Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

2,6,1519,190 6.49%
2,6,1339,144 20.78%
2,6,1125,80 1.30%
2,6,1095,52 28.57%
2,6,1095,52 14.29%
2,6,1070,41 5.19%
2,6,1040,25 9.09%
2,5,1005,80 5.19%
2,5,986,67 9.09%

Relationships

Parent process
Child processes
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegisterEventSourceA, GetLengthSid, ConvertSidToStringSidW, ControlService, StartServiceW, ChangeServiceConfig2W, CreateServiceW, RegEnumValueW, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegQueryInfoKeyW, RegEnumKeyExW, StartServiceCtrlDispatcherW, RegisterServiceCtrlHandlerW, GetTokenInformation, DuplicateTokenEx, CreateProcessAsUserW, OpenSCManagerW, OpenServiceW, QueryServiceConfigW, ChangeServiceConfigW, CloseServiceHandle, SetServiceStatus, RegEnumKeyW, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, ConvertStringSecurityDescriptorToSecurityDescriptorA, GetSecurityDescriptorSacl, SetSecurityDescriptorSacl, RegSetValueExW, RegQueryValueExW, RegCloseKey, RegCreateKeyExW, RegOpenKeyExW, IsValidSid, DeregisterEventSource, InitializeAcl, ReportEventA, AddAce, OpenThreadToken, OpenProcessToken, GetSecurityInfo, GetAclInformation, GetAce, DeleteAce, SetSecurityInfo, RegDeleteKeyW, RegDeleteValueW, DeleteService
gdi32.dll
CreateDIBSection, CreateFontIndirectW, GetObjectW, DeleteObject, SelectObject, SetBkMode, SetTextColor, Rectangle, CreatePen, DeleteDC, RoundRect, CreateSolidBrush, CreatePatternBrush, CreateCompatibleDC, CreateCompatibleBitmap, BitBlt
kernel32.dll
DllMain
ole32.dll
StringFromGUID2, CoInitializeEx, CoInitializeSecurity, CoInitialize, CoUninitialize, CoCreateInstance, CoSetProxyBlanket
rpcrt4.dll
UuidFromStringA
shell32.dll
SHFileOperationW, CommandLineToArgvW, SHGetSpecialFolderPathW
shlwapi.dll
PathFileExistsW, PathAddExtensionW, PathAppendW, PathFindExtensionW, PathRemoveExtensionW, PathStripPathW, StrCpyW, PathFindFileNameW, PathIsDirectoryW, PathRemoveFileSpecW, SHGetValueW, StrCmpNIW, PathIsRootW, PathRenameExtensionW, PathRemoveFileSpecA, PathStripToRootW, StrCmpW
user32.dll
EndPaint, BeginPaint, GetClientRect, GetWindowTextLengthW, GetWindowTextW, DrawTextW, GetSystemMetrics, LoadImageW, GetCursorPos, TrackMouseEvent, GetClassInfoExW, LoadCursorW, InvalidateRect, FindWindowW, DestroyWindow, RegisterClassExW, CreateWindowExW, GetUserObjectInformationW, GetProcessWindowStation, GetDesktopWindow, MessageBoxA, MessageBoxW, SetFocus, SetWindowPos, MapWindowPoints, GetMonitorInfoW, MonitorFromWindow, GetWindow, UnregisterClassA, GetTopWindow, ChildWindowFromPoint, KillTimer, ScreenToClient, ShowWindow, GetParent, GetSysColorBrush, GetSysColor, GetWindowRect, MoveWindow, EndDialog, GetDlgItem, GetDC, ReleaseDC, FillRect, SetLayeredWindowAttributes, LoadStringA, SendMessageW, SetWindowTextW, SetTimer, PeekMessageW, GetMessageW, TranslateMessage, DispatchMessageW, SystemParametersInfoW, GetActiveWindow, DialogBoxParamW, CallWindowProcW, GetWindowLongW, DefWindowProcW, SetWindowsHookExW, UnhookWindowsHookEx, SetWindowLongW, IsWindow
userenv.dll
CreateEnvironmentBlock
uxtheme.dll
DrawThemeBackground, IsThemeBackgroundPartiallyTransparent, OpenThemeData, CloseThemeData, DrawThemeParentBackground
version.dll
GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW
winhttp.dll
WinHttpReceiveResponse, WinHttpAddRequestHeaders, WinHttpQueryDataAvailable, WinHttpReadData, WinHttpConnect, WinHttpSetStatusCallback, WinHttpOpenRequest, WinHttpGetIEProxyConfigForCurrentUser, WinHttpGetProxyForUrl, WinHttpCloseHandle, WinHttpOpen, WinHttpSendRequest, WinHttpQueryHeaders, WinHttpSetOption
wtsapi32.dll
WTSQueryUserToken

browserprotect.exe

Application Manager by Bit89 Inc. (Signed)

Remove browserprotect.exe
Version:   2,6,1095,52
MD5:   fa127ac8bdf668903543d29c96b31632
SHA1:   0f04355e37b591ed00e6dd0034208c8130ce8075
SHA256:   0771d4c8ba81d26be6da83fd6a43f954236a3b6e33867ed4fe72d3ee85d4d6de
Warning 19 antivirus scanners has detected malware.

What is browserprotect.exe?

The PerformerSoft Browser Manager (Application Manager) program classified mostly as exhibiting adware like actions, is bundled with PerformerSoft products including PC Performer. Browser Manager is designed to protect its bundled programs and make sure they remain installed or unchanged by other thrid party programs. The Browser Manager program was developed by Bit89 (Bit89.com) a know adware maker.

Overview

browserprotect.exe is malware that runs as a service under the name BrowserDefendert (FindAmo Manager) with extensive SYSTEM privileges (full administrator access) as a shared service. This is typically installed with the program BrowserProtect published by Bit89 Inc and is most likely removed by most users once installed (88% removed). The file is digitally signed by Bit89 Inc. which was issued by the GoDaddy.com certificate authority (CA).

DetailsDetails

File name:browserprotect.exe
Publisher:PerformerSoft LLC
Product name:Application Manager
Typical file path:C:\ProgramData\browserprotect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe
File version:2,6,1095,52
Size:2.44 MB (2,561,488 bytes)
Certificate
Issued to:Bit89 Inc.
Authority (CA):GoDaddy.com
Effective date:Tuesday, September 4, 2012
Expiration date:Friday, September 4, 2015
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
BrowserProtect
 Bit89 Inc
  88% remove
PerformerSoft BrowserProtect is a third party web browser add-in classified mostly as a potentially unwanted software application that used to be bundled with PerformerSoft products including PC Performer. The maker of this program is a known adware/malware distributor, so caution should be taken. The PerformerSoft BrowserProtect (Browser Manager) program classified mostly as exhibiting adware like actions, is bundled with PerformerSoft...

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' as a shared service by the Service Host (svchost.exe)
  • BrowserDefendert
  • 'FindAmo Manager'
  • 'BrowserProtect'
Network connections
  • [TCP] ec2-174-129-23-216.compute-1.amazonaws.com (174.129.23.216:80)

    • MalwareMalware detections

    Based on 40+ industry antivirus scanners, 19 of them detected the following malware.
    Antivirus engineEngine versionDetection
    AhnLab V3 Internet Security 2013.11.28 ASD.Prevention
    Antiy Labs AVL 2.0.3.7 Trojan/Win32.Patched
    avast! 8.0.1489.320 Win32:BProtect-A [PUP]
    AVG 13.0.0.3169 Dropper.Generic8.CNLI
    Clam AntiVirus 0.97.3.0 Win.Adware.BProtector
    eSafe 7.0.17.0 Win32.Trojan
    ESET NOD32 7.9104 a variant of Win32/bProtector.A
    F-Secure 11.0.19100.45 Application:W32/BProtector.A
    G Data 14.1.22 Win32.Application.BHO.A
    Kaspersky 9.0.0.837 Trojan.Win32.Bromngr.q
    McAfee 5.600.1067 Adware-Bprotect.b
    McAfee Gateway Anti-Malware v2013-dat Artemis!FA127AC8BDF6
    Microsoft Security Essentials 1.10100.0 TrojanDropper:Win32/Rotbrow.A
    PC Tools 9.0.0.2 Adware.GoonSquad!rem
    Sophos 4.95.0 BProtector
    Symantec 20131.1.5.61 Adware.GoonSquad
    Trend Micro 9.740.0.1012 ADW_BPROTECT
    Trend Micro HouseCall 9.700.0.1001 ADW_BPROTECT
    VIPRE Antivirus 23792 Bprotector (fs)

    ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00625053%
    0.028634%
    Kernel CPU:0.00365210%
    0.013761%
    User CPU:0.00259843%
    0.014873%
    Kernel CPU time:60,779,116 ms/min
    100,923,805ms/min
    CPU cycles:8,194,027/sec
    17,470,203/sec
    Context switches:16/sec
    284/sec
    Memory
    Private memory:4.6 MB
    21.59 MB
    Private (maximum):7.91 MB
    Private (minimum):6.19 MB
    Non-paged memory:4.6 MB
    21.59 MB
    Virtual memory:170.63 MB
    140.96 MB
    Virtual memory (peak):204.71 MB
    169.69 MB
    Working set:7.16 MB
    18.61 MB
    Working set (peak):8.39 MB
    37.95 MB
    Page faults:30,398,844/min
    2,039/min
    I/O
    I/O read transfer:1.32 KB/sec
    1.02 MB/min
    I/O read operations:1/sec
    343/min
    I/O write transfer:7.62 KB/sec
    274.99 KB/min
    I/O write operations:1/sec
    227/min
    I/O other transfer:33.38 KB/sec
    448.09 KB/min
    I/O other operations:286/sec
    1,671/min
    Resource allocations
    Threads:12
    12
    Handles:269
    600
    GUI GDI count:9
    103
    GUI GDI peak:10
    142
    GUI USER count:4
    49
    GUI USER peak:7
    71

    BehaviorsProcess properties

    Integrety level:High
    Platform:64-bit
    Command lines:
    • C:\ProgramData\browserprotect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe
    • "C:\ProgramData\browserprotect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe" /protect
    • "C:\Documents and Settings\user\Application data\browserprotect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe"
    • "C:\Documents and Settings\user\Application data\browserprotect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe" /protect
    Owner:SYSTEM
    Windows Service
    Service name:FindAmo Manager
    Display name:BrowserDefendert
    Description:“Your browser protector service”
    Type:Win32ShareProcess
    Parent processes:

    ResourcesThreads

    Averages
     
    BrowserProtect.exe (main module)
    Total CPU:0.35841135%
    0.272967%
    Kernel CPU:0.33481557%
    0.107585%
    User CPU:0.02359578%
    0.165382%
    CPU cycles:12,956,494/sec
    5,741,424/sec
    Context switches:3/sec
    79/sec
    Memory:2.52 MB
    1.16 MB
    ntdll.dll
    Total CPU:0.01575687%
    Kernel CPU:0.01575687%
    User CPU:0.00000000%
    CPU cycles:438,420/sec
    Memory:1.23 MB
    BrowserProtect.dll (Application Manager by PerformerSoft LLC)
    Total CPU:0.00056862%
    Kernel CPU:0.00002933%
    User CPU:0.00053929%
    CPU cycles:1,680/sec
    Memory:2.24 MB
    sechost.dll
    Total CPU:0.00002896%
    Kernel CPU:0.00002896%
    User CPU:0.00000000%
    CPU cycles:10,828/sec
    Memory:100 KB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 27.27%
    Windows 7 Ultimate 14.29%
    Microsoft Windows XP 14.29%
    Windows 8 Pro 11.69%
    Windows Vista Home Premium 10.39%
    Windows 8 7.79%
    Windows 7 Professional 5.19%
    Windows 7 Starter 3.90%
    Windows 8 Pro with Media Center 3.90%
    Windows 8 Single Language 1.30%

    Distribution by countryDistribution by country

    United States installs about 28.57% of Application Manager.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Hewlett-Packard 26.67%
    Acer 25.00%
    Sony 13.33%
    Toshiba 13.33%
    Dell 10.00%
    GIGABYTE 5.00%
    Intel 3.33%
    ASUS 3.33%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE