home

browserprotect-18.0.dll

Application Manager Extension

Bit89 Inc.

This is part of a Performersoft product, a 'PC optimzation' application that provides minimal benifits and may have been bundled by a third party installer. The module browserprotect-18.0.dll by Bit89 has been detected as adware by 27 anti-malware scanners. This web browser add-on will claim to protect the web browser but will instead hijack it by modifying the home and search pages.
Publisher:
PerformerSoft LLC  (signed by Bit89 Inc.)

Product:
Application Manager Extension

Version:
2,5,1005,80

MD5:
df5df53ed02eb1d974eda171c522890c

SHA-1:
2928b07c3c49587bf58504b73614bfc94098fe25

SHA-256:
c4ecbaec270120aa8b27e4c2ecd8c52fa2251501397919db19da8b8dbbb9a6bf

Scanner detections:
27 / 68

Status:
Adware

Explanation:
This service will prevent resources from modifying the web browser's home and search pages as well as the search provider set by the product, an affiliate search engine partner.

Analysis date:
4/25/2024 10:56:38 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Adware.BHO.Bprotector.1
527

AhnLab V3 Security
Trojan/Win32.Rotbrow
2014.01.08

Avira AntiVirus
APPL/BProtector.Gen
7.11.117.146

avast!
Win32:BProtect-A [PUP]
2014.9-150826

AVG
AdPlugin.O
2016.0.3005

Bitdefender
Gen:Variant.Adware.BHO.Bprotector.1
1.0.20.1190

Bkav FE
W32.Clodd61.Trojan
1.3.0.4613

Clam AntiVirus
Win.Adware.BProtector
0.98/18155

Comodo Security
ApplicUnwnt
17378

Dr.Web
Adware.BGuard.6
9.0.1.0238

Emsisoft Anti-Malware
Gen:Variant.Adware.BHO.Bprotector
8.15.08.26.05

ESET NOD32
Win32/bProtector (variant)
9.9124

Fortinet FortiGate
Adware/Fam.NB
8/26/2015

F-Secure
Application:W32/BProtector.A
11.2015-26-08_4

G Data
Gen:Variant.Adware.BHO.Bprotector
15.8.22

IKARUS anti.virus
Win32.SuspectCrc
t3scan.2.2.29

K7 AntiVirus
Unwanted-Program
13.175.10766

Malwarebytes
PUP.Optional.BProtector
v2015.08.26.05

McAfee
Adware-Bprotect.a
5600.6661

Microsoft Security Essentials
TrojanDropper:Win32/Rotbrow.A
1.163.1557.0

MicroWorld eScan
Gen:Variant.Adware.BHO.Bprotector.1
16.0.0.714

Quick Heal
TrojanDropper.Rotbrow.r6
8.15.14.00

Reason Heuristics
PUP.Performersoft.Bit89 (M)
15.8.26.17

Sophos
BProtector
4.95

Trend Micro House Call
TROJ_GEN.F47V0510
7.2.238

Trend Micro
TROJ_FRS.0NA000JT13
10.465.26

VIPRE Antivirus
Bprotector
23968

File size:
593 KB (607,184 bytes)

Product version:
2,5,1005,80

Copyright:
Copyright 2012

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\ProgramData\application data\browserprotect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\firefoxextension\components\browserprotect-18.0.dll

Digital Signature
Signed by:
Bit89 Inc.

Authority:
GoDaddy.com, Inc.

Valid from:
9/4/2012 5:00:34 PM

Valid to:
9/4/2015 5:00:34 PM

Subject:
CN=Bit89 Inc., O=Bit89 Inc., L=Beaverton, S=OR, C=US

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
4F179649BA374C

File PE Metadata
Compilation timestamp:
1/10/2013 8:47:03 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
12288:H7caty92VWkFPhEWX0xSfwZ0QIRx5Mn6P0w56mYnZc9z5PZ1jtY9TaJZh2MmNxfE:H75tLFZg4Rx5g6P0w56md931j69TaJ2i

Entry address:
0x49F2B

Entry point:
8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 41, C1, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, 83, 3D, 14, 43, 09, 10, 00, 74, 2D, 55, 8B, EC, 83, EC, 08, 83, E4, F8, DD, 1C, 24, F2, 0F, 2C, 04, 24, C9, C3, 83, 3D, 14, 43, 09, 10, 00, 74, 11, 83, EC, 04, D9, 3C, 24, 58, 66, 83, E0, 7F, 66, 83, F8, 7F, 74, D3, 55, 8B, EC, 83, EC, 20, 83, E4, F0, D9, C0, D9, 54, 24, 18, DF, 7C, 24, 10, DF, 6C, 24, 10, 8B, 54, 24, 18, 8B, 44, 24, 10, 85, C0, 74, 3C, DE, E9...
 
[+]

Entropy:
6.6064

Code size:
422 KB (432,128 bytes)

Remove browserprotect-18.0.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.