-Secure
Adware.BHO.BProtector
11.2014-20-01_2

G Data
Adware.BHO.BProtector
13.12.22

K7 AntiVirus
Riskware
13.174.10679

Malwarebytes
Rogue.InternetSecurityEssentials
v2013.12.23.10

McAfee
Artemis!86958C2C0332
5600.7272

Microsoft Security Essentials
TrojanDropper:Win64/Rotbrow.H
1.165.247.01

MicroWorld eScan
Adware.BHO.BProtector.F
14.0.0.1071

Quick Heal
TrojanDropper.Rotbrow
1.14.12.00

Reason Heuristics
PUP.MediaTechSoft.G
14.8.8.2

Sophos
BProtector
4.96

Trend Micro House Call
TROJ_GEN.F47V1121
7.2.357

VIPRE Antivirus
InstallBrain
24932

ViRobot
Trojan.Win32.S.Agent.1958880
2011.4.7.4223

File size:
1.9 MB (1,958,880 bytes)

Product version:
2,7,1,0

Copyright:
Copyright (C) 2012

File type:
Dynamic link library (Win64 DLL)

Bundler/Installer:
InstallBrain

Language:
English (United States)

Common path:
C:\ProgramData\bitguard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll

Digital Signature
Signed by:
MediaTechSoft Inc.

Authority:
GoDaddy.com, Inc.

Valid from:
8/4/2013 10:09:22 AM

Valid to:
3/29/2016 7:18:00 PM

Subject:
CN=MediaTechSoft Inc., O=MediaTechSoft Inc., L=Beaverton, S=Oregon, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
047346D0687AB1

File PE Metadata
Compilation timestamp:
10/30/2013 1:00:21 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
49152:bDzfWrUlMzZ+TX0QNjC0tVZb5EPmua/Nvev/eAB:ym0/eAB

Entry address:
0x5BF5C

Entry point:
48, 89, 5C, 24, 08, 48, 89, 74, 24, 10, 57, 48, 83, EC, 20, 49, 8B, F8, 8B, DA, 48, 8B, F1, 83, FA, 01, 75, 05, E8, 0B, AA, 00, 00, 4C, 8B, C7, 8B, D3, 48, 8B, CE, 48, 8B, 5C, 24, 30, 48, 8B, 74, 24, 38, 48, 83, C4, 20, 5F, E9, A7, FE, FF, FF, CC, CC, CC, 4C, 8B, C9, 45, 0F, B6, 01, 49, FF, C1, 41, 8D, 40, BF, 83, F8, 19, 77, 04, 41, 83, C0, 20, 0F, B6, 0A, 48, FF, C2, 8D, 41, BF, 83, F8, 19, 77, 03, 83, C1, 20, 45, 85, C0, 74, 05, 44, 3B, C1, 74, D1, 44, 2B, C1, 41, 8B, C0, C3, CC, CC, CC, 48, 89, 5C, 24...
 
[+]

Code size:
1.1 MB (1,157,632 bytes)

The file loader.dll has been discovered within the following program.

BitGuard  by MediaTechSoft Inc.
BitGuard also known as BProtector, Application Manager and Browser Protector is an application designed to prevent the removal of software installed by the provider and affiliates (including web browser extensions deployed by PerformerSoft).
www.mediatechsoft.com/contact.html
74% remove it
 
Powered by Should I Remove It?

Remove loader.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.