bprotect.exe, BitGuard.exe - A Win32 Virus

So I was back at my Desktop PC after some time and it seemed to be quite slow. I used ProcessExplorerNT and found a process called "BitGuard.exe" using fairly lot of system resources. It looked ok, although I don't recollect ever installing such a software. What caught my attention was that it was running from "\All Users\APplication Data\BitGuard". That is an unusual location for an application to get installed and so I quickly ran a scan with Avast Free Edition, but didn't detect any viruses.

I wasn't convinced,  so I ran a boot time scan of my PC with Avast. And surely enough, it was able to report BitGuard.exe as a virus. One dll called protector.dll was also flagged as a virus. This is dangerous as a DLL file can be injected into any running application and modify the behavior of normal applications as well.

Avast classifies this as "Win32:BProtect-A[PUP]".

"It is not a Windows system file. The program is not visible. The file is digitally signed. BProtect.exe is able to monitor applications, record inputs and manipulate other programs. " is what file.net has to say about this file. So the behavior of this program is highly suspected.

How to remove it.
If you are using Avast, enable PUP mode before initiating scan or schedule a Boot time scan and remove the virus files.To see where to turn PUP on, see the image below.

Recomendation
Windows might keep versions of this virus in System Restore, so scheduling a boot time scan is recommended.