home

~~browsermngr.dll

Application Manager

ForwardTech Inc

This is part of a Performersoft product, a 'PC optimzation' application that provides minimal benifits and may have been bundled by a third party installer. The module ~~browsermngr.dll by ForwardTech Inc has been detected as adware by 24 anti-malware scanners. Also know as BrowserDefender, this bundled service will prevent various web browser toolbars and extensions from running as well as block changes to the search page and provider.
Publisher:
PerformerSoft LLC  (signed by ForwardTech Inc)

Product:
Application Manager

Description:
Protector

Version:
2,3,759,138

MD5:
43e7fdf014b9155f676b24e52224a1c5

SHA-1:
2aa59b5652e0e4302b402e9957b959270cee9223

SHA-256:
bb402d2c7dc6a89a6a90fa6b9170e3f45c1817e1490d26aa0ac855ae5091a2f7

Scanner detections:
24 / 68

Status:
Adware

Explanation:
This service will prevent resources from modifying the web browser's home and search pages as well as the search provider set by the product, an affiliate search engine partner.

Analysis date:
4/24/2024 12:57:25 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.BHO.Bprotector.1
858

Agnitum Outpost
Trojan.DR.Rotbrow
7.1.1

AhnLab V3 Security
Trojan/Win32.Rotbrow
2014.03.11

Avira AntiVirus
TR/BProtector.Gen
7.11.136.64

AVG
Generic5
2015.0.3336

Baidu Antivirus
Trojan.Win32.Bromngr
4.0.3.14911

Bitdefender
Gen:Variant.Adware.BHO.Bprotector.1
1.0.20.1270

Bkav FE
W32.Clod65c.Trojan
1.3.0.4959

Clam AntiVirus
Win.Adware.BProtector
0.98/18355

Comodo Security
Application.Win32.bProtector.KA
17912

Emsisoft Anti-Malware
Gen:Variant.Adware.BHO.Bprotector
8.14.09.11.12

ESET NOD32
Win32/bProtector (variant)
8.9526

F-Secure
Gen:Variant.Adware.BHO.Bprotector.1
11.2014-11-09_5

G Data
Gen:Variant.Adware.BHO.Bprotector
14.9.24

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.2.29

Kaspersky
Trojan.Win32.Bromngr
14.0.0.3270

McAfee
Artemis!DB1DDC690D33
5600.6992

Microsoft Security Essentials
TrojanDropper:Win32/Rotbrow.B
1.10302

MicroWorld eScan
Gen:Variant.Adware.BHO.Bprotector.1
15.0.0.762

nProtect
Trojan-Clicker/W32.Agent.2106392
14.03.11.01

Reason Heuristics
PUP.ForwardTech.N
14.9.11.0

Sophos
BProtector
4.98

Vba32 AntiVirus
AdWare.Bromngr
3.12.24.3

VIPRE Antivirus
Bprotector
27280

File size:
2 MB (2,105,376 bytes)

Product version:
2,3,759,138

Copyright:
Copyright 2012

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\ProgramData\~browser manager\~2.3.759.138\~{61d8b74e-8d89-46ff-afa6-33382c54ac73}\~~browsermngr.dll

Digital Signature
Signed by:
ForwardTech Inc

Authority:
GoDaddy.com, Inc.

Valid from:
9/11/2012 9:46:30 PM

Valid to:
9/11/2015 9:46:30 PM

Subject:
CN=ForwardTech Inc, O=ForwardTech Inc, L=Beaverton, S=OR, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
07BCB9E09D11D2

File PE Metadata
Compilation timestamp:
9/28/2012 7:26:42 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:93XpJyLutG0fGVdDoVzdrxDsQhoahpeTwJPN030hNBlyU:hXpJJwdDoVzdrxDsQXL

Entry address:
0x123CA0

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 44, FA, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, 8B, FF, 55, 8B, EC, 83, EC, 14, 53, 33, DB, 56, 8B, 75, 08, 89, 5D, F8, 89, 5D, F4, 89, 5D, FC, 3B, F3, 75, 1E, E8, FA, 18, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, 9D, E6, FF, FF, 83, C4, 14, 8B, C6, E9, 3B, 02, 00, 00, 57, 6A, 24, 68, FF, 00, 00, 00, 56, E8, F5, EB, FF, FF, 8B, 7D, 0C, 83, C4, 0C, 3B, FB, 75, 19, E8, C4, 18, 00, 00, 6A, 16, 5E, 53, 53, 53...
 
[+]

Entropy:
6.6896

Code size:
1.4 MB (1,515,008 bytes)

Remove ~~browsermngr.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.