Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

2,6,1519,190 6.49%
2,6,1339,144 20.78%
2,6,1125,80 1.30%
2,6,1095,52 28.57%
2,6,1095,52 14.29%
2,6,1070,41 5.19%
2,6,1040,25 9.09%
2,5,1005,80 5.19%
2,5,986,67 9.09%

Relationships

Parent process
Related files

PE structurePE file structure

Show functions
Import table
advapi32.dll
RegisterEventSourceA, GetLengthSid, ConvertSidToStringSidW, ControlService, StartServiceW, ChangeServiceConfig2W, CreateServiceW, RegEnumValueW, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegQueryInfoKeyW, RegEnumKeyExW, StartServiceCtrlDispatcherW, RegisterServiceCtrlHandlerW, GetTokenInformation, DuplicateTokenEx, CreateProcessAsUserW, OpenSCManagerW, OpenServiceW, QueryServiceConfigW, ChangeServiceConfigW, CloseServiceHandle, SetServiceStatus, RegEnumKeyW, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, ConvertStringSecurityDescriptorToSecurityDescriptorA, GetSecurityDescriptorSacl, SetSecurityDescriptorSacl, RegSetValueExW, RegQueryValueExW, RegCloseKey, RegCreateKeyExW, RegOpenKeyExW, IsValidSid, DeregisterEventSource, InitializeAcl, ReportEventA, AddAce, OpenThreadToken, OpenProcessToken, GetSecurityInfo, GetAclInformation, GetAce, DeleteAce, SetSecurityInfo, RegDeleteKeyW, RegDeleteValueW, DeleteService
gdi32.dll
CreateDIBSection, CreateFontIndirectW, GetObjectW, DeleteObject, SelectObject, SetBkMode, SetTextColor, Rectangle, CreatePen, DeleteDC, RoundRect, CreateSolidBrush, CreatePatternBrush, CreateCompatibleDC, CreateCompatibleBitmap, BitBlt
kernel32.dll
DllMain
ole32.dll
StringFromGUID2, CoInitializeEx, CoInitializeSecurity, CoInitialize, CoUninitialize, CoCreateInstance, CoSetProxyBlanket
rpcrt4.dll
UuidFromStringA
shell32.dll
SHFileOperationW, CommandLineToArgvW, SHGetSpecialFolderPathW
shlwapi.dll
PathFileExistsW, PathAddExtensionW, PathAppendW, PathFindExtensionW, PathRemoveExtensionW, PathStripPathW, StrCpyW, PathFindFileNameW, PathIsDirectoryW, PathRemoveFileSpecW, SHGetValueW, StrCmpNIW, PathIsRootW, PathRenameExtensionW, PathRemoveFileSpecA, PathStripToRootW, StrCmpW
user32.dll
EndPaint, BeginPaint, GetClientRect, GetWindowTextLengthW, GetWindowTextW, DrawTextW, GetSystemMetrics, LoadImageW, GetCursorPos, TrackMouseEvent, GetClassInfoExW, LoadCursorW, InvalidateRect, FindWindowW, DestroyWindow, RegisterClassExW, CreateWindowExW, GetUserObjectInformationW, GetProcessWindowStation, GetDesktopWindow, MessageBoxA, MessageBoxW, SetFocus, SetWindowPos, MapWindowPoints, GetMonitorInfoW, MonitorFromWindow, GetWindow, UnregisterClassA, GetTopWindow, ChildWindowFromPoint, KillTimer, ScreenToClient, ShowWindow, GetParent, GetSysColorBrush, GetSysColor, GetWindowRect, MoveWindow, EndDialog, GetDlgItem, GetDC, ReleaseDC, FillRect, SetLayeredWindowAttributes, LoadStringA, SendMessageW, SetWindowTextW, SetTimer, PeekMessageW, GetMessageW, TranslateMessage, DispatchMessageW, SystemParametersInfoW, GetActiveWindow, DialogBoxParamW, CallWindowProcW, GetWindowLongW, DefWindowProcW, SetWindowsHookExW, UnhookWindowsHookEx, SetWindowLongW, IsWindow
userenv.dll
CreateEnvironmentBlock
uxtheme.dll
DrawThemeBackground, IsThemeBackgroundPartiallyTransparent, OpenThemeData, CloseThemeData, DrawThemeParentBackground
version.dll
GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW
winhttp.dll
WinHttpReceiveResponse, WinHttpAddRequestHeaders, WinHttpQueryDataAvailable, WinHttpReadData, WinHttpConnect, WinHttpSetStatusCallback, WinHttpOpenRequest, WinHttpGetIEProxyConfigForCurrentUser, WinHttpGetProxyForUrl, WinHttpCloseHandle, WinHttpOpen, WinHttpSendRequest, WinHttpQueryHeaders, WinHttpSetOption
wtsapi32.dll
WTSQueryUserToken

browserprotect.exe

Application Manager by Bit89 Inc. (Signed)

Remove browserprotect.exe
Version:   2,5,986,67
MD5:   3b2ddfabcc929174cd7212d11cef0e0e
SHA1:   fc3424fd3c8194949848d456078f56a4930e08cc
SHA256:   b8f08852c16b3f14845e364e7cd48ed955444afa9e3c58918e83283a9c91fd83
Warning 10 antivirus scanners has detected malware.

What is browserprotect.exe?

The PerformerSoft Browser Manager (Application Manager) program classified mostly as exhibiting adware like actions, is bundled with PerformerSoft products including PC Performer. Browser Manager is designed to protect its bundled programs and make sure they remain installed or unchanged by other thrid party programs. The Browser Manager program was developed by Bit89 (Bit89.com) a know adware maker.

Overview

browserprotect.exe is malware that runs as a service under the name BrowserDefendert (FindAmo Manager) with extensive SYSTEM privileges (full administrator access) as a shared service. This is typically installed with the program BrowserProtect published by Bit89 Inc and is most likely removed by most users once installed (88% removed). The file is digitally signed by Bit89 Inc. which was issued by the GoDaddy.com certificate authority (CA).

DetailsDetails

File name:browserprotect.exe
Publisher:PerformerSoft LLC
Product name:Application Manager
Typical file path:C:\ProgramData\browserprotect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe
File version:2,5,986,67
Size:2.33 MB (2,443,800 bytes)
Certificate
Issued to:Bit89 Inc.
Authority (CA):GoDaddy.com
Effective date:Tuesday, September 4, 2012
Expiration date:Friday, September 4, 2015
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
Bit89 Inc
  88% remove
PerformerSoft BrowserProtect is a third party web browser add-in classified mostly as a potentially unwanted software application that used to be bundled with PerformerSoft products including PC Performer. The maker of this program is a known adware/malware distributor, so caution should be taken. The PerformerSoft BrowserProtect (Browser Manager) program classified mostly as exhibiting adware like actions, is bundled with PerformerSoft...

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' as a shared service by the Service Host (svchost.exe)
  • BrowserDefendert
  • 'FindAmo Manager'
  • 'BrowserProtect'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 10 of them detected the following malware.
Antivirus engineEngine versionDetection
Comodo Internet Security 15672 UnclassifiedMalware
Dr.Web 8.13.4.17 Adware.BGuard.7
ESET NOD32 7.8153 a variant of Win32/bProtector.A
Ikarus T3.1.4.0.0 not-a-virus:AdWare.Win32.SuspectCRC
Jiangmin 16.0.100 AdWare/Bromngr.o
K7 AntiVirus 9.164.8418 Adware
Trend Micro 9.740.0.1012 ADW_BPROTECT
Trend Micro HouseCall 9.700.0.1001 ADW_BPROTECT
Vba32 AntiVirus 3.12.20.2 AdWare.Bromngr.b
VIPRE Antivirus 16242 Bprotector (fs)

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00016626%
0.028634%
Kernel CPU:0.00009147%
0.013761%
User CPU:0.00007479%
0.014873%
Kernel CPU time:22,487,965 ms/min
100,923,805ms/min
CPU cycles:6,441,445/sec
17,470,203/sec
Context switches:25/sec
284/sec
Memory
Private memory:3.43 MB
21.59 MB
Private (maximum):8.18 MB
Private (minimum):4.69 MB
Non-paged memory:3.43 MB
21.59 MB
Virtual memory:187.92 MB
140.96 MB
Virtual memory (peak):248.33 MB
169.69 MB
Working set:4.87 MB
18.61 MB
Working set (peak):8.4 MB
37.95 MB
Page faults:73,894,200/min
2,039/min
I/O
I/O read transfer:28 Bytes/sec
1.02 MB/min
I/O read operations:1/sec
343/min
I/O write transfer:3 Bytes/sec
274.99 KB/min
I/O write operations:1/sec
227/min
I/O other transfer:298 Bytes/sec
448.09 KB/min
I/O other operations:4/sec
1,671/min
Resource allocations
Threads:14
12
Handles:268
600
GUI GDI count:7
103
GUI GDI peak:9
142
GUI USER count:9
49
GUI USER peak:10
71

BehaviorsProcess properties

Integrety level:System
Platform:32-bit
Command lines:
  • C:\ProgramData\browserprotect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe
  • "C:\ProgramData\browserprotect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe" /protect
Owner:SYSTEM
Windows Service
Service name:FindAmo Manager
Display name:BrowserDefendert
Description:“Your browser protector service”
Type:Win32ShareProcess
Parent processes:

ResourcesThreads

Averages
 
BrowserProtect.exe (main module)
Total CPU:0.24249101%
0.272967%
Kernel CPU:0.22249219%
0.107585%
User CPU:0.01999882%
0.165382%
CPU cycles:4,531,385/sec
5,741,424/sec
Context switches:1/sec
79/sec
Memory:2.39 MB
1.16 MB
wow64.dll
Total CPU:0.00046265%
Kernel CPU:0.00018506%
User CPU:0.00027759%
CPU cycles:18,771/sec
Memory:252 KB
BrowserProtect.dll (Application Manager by PerformerSoft LLC)
Total CPU:0.00002495%
Kernel CPU:0.00002495%
User CPU:0.00000000%
CPU cycles:524/sec
Memory:2.15 MB
sechost.dll
Total CPU:0.00000624%
Kernel CPU:0.00000000%
User CPU:0.00000624%
CPU cycles:14,566/sec
Memory:100 KB

Common loaded modules

These are modules that are typiclaly loaded within the context of this process.

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 27.27%
Windows 7 Ultimate 14.29%
Microsoft Windows XP 14.29%
Windows 8 Pro 11.69%
Windows Vista Home Premium 10.39%
Windows 8 7.79%
Windows 7 Professional 5.19%
Windows 7 Starter 3.90%
Windows 8 Pro with Media Center 3.90%
Windows 8 Single Language 1.30%

Distribution by countryDistribution by country

United States installs about 28.57% of Application Manager.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Hewlett-Packard 26.67%
Acer 25.00%
Sony 13.33%
Toshiba 13.33%
Dell 10.00%
GIGABYTE 5.00%
Intel 3.33%
ASUS 3.33%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE