home

bitguard.exe

BitGuard

MediaTechSoft Inc.

This is part of a Performersoft product, a 'PC optimzation' application that provides minimal benifits and may have been bundled by a third party installer. The application bitguard.exe by MediaTechSoft has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a windows Service named “BitGuard”.
Publisher:
MediaTechSoft Inc.  (signed and verified)

Product:
BitGuard

Description:
Generic software

Version:
2,7,1832,68

MD5:
53a347c233497c4e3c3cf06ab5d39376

SHA-1:
c6e2ad35a48e0253dafe524f56dfe407bc1960d7

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/19/2024 5:39:54 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Performersoft (M)
17.1.3.20

File size:
3.8 MB (3,957,720 bytes)

Product version:
2,7,1832,68

Copyright:
Copyright (C) 2013

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Application data\bitguard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bitguard.exe

Digital Signature
Signed by:
MediaTechSoft Inc.

Authority:
GoDaddy.com, Inc.

Valid from:
8/4/2013 10:09:22 AM

Valid to:
3/29/2016 7:18:00 PM

Subject:
CN=MediaTechSoft Inc., O=MediaTechSoft Inc., L=Beaverton, S=Oregon, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
047346D0687AB1

File PE Metadata
Compilation timestamp:
11/18/2013 3:32:32 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x3B0000

Entry point:
90, B8, 27, 52, 00, 00, 68, 1E, 00, 7B, 00, 5F, 68, 98, 05, 00, 00, 5E, 31, 04, 3E, 90, 90, 83, EE, 03, 4E, 90, 90, 75, F3, 90, 90, 90, CF, 2F, 01, 00, 27, 52, 00, 00, 27, 52, 40, 00, 90, 7B, 11, 00, C7, FF, 39, 00, FF, E1, 39, 00, 27, E2, 02, 00, 26, 52, 00, 00, 0F, 73, 60, 00, B3, 63, 74, 00, 59, 63, 74, 00, 73, AC, 33, 00, B5, 63, 34, 00, 5B, 63, 34, 00, 0F, 5D, 20, 00, B5, 63, 34, 00, 5B, 63, 34, 00, 27, 52, 00, 00, 27, 52, 00, 00, 27, 52, 00, 00, B3, 73, 60, 00, D3, 71, 60, 00, 27, 52, 00, 00, 27, 52...
 
[+]

Entropy:
6.6724

Code size:
2 MB (2,099,712 bytes)

Service
Display name:
BitGuard

Type:
Win32ShareProcess


Remove bitguard.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.