Should I block it?

40%

40% of PCs block this file from running.

Possible reason:

Performance resource utilization

Relationships

PE file structure

Show functions

Import table

advapi32.dll

AddAce, ReportEventA, DeregisterEventSource, RegEnumKeyW, RegEnumValueW, RegEnumKeyExW, RegNotifyChangeKeyValue, RegDeleteKeyW, RegCreateKeyExW, RegSetValueExW, RegDeleteValueW, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, ConvertStringSecurityDescriptorToSecurityDescriptorA, GetSecurityDescriptorSacl, SetSecurityDescriptorSacl, RegQueryValueExW, RegCloseKey, RegOpenKeyExW, SetSecurityInfo, DeleteAce, GetAce, GetAclInformation, GetSecurityInfo, OpenProcessToken, OpenThreadToken, GetTokenInformation, InitializeAcl, GetLengthSid, RegisterEventSourceA

imagehlp.dll

ImageDirectoryEntryToData

kernel32.dll

DllMain

ole32.dll

CoInitializeSecurity, CoUninitialize, CoInitializeEx, CoInitialize, CoCreateInstance, CLSIDFromString

psapi.dll

GetModuleInformation, EnumProcessModules, GetModuleFileNameExW

rpcrt4.dll

UuidToStringW, RpcStringFreeW

shell32.dll

SHGetSpecialFolderPathW

shlwapi.dll

PathStripPathW, PathAddExtensionW, PathAppendW, PathFileExistsW, PathFindFileNameW, PathIsDirectoryW, PathRemoveFileSpecW, PathStripPathA, StrCmpW, PathStripToRootW, PathRemoveExtensionW, PathFindExtensionW

user32.dll

IsWindow, GetClassNameA, KillTimer, CallNextHookEx, SetWindowLongW, MessageBoxW, FindWindowW, SendMessageW, GetUserObjectInformationW, GetProcessWindowStation, GetDesktopWindow, MessageBoxA, UnregisterClassA, LoadStringA, GetWindowTextW, GetWindowLongW, GetDlgItem, GetClassNameW, RegisterWindowMessageW, EndDialog, LoadStringW

version.dll

GetFileVersionInfoW, GetFileVersionInfoSizeW, VerQueryValueW

winhttp.dll

WinHttpReadData, WinHttpSendRequest, WinHttpOpenRequest, WinHttpQueryHeaders, WinHttpSetStatusCallback, WinHttpSetOption, WinHttpGetIEProxyConfigForCurrentUser, WinHttpGetProxyForUrl, WinHttpQueryDataAvailable, WinHttpAddRequestHeaders, WinHttpCloseHandle, WinHttpOpen, WinHttpConnect, WinHttpReceiveResponse

Export table

InitMonitor

ProtectedDebugProc

ProtectedShellProc

RunChMonitor

StopChMonitor

TrackFile

protector.dll

Application Manager by MediaTechSoft Inc. (Signed)

Remove protector.dll

Version:	2,7,1769,27
MD5:	b0709680a86bdd99f968752c9449b809
SHA1:	e636744bd96df164360a6a066a90f6150f4e1554

Overview

protector.dll is loaded as dynamic link library that runs in the context of a process. This is typically installed with the program BitGuard published by MediaTechSoft Inc. and is most likely removed by most users once installed (74% removed). The file is digitally signed by MediaTechSoft Inc. which was issued by the GoDaddy.com certificate authority (CA).

Details

File name:	protector.dll
Publisher:	PerformerSoft LLC
Product name:	Application Manager
Description:	Protector
Typical file path:	C:\ProgramData\bprotectorforwindows\2.7.1769.27\{eab34bca-99d8-4192-8f3b-58b53f6d08e7}\protector.dll
File version:	2,7,1769,27
Size:	2.61 MB (2,735,584 bytes)
Build date:	10/22/2013 11:09 AM
Certificate
Issued to:	MediaTechSoft Inc.
Authority (CA):	GoDaddy.com
Effective date:	Sunday, August 4, 2013
Expiration date:	Tuesday, March 29, 2016
Digital DNA
PE subsystem:	Windows Console
File packed:	No
.NET CLR:	No

More details

Programs

The following program will install this file

BitGuard

MediaTechSoft Inc.

74% remove

BitGuard also known as BProtector, Application Manager and Browser Protector is an application designed to prevent the removal of software installed by the provider and affiliates (including web browser extensions deployed by PerformerSoft). BitGuard and its variations are registered under the company name MediaTechSoft but actually are associated with PerformerSoft LLC. While the BitGuard service (BitGuard.exe) is signed with a digital...