home

bitguard.exe

BitGuard

MediaTechSoft Inc.

This is the Performersoft setup installer. The application bitguard.exe by MediaTechSoft has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the InstallBrain installer. It runs as a windows Service named “BitGuard”. This file is typically installed with the program BitGuard by MediaTechSoft Inc. which is a potentially unwanted software program.
Publisher:
MediaTechSoft Inc.  (signed and verified)

Product:
BitGuard

Description:
Generic software

Version:
2,7,1832,68

MD5:
44e5b5dc6a27ea109b8a234e640bb5fd

SHA-1:
3c2a667100a19e7d32398324efd27ef483f4a459

SHA-256:
180c6035ca44c270b8e1556a7b2e9faf442d1b4323ef6d8e93b7e759af169c96

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:
11/27/2024 3:34:10 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Performersoft (M)
17.1.10.21

File size:
3.6 MB (3,780,064 bytes)

Product version:
2,7,1832,68

Copyright:
Copyright (C) 2013

File type:
Executable application (Win32 EXE)

Bundler/Installer:
InstallBrain

Language:
English (United States)

Common path:
C:\ProgramData\bitguard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bitguard.exe

Digital Signature
Signed by:
MediaTechSoft Inc.

Authority:
GoDaddy.com, Inc.

Valid from:
8/4/2013 10:09:22 AM

Valid to:
3/29/2016 7:18:00 PM

Subject:
CN=MediaTechSoft Inc., O=MediaTechSoft Inc., L=Beaverton, S=Oregon, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
047346D0687AB1

File PE Metadata
Compilation timestamp:
11/18/2013 3:32:32 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x1129B7

Entry point:
E8, 45, DF, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 10, 53, 8B, 5D, 08, 56, 85, DB, 74, 11, 83, 7D, 0C, 00, 76, 11, 85, DB, 75, 23, 33, C0, E9, BC, 00, 00, 00, 83, 7D, 0C, 00, 74, EF, E8, E1, 31, 00, 00, 6A, 16, 5E, 89, 30, E8, 7B, 7F, 00, 00, 8B, C6, E9, A0, 00, 00, 00, FF, 75, 0C, 53, E8, BD, E1, FF, FF, 59, 59, 3B, 45, 0C, 72, 05, C6, 03, 00, EB, D5, 57, FF, 75, 10, 8D, 4D, F0, E8, 6E, DC, FF, FF, 80, 3B, 00, 8B, FB, 8B, F3, 74, 63, 8A, 0F, 8B, 55, F4, 0F, B6, C1, 03, C2, 8A, 50, 1D, F6...
 
[+]

Code size:
2 MB (2,099,712 bytes)

Service
Display name:
BitGuard

Type:
Win32ShareProcess


The file bitguard.exe has been discovered within the following program.

BitGuard  by MediaTechSoft Inc.
BitGuard also known as BProtector, Application Manager and Browser Protector is an application designed to prevent the removal of software installed by the provider and affiliates (including web browser extensions deployed by PerformerSoft).
www.mediatechsoft.com/contact.html
74% remove it
 
Powered by Should I Remove It?

Remove bitguard.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.