MediaTechSoft Inc.

Publisher Information

MediaTechSoft Inc. is a software publisher located in Beaverton, Oregon in the United States*. The company is a primary distributor of unwanted software. MediaTechSoft is part of the Performersoft/iBario group that utilizes the InstallBrain installer to distribute web browser extensions (adware in nature) as well as Performersoft's 'optimization' and media products through a pay-per-install monetization program. Additionally MediaTechSoft typiclaly installed a background service known as 'browser protector' designed to keep its installed adware protected in order to maintain its search setting in the browser. There is one additional code signing certificate issued to this publisher.
Remove MediaTechSoft Inc. Malware - Powered by Reason Core Security
Authority:
GoDaddy.com, Inc.

Valid from:
8/4/2013 10:09:22 AM

Valid to:
3/29/2016 7:18:00 PM

Subject:
CN=MediaTechSoft Inc., O=MediaTechSoft Inc., L=Beaverton, S=Oregon, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
047346d0687ab1

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.MediaTechSoft.I, PUP.Service.MediaTechSoft.I, PUP.MediaTechSoft.D, PUP.MediaTechSoft.G, PUP.MediaTechSoft.P, PUP.MediaTechSoft.L, PUP.Performersoft.MediaTechSoft.Bundler (M)
100.00%

K7 AntiVirus
Unwanted-Program , Trojan , Riskware
96.88%

VIPRE Antivirus
InstallBrain, Trojan.Win32.Generic, Win32.Malware!Drop
96.88%

Microsoft Security Essentials
TrojanDropper:Win32/Rotbrow.A, TrojanDropper:Win32/Rotbrow.M, TrojanDropper:Win64/Rotbrow.H, TrojanDropper:Win32/Rotbrow.L
96.88%

AVG
Bprotect.F, Bprotect.C, Dropper.Generic9.FEC.dropper, Generic5, Generic_c
96.88%

K7 Gateway Antivirus
Unwanted-Program , Trojan , Riskware
93.75%

Trend Micro House Call
ADW_BITBROWSE, ADW_BPROTECT, TROJ_GEN.F47V0913, TROJ_GEN.F47V1121, TROJ_GEN.F47V1029, TROJ_GEN.F47V0912, TROJ_GEN.F47V1021
90.63%

Malwarebytes
Trojan.BProtector, PUP.Optional.PerformerSoft.A, PUP.Optional.Conduit.A, Rogue.InternetSecurityEssentials, PUP.Optional.Babylon.A
84.38%

Avira AntiVirus
APPL/BProtector.2736128, APPL/BProtector.Gen, APPL/Adware.BProtector.H, APPL/Adware.BProtector.E, APPL/Adware.BProtector.F
84.38%

McAfee
Adware-Bprotect, Adware-Bprotect!7F8BECFB26F2, Artemis!44E5B5DC6A27, Artemis!37BD04088BDC, Artemis!86958C2C0332, Artemis!1664903F39BD, Adware-Bprotect!717252E6AE70
81.25%

36 / 68    (Adware)
x64injector.exe  (fac5ad66dabc9911ab1406fc88f025c9)

1 / 68      (Adware)
bitguard.exe (BitGuard by MediaTechSoft)  (9cd6413b4982a77c1ce09596942f5565)

42 / 68    (Adware)
1385.tmp  (677726b702d9952f276ac4e338946af2)

42 / 68    (Adware)
6077.tmp  (7a8bc50eed9c416041f6e26fe16aed61)

45 / 68    (Adware)
21.tmp  (2e16caccd1c9e61042df019a1aa08a2b)

35 / 68    (Adware)
76a6.tmp  (aeab56d5a7286e98e10542822901d07c)

38 / 68    (Adware)
9d28.tmp  (d4f092bddb3534ed73dec96d211d394f)

36 / 68    (Adware)
7f91.tmp  (208331b3cce68762423173e501131209)

30 / 68    (Adware)

11 / 68    (Adware)
x64injector.exe  (63ca5cf9f0de5306e4a343269f3a88e3)

36 / 68    (Adware)
bitguard.exe (Application Manager by PerformerSoft)  (2d89abac9d439abad1e427a467f0687d)

36 / 68    (Adware)
bitguard.exe (Application Manager by PerformerSoft)  (ff1e66379b94e168504d611a151263c2)

39 / 68    (Adware)
BitGuard.dll (Application Manager by PerformerSoft)  (bca5fa19ce160dca70cd84ba246deb4b)

39 / 68    (Adware)
BitGuard.dll (Application Manager by PerformerSoft)  (d6a38f85e6cd4250a55c6c626427de09)

27 / 68    (Adware)

39 / 68    (Adware)
BitGuard.dll (Application Manager by PerformerSoft)  (17f6d044c752f5fc46325cee933dd1f6)

36 / 68    (Adware)
bitguard.exe (Application Manager by PerformerSoft)  (425622f8db2694c34d1908a77612acfc)

21 / 68    (Adware)
ccp.exe  (1664903f39bd373abeeb521d409ae7c5)

36 / 68    (Adware)
bitguard.exe (Application Manager by PerformerSoft)  (e66e725e10b9cb8a6f5c74d7ca9e98a9)

10 / 68    (Adware)
ccp.exe  (f23b45cf2a12ceb0f836290713bac350)

24 / 68    (Adware)
loader.dll (Application Manager by PerformerSoft)  (86958c2c033219f56c9f0b3a181b4628)

39 / 68    (Adware)
bitguard.dll (Application Manager by PerformerSoft)  (2ebbe2521176388c7bc5365e197bf801)

36 / 68    (Adware)
bitguard.exe (Application Manager by PerformerSoft)  (30312a75be27ed57ac1f7d657108f016)

17 / 68    (Adware)
loader.dll (Application Manager by PerformerSoft)  (37bd04088bdce15df2233a0bbb30b581)

11 / 68    (Adware)
ccp.exe  (e1d607bd288b979fece0770324ee6f11)

27 / 68    (Adware)
bitguard.exe (BitGuard by MediaTechSoft)  (44e5b5dc6a27ea109b8a234e640bb5fd)

36 / 68    (Adware)
bitguard.exe (Application Manager by PerformerSoft)  (7f8becfb26f2655e281406c6c341f416)

39 / 68    (Adware)
BitGuard.dll (Application Manager by PerformerSoft)  (4708cbd3a820f48fa5e390c9211971b5)

11 / 68    (Adware)
ccp.exe  (3cf41c057d007d55ed1f142f1254ce96)

36 / 68    (Adware)
bitguard.exe (Application Manager by PerformerSoft)  (97a57aea49e0ec9d17bdd96a3ceebebc)

 
Latest 30 of 32 files

The following certificate is also signed by MediaTechSoft Inc..

4B870730DE21B9  (Mar 29, 2013 to Mar 29, 2016)

The following publishers (by Authenticode signature organization name) are related.

Remove MediaTechSoft Inc. Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to MediaTechSoft Inc. by GoDaddy.com, Inc. on August 04, 2013 with the serial number '047346d0687ab1'.