» firefoxmodule.dll
Overview
Analysis
File Details
Programs (1)

firefoxmodule.dll

The module firefoxmodule.dll has been detected as a potentially unwanted program by 3 anti-malware scanners. This file is typically installed with the program Search Protect by conduit by Conduit Ltd. which is a potentially unwanted software program.

File name:

firefoxmodule.dll

MD5:

327ff0c6585f6da5f61658014da8ef1b

SHA-1:

ea5b6ec4e2585f299a042e85a46032615b482af2

SHA-256:

79807f1fc1c318593de69d8efe65e551ddec99a75118ca05e1b80e53cba868a5

Scanner detections:

3 / 68

Status:

Potentially unwanted

Explanation:

Part of the Conduit/ClientConnect toolbar/extension distribution.

Analysis date:

4/26/2024 5:33:49 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Trash.Gen

8.3.1.6

Reason Heuristics

PUP.SearchProtect

16.10.5.20

Sophos

PUA 'Conduit Search Protect'

5.14

File size:

1.2 MB (1,226,528 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\roaming\searchprotect\bin\firefoxmodule.dll

File PE Metadata

Compilation timestamp:

5/8/2013 12:17:03 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:Klac1Y8bWUODPi7c3pqRRuUIzM7CX7upOolHqdHgSgYabLfEdwB9Ukr9Qq8ERn:UMu6p0ZOa+FgYm9Ukr9Qq8ERn

Entry address:

0xAF5C0

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 4A, 03, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, CC, FE, FF, FF, 59, 5D, C2, 0C, 00, 6A, 14, 68, 18, 0C, 0E, 10, E8, 61, 07, 00, 00, FF, 35, 8C, 6D, 10, 10, 8B, 35, 44, F0, 0C, 10, FF, D6, 89, 45, E4, 83, F8, FF, 75, 0C, FF, 75, 08, FF, 15, D4, F2, 0C, 10, 59, EB, 64, 6A, 08, E8, C2, 07, 00, 00, 59, 83, 65, FC, 00, FF, 35, 8C, 6D, 10, 10, FF, D6, 89, 45, E4, FF, 35, 88, 6D, 10, 10, FF, D6, 89, 45, E0, 8D, 45, E0, 50, 8D, 45, E4, 50, FF, 75, 08, 8B, 35... 
[+]

Entropy:

6.3978

Code size:

823 KB (842,752 bytes)

The file firefoxmodule.dll has been discovered within the following program.

Search Protect by conduit by Conduit Ltd.

The Conduit Search Protect software is designed to prevent other competing web browser plugins from changing the homepage and search settings that are created by the Conduit OurToolbar from being changed automatically. It is typically installed with various Community toolbars.

www.conduit.com/privacy/search-protect-privacy-policy.aspx

82% remove it

Remove firefoxmodule.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.