Should I block it?

98%
Yes, 98% block recommendation.
Possible reasons:
Multiple malware detections
Performance resource utilization

VersionsAdditional versions

2,6,1519,190 6.49%
2,6,1339,144 20.78%
2,6,1125,80 1.30%
2,6,1095,52 28.57%
2,6,1095,52 14.29%
2,6,1070,41 5.19%
2,6,1040,25 9.09%
2,5,1005,80 5.19%
2,5,986,67 9.09%

Relationships

Parent process
Related files

PE structurePE file structure
Show functions
Import table
advapi32.dll
RegisterEventSourceA, GetLengthSid, ConvertSidToStringSidW, ControlService, StartServiceW, ChangeServiceConfig2W, CreateServiceW, RegEnumValueW, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegQueryInfoKeyW, RegEnumKeyExW, StartServiceCtrlDispatcherW, RegisterServiceCtrlHandlerW, GetTokenInformation, DuplicateTokenEx, CreateProcessAsUserW, OpenSCManagerW, OpenServiceW, QueryServiceConfigW, ChangeServiceConfigW, CloseServiceHandle, SetServiceStatus, RegEnumKeyW, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, ConvertStringSecurityDescriptorToSecurityDescriptorA, GetSecurityDescriptorSacl, SetSecurityDescriptorSacl, RegSetValueExW, RegQueryValueExW, RegCloseKey, RegCreateKeyExW, RegOpenKeyExW, IsValidSid, DeregisterEventSource, InitializeAcl, ReportEventA, AddAce, OpenThreadToken, OpenProcessToken, GetSecurityInfo, GetAclInformation, GetAce, DeleteAce, SetSecurityInfo, RegDeleteKeyW, RegDeleteValueW, DeleteService
gdi32.dll
CreateDIBSection, CreateFontIndirectW, GetObjectW, DeleteObject, SelectObject, SetBkMode, SetTextColor, Rectangle, CreatePen, DeleteDC, RoundRect, CreateSolidBrush, CreatePatternBrush, CreateCompatibleDC, CreateCompatibleBitmap, BitBlt
kernel32.dll
DllMain
ole32.dll
StringFromGUID2, CoInitializeEx, CoInitializeSecurity, CoInitialize, CoUninitialize, CoCreateInstance, CoSetProxyBlanket
rpcrt4.dll
UuidFromStringA
shell32.dll
SHFileOperationW, CommandLineToArgvW, SHGetSpecialFolderPathW
shlwapi.dll
PathFileExistsW, PathAddExtensionW, PathAppendW, PathFindExtensionW, PathRemoveExtensionW, PathStripPathW, StrCpyW, PathFindFileNameW, PathIsDirectoryW, PathRemoveFileSpecW, SHGetValueW, StrCmpNIW, PathIsRootW, PathRenameExtensionW, PathRemoveFileSpecA, PathStripToRootW, StrCmpW
user32.dll
EndPaint, BeginPaint, GetClientRect, GetWindowTextLengthW, GetWindowTextW, DrawTextW, GetSystemMetrics, LoadImageW, GetCursorPos, TrackMouseEvent, GetClassInfoExW, LoadCursorW, InvalidateRect, FindWindowW, DestroyWindow, RegisterClassExW, CreateWindowExW, GetUserObjectInformationW, GetProcessWindowStation, GetDesktopWindow, MessageBoxA, MessageBoxW, SetFocus, SetWindowPos, MapWindowPoints, GetMonitorInfoW, MonitorFromWindow, GetWindow, UnregisterClassA, GetTopWindow, ChildWindowFromPoint, KillTimer, ScreenToClient, ShowWindow, GetParent, GetSysColorBrush, GetSysColor, GetWindowRect, MoveWindow, EndDialog, GetDlgItem, GetDC, ReleaseDC, FillRect, SetLayeredWindowAttributes, LoadStringA, SendMessageW, SetWindowTextW, SetTimer, PeekMessageW, GetMessageW, TranslateMessage, DispatchMessageW, SystemParametersInfoW, GetActiveWindow, DialogBoxParamW, CallWindowProcW, GetWindowLongW, DefWindowProcW, SetWindowsHookExW, UnhookWindowsHookEx, SetWindowLongW, IsWindow
userenv.dll
CreateEnvironmentBlock
uxtheme.dll
DrawThemeBackground, IsThemeBackgroundPartiallyTransparent, OpenThemeData, CloseThemeData, DrawThemeParentBackground
version.dll
GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW
winhttp.dll
WinHttpReceiveResponse, WinHttpAddRequestHeaders, WinHttpQueryDataAvailable, WinHttpReadData, WinHttpConnect, WinHttpSetStatusCallback, WinHttpOpenRequest, WinHttpGetIEProxyConfigForCurrentUser, WinHttpGetProxyForUrl, WinHttpCloseHandle, WinHttpOpen, WinHttpSendRequest, WinHttpQueryHeaders, WinHttpSetOption
wtsapi32.dll
WTSQueryUserToken

browserprotect.exe

Application Manager by Bit89 Inc. (Signed)

Remove browserprotect.exe
Version:   2,5,1005,80
MD5:   4c260de6b554a670546578426bb0c604
SHA1:   a0d7e0a1ce9505ebe71d3050e781ab54b8a06e1b
SHA256:   845d94f1f74028534dea212ed4f93300368a7391c9b79628a8890fe2cc5228cf
Warning 4 antivirus scanners has detected malware.

What is browserprotect.exe?

The PerformerSoft Browser Manager (Application Manager) program classified mostly as exhibiting adware like actions, is bundled with PerformerSoft products including PC Performer. Browser Manager is designed to protect its bundled programs and make sure they remain installed or unchanged by other thrid party programs. The Browser Manager program was developed by Bit89 (Bit89.com) a know adware maker.

Overview

browserprotect.exe is malware that runs as a service under the name BrowserDefendert (FindAmo Manager) within the local user context as a shared service. This is typically installed with the program BrowserProtect published by Bit89 Inc and is most likely removed by most users once installed (88% removed). The file is digitally signed by Bit89 Inc. which was issued by the GoDaddy.com certificate authority (CA).

DetailsDetails

File name:browserprotect.exe
Publisher:PerformerSoft LLC
Product name:Application Manager
Typical file path:C:\ProgramData\browserprotect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe
File version:2,5,1005,80
Size:2.36 MB (2,469,992 bytes)
Certificate
Issued to:Bit89 Inc.
Authority (CA):GoDaddy.com
Effective date:Tuesday, September 4, 2012
Expiration date:Friday, September 4, 2015
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following program will install this file
BrowserProtect
 Bit89 Inc
  88% remove
PerformerSoft BrowserProtect is a third party web browser add-in classified mostly as a potentially unwanted software application that used to be bundled with PerformerSoft products including PC Performer. The maker of this program is a known adware/malware distributor, so caution should be taken. The PerformerSoft BrowserProtect (Browser Manager) program classified mostly as exhibiting adware like actions, is bundled with PerformerSoft...

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' as a shared service by the Service Host (svchost.exe)
  • BrowserDefendert
  • 'FindAmo Manager'
  • 'BrowserProtect'

MalwareMalware detections

Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
Antivirus engineEngine versionDetection
Dr.Web 8.13.4.17 Adware.BGuard.5
ESET NOD32 7.8096 a variant of Win32/bProtector.A
Kingsoft 2013.1.8.219 Win32.Troj.Agent.hr.(kcloud)
VIPRE Antivirus 15928 Bprotector (fs)

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00399948%
0.028634%
Kernel CPU:0.00155870%
0.013761%
User CPU:0.00244078%
0.014873%
Kernel CPU time:72,111 ms/min
100,923,805ms/min
CPU cycles:17,109,817/sec
17,470,203/sec
Memory
Private memory:2.78 MB
21.59 MB
Private (maximum):6.67 MB
Private (minimum):2.65 MB
Non-paged memory:2.78 MB
21.59 MB
Virtual memory:171.82 MB
140.96 MB
Virtual memory (peak):194.01 MB
169.69 MB
Working set:3.3 MB
18.61 MB
Working set (peak):6.84 MB
37.95 MB
Page faults:10,854,279/min
2,039/min
I/O
I/O read transfer:6.55 KB/sec
1.02 MB/min
I/O read operations:1/sec
343/min
I/O write transfer:2.26 KB/sec
274.99 KB/min
I/O write operations:1/sec
227/min
I/O other transfer:224 Bytes/sec
448.09 KB/min
I/O other operations:8/sec
1,671/min
Resource allocations
Threads:13
12
Handles:237
600
GUI GDI count:10
103
GUI GDI peak:12
142
GUI USER count:10
49
GUI USER peak:10
71

BehaviorsProcess properties

Integrety level:High
Platform:32-bit
Command lines:
  • "C:\ProgramData\browserprotect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe" /protect
  • C:\ProgramData\browserprotect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe
Owner:User
Windows Service
Service name:FindAmo Manager
Display name:BrowserDefendert
Description:“Your browser protector service”
Type:Win32ShareProcess
Parent processes:

ResourcesThreads

Averages
 
BrowserProtect.exe (main module)
Total CPU:0.37414192%
0.272967%
Kernel CPU:0.35420018%
0.107585%
User CPU:0.01994174%
0.165382%
CPU cycles:11,573,438/sec
5,741,424/sec
Context switches:6/sec
79/sec
Memory:2.42 MB
1.16 MB
ntdll.dll
Total CPU:0.00929908%
Kernel CPU:0.00929908%
User CPU:0.00000000%
CPU cycles:300,365/sec
Memory:1.23 MB
BrowserProtect.dll (Application Manager by PerformerSoft LLC)
Total CPU:0.00253860%
Kernel CPU:0.00013299%
User CPU:0.00240561%
CPU cycles:68,287/sec
Memory:2.15 MB
sechost.dll
Total CPU:0.00018551%
Kernel CPU:0.00018551%
User CPU:0.00000000%
CPU cycles:32,530/sec
Context switches:1/sec
Memory:100 KB

Common loaded modules

These are modules that are typiclaly loaded within the context of this process.

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 27.27%
Windows 7 Ultimate 14.29%
Microsoft Windows XP 14.29%
Windows 8 Pro 11.69%
Windows Vista Home Premium 10.39%
Windows 8 7.79%
Windows 7 Professional 5.19%
Windows 7 Starter 3.90%
Windows 8 Pro with Media Center 3.90%
Windows 8 Single Language 1.30%

Distribution by countryDistribution by country

United States installs about 28.57% of Application Manager.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Hewlett-Packard 26.67%
Acer 25.00%
Sony 13.33%
Toshiba 13.33%
Dell 10.00%
GIGABYTE 5.00%
Intel 3.33%
ASUS 3.33%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE