firefox.exe
Firefox by Mozilla Corporation (Signed)
Warning 4 antivirus scanners has detected malware in various versions of firefox.exe.
Overview
There are 116 versions of firefox.exe in the wild, the latest version being 9.0.1. firefox.exe is run as a standard windows process with the logged in user's account privileges. When the program is installed, it will add a shortcut pointer in the Start Menu which will execute the file as a process upon a user login. The average file size is about 894.04 KB. The file is a digitally signed and issued to Mozilla Corporation by Thawte. The programs Mozilla Firefox 15.0.1 (x86 en-US), Mozilla Firefox 17.0 (x86 en-US) and Mozilla Firefox 43.0.1 (x86 en-US) have been observed as installing specific variations of firefox.exe. During the process's lifecycle, the typical CPU resource utilization is less than 0.01%, the average private memory consumption is about 332.62 MB with the maximum memory reaching around 367.32 MB. Addionally, typically read and write I/O disk operations is about 4.83 MB per minute for reads and 12.51 MB per minute for writes.
What is firefox.exe?
Mozilla Firefox is a free and open source web browser developed by the Mozilla Foundation. Firefox uses the Gecko layout engine to render web pages, which implements current and anticipated web standards. Functions can be added through extensions, created by third-party developers. Firefox uses a sandbox security model, and limits scripts from accessing data from other web sites based on the same origin policy
About firefox.exe (from Mozilla Corporation)
“Mozilla Firefox is a fast, full-featured Web browser. Firefox includes pop-up blocking, tab-browsing, integrated Google search, simplified privacy controls, a streamlined browser window that shows you”
 Details
|
| File name: | firefox.exe |
| Publisher: | Mozilla Corporation |
| Product name: | Firefox |
| Typical file path: | C:\Program Files\mozilla firefox\firefox.exe |
| Certificate |
| Issued to: | Mozilla Corporation |
| Authority (CA): | Thawte |
| Effective date: | Monday, September 27, 2010 |
| Expiration date: | Sunday, October 30, 2011 |
Programs installed in
(Note, the programs listed below are for all versions of Firefox.)
ACDSee Pro is an image organizer, viewer, and RAW / image editor programs for Microsoft Windows. ACDSee's main features are speed, lossless RAW/image editing, image batch processing, metadata (Exif/IP...
“FoxyTunes is an Extension for Mozilla Firefox that supports the Mozilla Suite and Mozilla Thunderbird. It allows you to control your favorite media player without leaving the browser. The controls are...”
Safari is a web browser developed by Apple Inc. It is based on the WebKit engine, which is a fork of KDE's KHTML engine. Safari has a number of features. Some are specific to certain operating systems...
Apple's iTunes is a proprietary media player computer program, used for playing and organizing digital music and video files on desktop computers. It can also manage contents on iPod, iPhone and iPad....
µTorrent is a is a free, ad-supported, lighter-weight BitTorrent client designed to consume less resources then the full BitTorrent version. Some uTorrent installs include potentially unwanted applic...
“Easy-PhotoPrint EX allows you to create albums, calendars and stickers easily using photos taken with digital cameras. Easy-PhotoPrint EX supports "Exif Print." Exif Print is a standard for enhancing ...”
“EaseUS Data Recovery Wizard does an amazing job on format recovery, unformat, deleted files recovery or lost data due to partition loss or damage, software crash, virus infection, unexpected shutdown ...”
Google Chrome is a free web browser developed by Google that uses the WebKit layout engine. It is designed to be secure, fast, simple and stable. Chrome supports plug-ins with the Netscape Plugin Appl...
HandBrake is a general-purpose, open-source, cross-platform, multithreaded video transcoder software application. HandBrake supports batch encoding through Windows graphical user interface (GUI) and ...
This program contains the driver that enables the IDT High-Definition (HD) Audio in supported notebook models that are running a supported operating system.
FL Studio is a digital audio workstation developed by the Belgian company Image-Line. FL Studio features a graphical user interface based on a pattern-based music sequencer. FL Studio can be used as a...
Behaviors
(Note, the behaviors below are for all versions of firefox.exe, select a unique version for details.)
Shell open commands
Scheduled tasks
- The task '{DB15FF6F-2C12-43F6-9077-DC9D5E9F378D}' runs on registration in the path '\{DB15FF6F-2C12-43F6-9077-DC9D5E9F378D}'
- The job '{50960832-8A69-4890-BBD4-53CBA3B9D350}' runs on registration in the path '\{50960832-8A69-4890-BBD4-53CBA3B9D350}'
- The task '{1567603D-C4F5-4E3E-B347-0EFD79FE4E58}' runs on registration in the path '\{1567603D-C4F5-4E3E-B347-0EFD79FE4E58}'
- The task '{573A4B5C-F41F-4B50-A5BB-330C6B6B1FD4}' runs on registration in the path '\{573A4B5C-F41F-4B50-A5BB-330C6B6B1FD4}'
- The job '{F8CEF2CE-ECBF-4E27-A8F4-D411409A42E2}' runs on registration in the path '\{F8CEF2CE-ECBF-4E27-A8F4-D411409A42E2}'
- The task '{80C2D13C-EDC5-489B-BA30-79CD8E31FD32}' runs on registration in the path '\{80C2D13C-EDC5-489B-BA30-79CD8E31FD32}'
- The job '{E41AC21C-9317-4B32-8C7E-E962EB5D92C0}' runs on registration in the path '\{E41AC21C-9317-4B32-8C7E-E962EB5D92C0}'
- The job '{2D229C97-D530-4B7A-BCFA-66F45C78E9F2}' runs on registration in the path '\{2D229C97-D530-4B7A-BCFA-66F45C78E9F2}'
- The task '{FDDB7458-BD87-46DF-BB8A-35E2DBFCAD46}' runs on registration in the path '\{FDDB7458-BD87-46DF-BB8A-35E2DBFCAD46}'
- The task '{F78E0F8D-A7B2-4ADF-A74B-A35B21BEAC93}' runs on registration in the path '\{F78E0F8D-A7B2-4ADF-A74B-A35B21BEAC93}'
- The job '{EAAE8329-8B4F-462D-8D40-F296DCB03214}' runs on registration in the path '\{EAAE8329-8B4F-462D-8D40-F296DCB03214}'
- The task '{D958CCD7-AFC4-4F52-B4E9-7E3DAC23FFC0}' runs on registration in the path '\{D958CCD7-AFC4-4F52-B4E9-7E3DAC23FFC0}'
- The job '{D1DD0520-B00A-4DB7-90A9-1F12BC0F7FC3}' runs on registration in the path '\{D1DD0520-B00A-4DB7-90A9-1F12BC0F7FC3}'
- The job '{CD0A75E9-B743-4544-9386-F431A3FBD438}' runs on registration in the path '\{CD0A75E9-B743-4544-9386-F431A3FBD438}'
- The task '{CA12C935-6CEB-413A-9FBE-388CE6BE9A97}' runs on registration in the path '\{CA12C935-6CEB-413A-9FBE-388CE6BE9A97}'
- The job '{B3D69651-37DD-4783-8218-6E393439801D}' runs on registration in the path '\{B3D69651-37DD-4783-8218-6E393439801D}'
- The job '{ABBD2363-1F95-4899-8D32-1F38C61650AF}' runs on registration in the path '\{ABBD2363-1F95-4899-8D32-1F38C61650AF}'
- The job '{97621CFD-36EF-4DFC-8410-D4AA73BCC054}' runs on registration in the path '\{97621CFD-36EF-4DFC-8410-D4AA73BCC054}'
- The task '{887F2C34-E114-4FFC-8B28-5C3EA49B47D3}' runs on registration in the path '\{887F2C34-E114-4FFC-8B28-5C3EA49B47D3}'
- The job '{7DEAEBFD-C62C-431A-B71F-668F615ABEFB}' runs on registration in the path '\{7DEAEBFD-C62C-431A-B71F-668F615ABEFB}'
- The job '{632B2497-D942-4509-B296-3A9EB1C6AA27}' runs on registration in the path '\{632B2497-D942-4509-B296-3A9EB1C6AA27}'
- The job '{5B5234DC-A2F4-4955-B43C-14780A68D7B8}' runs on registration in the path '\{5B5234DC-A2F4-4955-B43C-14780A68D7B8}'
Windows firewall allowed programs
Exceptions allow programs to access to the Internet through an outbound connections
- Firewall exception for 'C:\Program Files\Mozilla Firefox\firefox.exe'
- Firewall exception for 'C:\Program Files\Mozilla Firefox\firefox.exe'
User start menu folder
Shortcut pointer placed in '%appdata%\Microsoft\Windows\Start Menu'
- Shortcut to 'firefox.exe'
Malware detections
Based on 40+ industry antivirus scanners, 4 of them detected the following malware.
| Antivirus engine | Engine version | Detection | File version |
| Antiy Labs AVL |
2.0.3.7 |
Worm/Win32.WhiteIce.gen |
9.0.1 |
| Antiy Labs AVL |
2.0.3.7 |
Backdoor/Win32.Rbot |
19.0 |
| Antiy Labs AVL |
2.0.3.7 |
Worm/Win32.WhiteIce |
15.0 |
| Emsisoft Anti-Malware |
3.0.0.596 |
Trojan.GenericKD.1515318 (B) |
20.0.1 |
All file variations of firefox.exe
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Premium |
41.75% |
|
| Windows 7 Ultimate |
18.50% |
|
| Windows 8.1 |
8.50% |
|
| Microsoft Windows XP |
8.25% |
|
| Windows Vista Home Premium |
4.50% |
|
| Windows 8.1 Pro |
4.25% |
|
| Windows 7 Professional |
2.75% |
|
| Windows 8 |
2.25% |
|
| Windows 8 Pro |
1.75% |
|
| Windows 8.1 Single Language |
1.50% |
|
| Windows 8.1 N |
1.00% |
|
| Windows 8.1 Pro with Media Center |
1.00% |
|
| Windows 8.1 Enterprise |
1.00% |
|
| Windows 8 Enterprise N |
0.75% |
|
| Windows 8 Single Language |
0.75% |
|
| Windows 8 Pro with Media Center |
0.75% |
|
| Windows 7 Home Basic |
0.25% |
|
| Windows 8.1 Pro Preview |
0.25% |
|
| Windows Developer Preview |
0.25% |
|
Distribution by country
United States installs about 46.62% of Firefox.
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Dell |
22.65% |
|
| Hewlett-Packard |
20.92% |
|
| ASUS |
16.51% |
|
| Acer |
7.87% |
|
| Toshiba |
7.68% |
|
| Sony |
4.61% |
|
| GIGABYTE |
4.03% |
|
| Lenovo |
3.45% |
|
| Compaq |
2.69% |
|
| Samsung |
2.11% |
|
| Gateway |
1.92% |
|
| Alienware |
1.73% |
|
| Intel |
1.54% |
|
| Sahara |
1.34% |
|
| American Megatrends |
0.96% |
|
