playnowradio.exe

Montiera Technologies LTD

It is part of the Montiera web browser toolbar monetization platform which injects browser search and advertising within the user's web browser. The application playnowradio.exe by Montiera Technologies has been detected as adware by 13 anti-malware scanners. It runs as a scheduled task under the Windows Task Scheduler triggered by a time event. This file is typically installed with the program Play Now Radio by Montiera Technologies Ltd. which is a potentially unwanted software program.
Publisher:
Pay By Ads LTD  (signed by Montiera Technologies LTD)

Version:
1.3.0.0

MD5:
eefb7478ca9593a0a547764a61af0114

SHA-1:
1b994ab90969d631be94aabfe16c526800367433

SHA-256:
2462511c31104cfa35818ab7d91cb8fa624c688fa04846761710941a9c018915

Scanner detections:
13 / 68

Status:
Adware

Analysis date:
12/24/2024 2:05:48 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Montiera
2016.0.3228

Baidu Antivirus
Adware.Win32.Montiera
4.0.3.14819

ESET NOD32
Win32/Toolbar.Montiera (variant)
8.10253

IKARUS anti.virus
not-a-virus:Downloader.Montiera
t3scan.1.8.3.0

K7 AntiVirus
Trojan
13.185.13965

Kaspersky
not-a-virus:WebToolbar.Win32.Montiera
14.0.0.3383

Malwarebytes
PUP.Optional.PayByAds.A
v2014.08.19.08

McAfee
Artemis!EEFB7478CA95
5600.6884

Panda Antivirus
Trj/Chgt.B
15.01.05.09

Reason Heuristics
PUP.Task.Montiera
15.1.16.1

Sophos
PayByAds
4.98

Trend Micro House Call
Suspicious_GEN.F47V0807
7.2.231

VIPRE Antivirus
Montiera
32206

File size:
541.4 KB (554,376 bytes)

Copyright:
All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\playnowradio\playnowradio\1.3.9.12\playnowradio.exe

Digital Signature
Authority:
COMODO CA Limited

Valid from:
7/22/2014 9:00:00 PM

Valid to:
7/23/2015 8:59:59 PM

Subject:
CN=Montiera Technologies LTD, O=Montiera Technologies LTD, STREET=Harbert Samuel 46, L=Tel Aviv, S=Gush Dan, PostalCode=6330303, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CCD3CD85F8C32F5C3FF9264E1A57C07D

File PE Metadata
Compilation timestamp:
7/26/2014 3:16:40 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:/TMEx8k9YLbXlP4C3OopabxK/cb1b/uFzGBpcP70Iu4Ro:IE+b/cb1b/uF2pcD1u4o

Entry address:
0x3EC06

Entry point:
E8, AA, 83, 00, 00, E9, 89, FE, FF, FF, B8, FA, 7A, 44, 00, A3, 10, 6A, 46, 00, C7, 05, 14, 6A, 46, 00, F0, 71, 44, 00, C7, 05, 18, 6A, 46, 00, A4, 71, 44, 00, C7, 05, 1C, 6A, 46, 00, DD, 71, 44, 00, C7, 05, 20, 6A, 46, 00, 46, 71, 44, 00, A3, 24, 6A, 46, 00, C7, 05, 28, 6A, 46, 00, 72, 7A, 44, 00, C7, 05, 2C, 6A, 46, 00, 62, 71, 44, 00, C7, 05, 30, 6A, 46, 00, C4, 70, 44, 00, C7, 05, 34, 6A, 46, 00, 50, 70, 44, 00, C3, 8B, FF, 55, 8B, EC, E8, 96, FF, FF, FF, 83, 7D, 08, 00, 74, 05, E8, BB, 8E, 00, 00, DB...
 
[+]

Code size:
327 KB (334,848 bytes)

Scheduled Task
Task name:
Play Now Radio

Trigger:
Time (Next runs on 19/08/2014 at 9:25)


The file playnowradio.exe has been discovered within the following program.

Play Now Radio  by Montiera Technologies Ltd.
This potentially unwanted ad-supported program will bundled a number of adware applications on install including: Criteo DealPly Revenue hits Matomy Jolly wallet Ac plus 50OnRed Superfish Offersbar Thinkthank
www.playnowradio.com
73% remove it
 
Powered by Should I Remove It?

Remove playnowradio.exe - Powered by Reason Core Security