browserprotect.exe
Application Manager by Bit89 Inc. (Signed)
Warning 126 antivirus scanners has detected malware in various versions of browserprotect.exe.
Overview
There are 9 versions of browserprotect.exe in the wild, the latest version being 2,6,1519,190. It is started as a Windows Service called 'BrowserDefendert' with the name 'FindAmo Manager' and described as “Your browser protector service”. . This is executed as a shared service (which simply means that this service can share a process with other Win32 services). The average file size is about 2.5 MB. The file is a digitally signed and issued to Bit89 Inc. by GoDaddy.com. The programs BrowserProtect, bProtector for Windows and BrowserDefender have been observed as installing specific variations of browserprotect.exe. During the process's lifecycle, the typical CPU resource utilization is about 0.0069% including both foreground and background operations, the average private memory consumption is about 3.68 MB with the maximum memory reaching around 7.39 MB. Addionally, typically read and write I/O disk operations is about 1.09 KB per minute for reads and 1024 Bytes per minute for writes.
What is browserprotect.exe?
The PerformerSoft Browser Manager (Application Manager) program classified mostly as exhibiting adware like actions, is bundled with PerformerSoft products including PC Performer. Browser Manager is designed to protect its bundled programs and make sure they remain installed or unchanged by other thrid party programs. The Browser Manager program was developed by Bit89 (Bit89.com) a know adware maker.
 Details
|
| File name: | browserprotect.exe |
| Publisher: | PerformerSoft LLC |
| Product name: | Application Manager |
| Typical file path: | C:\ProgramData\browserprotect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe |
| Certificate |
| Issued to: | Bit89 Inc. |
| Authority (CA): | GoDaddy.com |
| Effective date: | Tuesday, September 4, 2012 |
| Expiration date: | Friday, September 4, 2015 |
| Windows Service |
| Service name: | FindAmo Manager |
| Display name: | BrowserDefendert |
| Description: | “Your browser protector service” |
| Type: | Win32ShareProcess |
Programs installed in
(Note, the programs listed below are for all versions of Application Manager.)
PerformerSoft BrowserProtect is a third party web browser add-in classified mostly as a potentially unwanted software application that used to be bundled with PerformerSoft products including PC Perfo...
Browser Manager is a third party web browser add-in classified as a potentially unwanted application that used to be bundled with PerformerSoft products including PC Performer. At one point PerformerS...
PerformerSoft/Bit89 BrowserDefender, a variant of the Browser Protector Software is a web browser add-in classified mostly a potentially unwanted application that used to be bundled with PerformerSoft...
PC Performer Manager is bundled with various PC Performer registry optimization products.
bProtector for Windows (also known as BrowserDefender) is a potentially unwanted application that is typically bundled with shareware third party installers. bProtector will prevent various security ...
Behaviors
(Note, the behaviors below are for all versions of browserprotect.exe, select a unique version for details.)
Services
Runs under 'SYSTEM\CurrentControlSet\Services' as a shared service by the Service Host (svchost.exe)
- BrowserDefendert
- 'FindAmo Manager'
- 'BrowserProtect'
Malware detections
Based on 40+ industry antivirus scanners, 126 of them detected the following malware.
| Antivirus engine | Engine version | Detection | File version |
| AhnLab V3 Internet Security |
2013.07.04.01 |
Win-Trojan/Rbot.2550224 |
2,6,1095,52 |
| AhnLab V3 Internet Security |
2013.11.28 |
ASD.Prevention |
2,6,1095,52 |
| Avira AntiVir |
7.11.105.38 |
APPL/BProtector.Gen |
2,6,1339,144 |
| Avira AntiVir |
7.11.105.236 |
APPL/BProtector.A |
2,6,1519,190 |
| Antiy Labs AVL |
2.0.3.7 |
Trojan/Win32.Buzus |
2,6,1095,52 |
| Antiy Labs AVL |
2.0.3.7 |
Trojan/Win32.Patched |
2,6,1095,52 |
| Antiy Labs AVL |
2.0.3.7 |
Trojan/Win32.Patched |
2,6,1125,80 |
| Antiy Labs AVL |
2.0.3.7 |
AdWare/Win32.Bromngr |
2,6,1339,144 |
| avast! |
8.0.1489.320 |
Win32:BProtect-D [Trj] |
2,6,1125,80 |
| avast! |
8.0.1489.320 |
Win32:BProtect-A [PUP] |
2,6,1339,144 |
| avast! |
8.0.1489.320 |
Win32:BProtect-A [PUP] |
2,6,1519,190 |
| avast! |
8.0.1489.320 |
Win32:BProtect-A [PUP] |
2,6,1095,52 |
| AVG |
13.0.0.3169 |
Generic5.AFSW |
2,6,1339,144 |
| AVG |
13.0.0.3169 |
Generic5.AGPG |
2,6,1519,190 |
| AVG |
13.0.0.3169 |
Dropper.Generic8.CNLI |
2,6,1095,52 |
| AVG |
13.0.0.3169 |
Bprotect.E |
2,6,1125,80 |
| Baidu Antivirus |
3.5.1.41473 |
Adware.Win32.bProtector.45 |
2,6,1125,80 |
| BitDefender |
7.2 |
Application.BProtector.A |
2,6,1339,144 |
| BitDefender |
7.2 |
Adware.BHO.BProtector.C |
2,6,1519,190 |
| CAT Quick Heal |
9.13.12.00 |
AdWare.Bromngr.j (Not a Virus) |
2,6,1339,144 |
| Clam AntiVirus |
0.97.3.0 |
Win.Adware.BProtector |
2,6,1095,52 |
| Clam AntiVirus |
0.97.3.0 |
Win.Adware.BProtector |
2,6,1125,80 |
| Comodo Internet Security |
15672 |
UnclassifiedMalware |
2,5,986,67 |
| Comodo Internet Security |
17506 |
Application.Win32.Agent.~BPT |
2,6,1125,80 |
| Comodo Internet Security |
17020 |
Application.Win32.Bprotect.f |
2,6,1339,144 |
| Comodo Internet Security |
17061 |
Application.Win32.Bprotector.~A |
2,6,1519,190 |
| Dr.Web |
8.13.4.17 |
Adware.BGuard.7 |
2,5,986,67 |
| Dr.Web |
8.13.4.17 |
Adware.BGuard.5 |
2,5,1005,80 |
| Dr.Web |
8.13.6.16 |
Adware.BGuard.21 |
2,6,1095,52 |
| Dr.Web |
8.13.7.8 |
Adware.BGuard.23 |
2,6,1040,25 |
| Dr.Web |
8.13.9.28 |
Adware.BGuard.18 |
2,6,1125,80 |
| Dr.Web |
8.13.10.10 |
Adware.BGuard.29 |
2,6,1519,190 |
| Emsisoft Anti-Malware |
3.0.0.589 |
Adware.BHO.BProtector.C (B) |
2,6,1519,190 |
| eSafe |
7.0.17.0 |
Win32.Trojan |
2,6,1095,52 |
| ESET NOD32 |
7.8153 |
a variant of Win32/bProtector.A |
2,5,986,67 |
| ESET NOD32 |
7.8096 |
a variant of Win32/bProtector.A |
2,5,1005,80 |
| ESET NOD32 |
7.8032 |
a variant of Win32/bProtector.A |
2,6,1070,41 |
| ESET NOD32 |
7.8524 |
a variant of Win32/bProtector.A |
2,6,1095,52 |
| ESET NOD32 |
7.8468 |
a variant of Win32/bProtector.A |
2,6,1040,25 |
| ESET NOD32 |
7.9104 |
a variant of Win32/bProtector.A |
2,6,1095,52 |
| ESET NOD32 |
7.9190 |
a variant of Win32/bProtector.A |
2,6,1125,80 |
| ESET NOD32 |
7.8855 |
a variant of Win32/bProtector.A |
2,6,1339,144 |
| ESET NOD32 |
7.8882 |
a variant of Win32/bProtector.A |
2,6,1519,190 |
| Fortinet |
5.1.147.0 |
Adware/Bprotect |
2,6,1339,144 |
| Fortinet |
5.1.147.0 |
Adware/Bprotect |
2,6,1519,190 |
| F-Secure |
11.0.19100.45 |
Application.BProtector.A |
2,6,1339,144 |
| F-Secure |
11.0.19100.45 |
Adware.BHO.BProtector |
2,6,1519,190 |
| F-Secure |
11.0.19100.45 |
Application:W32/BProtector.A |
2,6,1095,52 |
| F-Secure |
11.0.19100.45 |
Application:W32/BProtector.A |
2,6,1125,80 |
| G Data |
13.9.22 |
Win32.Application.BHO.A |
2,6,1125,80 |
| G Data |
13.9.22 |
Application.BProtector.A |
2,6,1339,144 |
| G Data |
13.10.22 |
Adware.BHO.BProtector.C |
2,6,1519,190 |
| G Data |
14.1.22 |
Win32.Application.BHO.A |
2,6,1095,52 |
| Ikarus |
T3.1.4.0.0 |
not-a-virus:AdWare.Win32.SuspectCRC |
2,5,986,67 |
| Jiangmin |
16.0.100 |
AdWare/Bromngr.o |
2,5,986,67 |
| Jiangmin |
16.0.100 |
Backdoor/RBot.afye |
2,6,1070,41 |
| K7 AntiVirus |
9.164.8418 |
Adware |
2,5,986,67 |
| K7 AntiVirus |
9.170.8954 |
Backdoor |
2,6,1095,52 |
| K7 AntiVirus |
9.172.9720 |
Adware |
2,6,1339,144 |
| K7 AntiVirus |
9.174.10644 |
Trojan ( 0048c54b1 ) |
2,6,1125,80 |
| K7GW |
12.7.0.12 |
Backdoor |
2,6,1095,52 |
| K7GW |
12.7.0.14 |
Adware |
2,6,1339,144 |
| K7GW |
9.174.10644 |
Trojan ( 0048c54b1 ) |
2,6,1125,80 |
| Kaspersky |
12.0.0.1221 |
Trojan.Win32.Bromngr.m |
2,6,1125,80 |
| Kaspersky |
9.0.0.837 |
not-a-virus:AdWare.Win32.Bromngr.j |
2,6,1339,144 |
| Kaspersky |
9.0.0.837 |
Trojan.Win32.Bromngr.q |
2,6,1095,52 |
| Kingsoft |
2013.1.8.219 |
Win32.Troj.Agent.hr.(kcloud) |
2,5,1005,80 |
| Kingsoft |
2013.1.8.219 |
Win32.Hack.Rbot.f.(kcloud) |
2,6,1070,41 |
| Malwarebytes |
1.75.0.1 |
PUP.Optional.PerformerSoft.A |
2,6,1339,144 |
| Malwarebytes |
1.75.0.1 |
PUP.Optional.PerformerSoft.A |
2,6,1519,190 |
| McAfee |
5.600.1067 |
Adware-Bprotect.b |
2,6,1125,80 |
| McAfee |
5.600.1067 |
Adware-Bprotect |
2,6,1339,144 |
| McAfee |
5.600.1067 |
Adware-Bprotect.b |
2,6,1519,190 |
| McAfee |
5.600.1067 |
Adware-Bprotect.b |
2,6,1095,52 |
| McAfee Gateway Anti-Malware |
v2013-dat |
Artemis!CA2E0AAA6943 |
2,6,1125,80 |
| McAfee Gateway Anti-Malware |
v2013-dat |
Adware-Bprotect |
2,6,1339,144 |
| McAfee Gateway Anti-Malware |
v2013-dat |
Artemis!BD2D29BAF273 |
2,6,1519,190 |
| McAfee Gateway Anti-Malware |
v2013-dat |
Artemis!FA127AC8BDF6 |
2,6,1095,52 |
| Microsoft Security Essentials |
1.10100.0 |
TrojanDropper:Win32/Rotbrow.A |
2,6,1095,52 |
| Microsoft Security Essentials |
1.10201.0 |
TrojanDropper:Win32/Rotbrow.A |
2,6,1125,80 |
| eScan by MicroWorld |
12.0.250.0 |
Application.BProtector.A |
2,6,1339,144 |
| eScan by MicroWorld |
12.0.250.0 |
Adware.BHO.BProtector.C |
2,6,1519,190 |
| Panda Antivirus |
10.0.3.5 |
Trj/dtcontx.I |
2,6,1125,80 |
| PC Tools |
9.0.0.2 |
Adware.GoonSquad!rem |
2,6,1095,52 |
| PC Tools |
9.0.0.2 |
Adware.GoonSquad!rem |
2,6,1095,52 |
| PC Tools |
9.0.0.2 |
Adware.GoonSquad!rem |
2,6,1339,144 |
| PC Tools |
9.0.0.2 |
Adware.GoonSquad!rem |
2,6,1519,190 |
| Sophos |
4.90.0 |
BProtector |
2,6,1095,52 |
| Sophos |
4.90.0 |
BProtector |
2,6,1040,25 |
| Sophos |
4.95.0 |
BProtector |
2,6,1095,52 |
| Sophos |
4.96.0 |
BProtector |
2,6,1125,80 |
| Sophos |
4.93.0 |
BProtector |
2,6,1339,144 |
| Sophos |
4.93.0 |
BProtector |
2,6,1519,190 |
| Symantec |
20131.1.0.101 |
Adware.GoonSquad |
2,6,1095,52 |
| Symantec |
20131.1.5.61 |
Adware.GoonSquad |
2,6,1095,52 |
| Symantec |
20131.1.5.61 |
Adware.GoonSquad |
2,6,1125,80 |
| Symantec |
20131.1.5.61 |
Adware.GoonSquad |
2,6,1339,144 |
| Symantec |
20131.1.5.61 |
Adware.GoonSquad |
2,6,1519,190 |
| The Hacker |
None |
Adware/BrowserManager |
2,6,1095,52 |
| Trend Micro |
9.740.0.1012 |
ADW_BPROTECT |
2,5,986,67 |
| Trend Micro |
9.740.0.1012 |
ADW_GOONSEARCH |
2,6,1040,25 |
| Trend Micro |
9.740.0.1012 |
ADW_BPROTECT |
2,6,1095,52 |
| Trend Micro |
9.740.0.1012 |
ADW_BPROTECT |
2,6,1125,80 |
| Trend Micro |
9.740.0.1012 |
ADW_GOONSQUAD |
2,6,1339,144 |
| Trend Micro |
9.740.0.1012 |
ADW_BPROTECT |
2,6,1519,190 |
| Trend Micro HouseCall |
9.700.0.1001 |
ADW_BPROTECT |
2,5,986,67 |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.RCBH1AC |
2,6,1070,41 |
| Trend Micro HouseCall |
9.700.0.1001 |
ADW_GOONSEARCH |
2,6,1040,25 |
| Trend Micro HouseCall |
9.700.0.1001 |
ADW_BPROTECT |
2,6,1095,52 |
| Trend Micro HouseCall |
9.700.0.1001 |
ADW_BPROTECT |
2,6,1125,80 |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.R0CBH05HT13 |
2,6,1339,144 |
| Trend Micro HouseCall |
9.700.0.1001 |
ADW_BPROTECT |
2,6,1519,190 |
| Vba32 AntiVirus |
3.12.20.2 |
AdWare.Bromngr.b |
2,5,986,67 |
| Vba32 AntiVirus |
3.12.22.2 |
Backdoor.Rbot |
2,6,1095,52 |
| Vba32 AntiVirus |
3.12.24.3 |
AdWare.Bromngr |
2,6,1339,144 |
| VIPRE Antivirus |
16242 |
Bprotector (fs) |
2,5,986,67 |
| VIPRE Antivirus |
15928 |
Bprotector (fs) |
2,5,1005,80 |
| VIPRE Antivirus |
15660 |
Bprotector (fs) |
2,6,1070,41 |
| VIPRE Antivirus |
19278 |
Bprotector (fs) |
2,6,1095,52 |
| VIPRE Antivirus |
18876 |
Bprotector (fs) |
2,6,1040,25 |
| VIPRE Antivirus |
23792 |
Bprotector (fs) |
2,6,1095,52 |
| VIPRE Antivirus |
24798 |
Bprotector (fs) |
2,6,1125,80 |
| VIPRE Antivirus |
21938 |
Adware.GoonSquad |
2,6,1339,144 |
| VIPRE Antivirus |
22134 |
Bprotector (fs) |
2,6,1519,190 |
| ViRobot |
2011.4.7.4223 |
Backdoor.Win32.A.Rbot.2550224.A |
2,6,1095,52 |
| ViRobot |
2011.4.7.4223 |
Adware.Agent.2847696 |
2,6,1519,190 |
All file variations of browserprotect.exe
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
27.27% |
|
| Windows 7 Ultimate |
14.29% |
|
| Microsoft Windows XP |
14.29% |
|
| Windows 8 Pro |
11.69% |
|
| Windows Vista Home Premium |
10.39% |
|
| Windows 8 |
7.79% |
|
| Windows 7 Professional |
5.19% |
|
| Windows 7 Starter |
3.90% |
|
| Windows 8 Pro with Media Center |
3.90% |
|
| Windows 8 Single Language |
1.30% |
|
Distribution by country
United States installs about 28.57% of Application Manager.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Hewlett-Packard |
26.67% |
|
| Acer |
25.00% |
|
| Sony |
13.33% |
|
| Toshiba |
13.33% |
|
| Dell |
10.00% |
|
| GIGABYTE |
5.00% |
|
| Intel |
3.33% |
|
| ASUS |
3.33% |
|
