Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

2,6,1694,246 20.00%
2,6,1694,246 36.00%
2,6,1694,246 4.00%
2,6,1673,238 36.00%
2,6,1673,238 4.00%

Relationships

PE structurePE file structure
Show functions
Import table
advapi32.dll
GetAclInformation, RegEnumValueW, CreateServiceW, ChangeServiceConfig2W, StartServiceW, ControlService, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegEnumKeyExW, RegQueryInfoKeyW, StartServiceCtrlDispatcherW, RegisterServiceCtrlHandlerW, GetTokenInformation, DuplicateTokenEx, CreateProcessAsUserW, OpenSCManagerW, OpenServiceW, QueryServiceConfigW, ChangeServiceConfigW, CloseServiceHandle, SetServiceStatus, RegEnumKeyW, RegSetValueExW, RegDeleteKeyW, RegCreateKeyExW, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, ConvertStringSecurityDescriptorToSecurityDescriptorA, GetSecurityDescriptorSacl, SetSecurityDescriptorSacl, RegQueryValueExW, RegCloseKey, RegOpenKeyExW, RegDeleteValueW, SetSecurityInfo, DeleteAce, GetAce, DeleteService, GetSecurityInfo, OpenProcessToken, OpenThreadToken, AddAce, InitializeAcl, GetLengthSid, ConvertSidToStringSidW, IsValidSid, DeregisterEventSource, ReportEventA, RegisterEventSourceA
crypt32.dll
CertFreeCertificateContext, CertGetNameStringW, CertFindCertificateInStore, CryptMsgClose, CertCloseStore, CryptMsgGetParam, CryptQueryObject
gdi32.dll
CreatePatternBrush, GetObjectW, DeleteObject, CreateDIBSection, CreateCompatibleBitmap, BitBlt, CreateCompatibleDC, CreateFontIndirectW, CreateSolidBrush, RoundRect, DeleteDC, CreatePen, Rectangle, SetTextColor, SetBkMode, SelectObject
kernel32.dll
DllMain
ole32.dll
CoUninitialize, CoInitializeEx, CoCreateInstance, CoInitializeSecurity, CoInitialize, StringFromGUID2, CoSetProxyBlanket
rpcrt4.dll
UuidFromStringA
shell32.dll
CommandLineToArgvW, SHGetSpecialFolderPathW
shlwapi.dll
PathIsDirectoryW, PathFindFileNameW, StrCmpW, StrCpyW, PathFileExistsW, PathAppendW, PathStripToRootW, PathStripPathW, PathRemoveExtensionW, PathFindExtensionW, PathAddExtensionW, PathRemoveFileSpecW, SHGetValueW, PathIsRootW, StrCmpNIW
user32.dll
DrawTextW, SetWindowLongW, GetWindowTextW, GetWindowTextLengthW, GetSystemMetrics, LoadImageW, GetCursorPos, GetTopWindow, TrackMouseEvent, ChildWindowFromPoint, KillTimer, ScreenToClient, GetClassInfoExW, LoadCursorW, IsWindow, FindWindowW, DestroyWindow, RegisterClassExW, CreateWindowExW, GetUserObjectInformationW, GetProcessWindowStation, GetDesktopWindow, MessageBoxA, MessageBoxW, SetFocus, SetWindowPos, MapWindowPoints, GetMonitorInfoW, MonitorFromWindow, GetWindow, GetClientRect, LoadStringA, DefWindowProcW, GetWindowLongW, CallWindowProcW, ShowWindow, GetWindowRect, MoveWindow, DialogBoxParamW, GetActiveWindow, SystemParametersInfoW, DispatchMessageW, EndDialog, GetDlgItem, SendMessageW, SetWindowTextW, SetTimer, PeekMessageW, GetMessageW, UnregisterClassA, SetLayeredWindowAttributes, FillRect, ReleaseDC, GetDC, GetSysColor, GetSysColorBrush, GetParent, InvalidateRect, EndPaint, BeginPaint, TranslateMessage
userenv.dll
CreateEnvironmentBlock
uxtheme.dll
DrawThemeBackground, DrawThemeParentBackground, IsThemeBackgroundPartiallyTransparent, OpenThemeData, CloseThemeData
version.dll
GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW
winhttp.dll
WinHttpConnect, WinHttpOpen, WinHttpSetStatusCallback, WinHttpGetIEProxyConfigForCurrentUser, WinHttpCloseHandle, WinHttpGetProxyForUrl, WinHttpSetOption, WinHttpReceiveResponse, WinHttpAddRequestHeaders, WinHttpQueryDataAvailable, WinHttpReadData, WinHttpSendRequest, WinHttpOpenRequest, WinHttpQueryHeaders
wtsapi32.dll
WTSQueryUserToken

bitguard.exe

Application Manager by MediaTechSoft Inc. (Signed)

Remove bitguard.exe
Version:   2,6,1694,246
MD5:   30312a75be27ed57ac1f7d657108f016
SHA1:   1ce9a171e9a9de3632eb6f0272d6fc369d2d8248
SHA256:   a34ae59e80a21f380fc4ac7062e97d00f72fd655ca76287340eb73300038486b
Warning 22 antivirus scanners has detected malware.

Overview

bitguard.exe is malware that runs as a service under the name BitGuard within the local user context as a shared service. This is typically installed with the program BitGuard published by MediaTechSoft Inc. and is most likely removed by most users once installed (74% removed). The file is digitally signed by MediaTechSoft Inc. which was issued by the GoDaddy.com certificate authority (CA).

DetailsDetails

File name:bitguard.exe
Publisher:PerformerSoft LLC
Product name:Application Manager
Typical file path:C:\ProgramData\bitguard\2.6.1673.238\{16cdff19-861d-48e3-a751-d99a27784753}\bitguard.exe
File version:2,6,1694,246
Size:3.03 MB (3,173,856 bytes)
Build date:10/1/2013 5:48 PM
Certificate
Issued to:MediaTechSoft Inc.
Authority (CA):GoDaddy.com
Effective date:Sunday, August 4, 2013
Expiration date:Tuesday, March 29, 2016
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
BitGuard
 MediaTechSoft Inc.
  74% remove
BitGuard also known as BProtector, Application Manager and Browser Protector is an application designed to prevent the removal of software installed by the provider and affiliates (including web browser extensions deployed by PerformerSoft). BitGuard and its variations are registered under the company name MediaTechSoft but actually are associated with PerformerSoft LLC. While the BitGuard service (BitGuard.exe) is signed with a digital...

BehaviorsBehaviors

Service
Runs under 'SYSTEM\CurrentControlSet\Services' as a shared service by the Service Host (svchost.exe)
  • 'BitGuard'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 22 of them detected the following malware.
Antivirus engineEngine versionDetection
AhnLab V3 Internet Security 2013.11.13 Trojan/Win32.Generic
Avira AntiVir 7.11.113.32 APPL/BProtector.Gen
Antiy Labs AVL 2.0.3.7 Trojan/Win32.Generic
avast! 8.0.1489.320 Win32:BProtect-A [PUP]
AVG 13.0.0.3169 Bprotect.C
Bkav Security 1.3.0.4415 W32.Clod27f.Trojan.c2cf
CAT Quick Heal 11.13.12.00 TrojanDropper.Rotbrow
Clam AntiVirus 0.97.3.0 Win.Adware.BProtector
Comodo Internet Security 17263 UnclassifiedMalware
ESET NOD32 7.9041 a variant of Win32/bProtector.A
G Data 13.11.22 Win32.Application.BHO.A
K7 AntiVirus 9.173.10176 Unwanted-Program ( 00454f261 )
K7GW 9.173.10176 Unwanted-Program ( 00454f261 )
Kaspersky 9.0.0.837 HEUR:Trojan.Win32.Generic
Kingsoft 2013.4.9.267 Win32.Troj.Undef.(kcloud)
Malwarebytes 1.75.0.1 PUP.Optional.PerformerSoft.A
McAfee 5.600.1067 Artemis!30312A75BE27
McAfee Gateway Anti-Malware v2013-dat Artemis!30312A75BE27
Microsoft Security Essentials 1.10003.0 TrojanDropper:Win32/Rotbrow.A
Sophos 4.94.0 BProtector
Trend Micro HouseCall 9.700.0.1001 TROJ_GEN.F47V1001
VIPRE Antivirus 23320 InstallBrain (fs)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Ultimate 44.00%
Microsoft Windows XP 20.00%
Windows 7 Home Premium 16.00%
Windows 8 Pro 8.00%
Windows 7 Professional 4.00%
Windows Vista Home Basic 4.00%
Windows 8 4.00%

Distribution by countryDistribution by country

Saudi Arabia installs about 16.00% of Application Manager.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Lenovo 22.86%
ASUS 22.86%
Hewlett-Packard 14.29%
Dell 11.43%
Acer 8.57%
Samsung 8.57%
Compaq 5.71%
GIGABYTE 5.71%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE