utilbrowsefox.exe

Browse Fox

The application utilbrowsefox.exe by Browse Fox has been detected as adware by 5 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “Update BrowseFox”. This file is typically installed with the program BrowseFox 3.0.0 by Yontoo Technology, Inc. which is a potentially unwanted software program. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
Publisher:
Browse Fox  (signed and verified)

Version:
1.0.5168.42109

MD5:
0857c04a452c0ae7e10b6a134f980e92

SHA-1:
93a3cbcfc27450d6f3718e9ff91b0ccab823dc17

SHA-256:
108a5845a0a630a2e7730df1c63ee42a9022a47dbae59da295364f70f3d33616

Scanner detections:
5 / 68

Status:
Adware

Explanation:
Injects advertising in the web browser in various formats.

Analysis date:
8/8/2014 1:32:19 AM UTC  (three months ago)

Scan engine
Detection
Engine version

AVG
MalSign.Skodna.BrowseFox
2015.0.3552

ESET NOD32
Win32/BrowseFox (variant)
8.9470

Malwarebytes
PUP.Optional.BrowseFox.A
v2014.02.26.11

Reason Heuristics
PUP.Service.BrowseFox.N
14.8.7.21

VIPRE Antivirus
Yontoo
26838

File size:
109.3 KB (111,904 bytes)

Product version:
1.0.5168.42109

Original file name:
BrowseFox.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\browsefox\bin\utilbrowsefox.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
7/30/2013 2:00:00 AM

Valid to:
7/31/2014 1:59:59 AM

Subject:
CN=Browse Fox, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Browse Fox, L=Santa Monica, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3DA9F504A9E9628C2224F40C9EA90C86

File PE Metadata
Compilation timestamp:
2/25/2014 12:23:53 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:ffVqqjXCTfff9SOg9nx7cc9FBb3qL8XoL:ffVqAXCTffYOghxAc1b34YM

Entry address:
0x1B0FE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
100.5 KB (102,912 bytes)

Service
Display name:
Update BrowseFox

Type:
Win32OwnProcess


The file utilbrowsefox.exe has been discovered within the following program.

BrowseFox 3.0.0  by Yontoo Technology, Inc.
This is a web browser extension and Browser helper Object (for Internet Explorer) that delivers contextual based advertising to the web browser. In addition it will modify the user's browser home and search pages as well as 'New Tab' pages to push advertising and search.
browsefox.com/support
78% remove it
 
Powered by Should I Remove It?

1 / 68      (Adware)
updater.exe  (2b6263ea8f8b9cd181f56b394c6706f479646e9e)

1 / 68      (Adware)
desktop.exe  (b2a5fc72dfa68e7d32819c6b33f948940bab1e07)

8 / 68      (Adware)
ieclient.dll  (00481d0604432229c36fc3f20d484133f90a0c3b)

9 / 68      (Adware)
browsefox_1208-784bb9a0.exe  (ffcba83758f2c9be966e54b7286d52fb2a07e981)

19 / 68    (Adware)
browsefoxbho.dll  (ff4ed6f2073f5489b0771ab45139f584a6b31438)

14 / 68    (Adware)
setup.exe  (5e80e3e722d6beef62909b7a117ebb8a776c7122)

6 / 68      (Adware)
browsefox.browserfilter.helper.dll  (a3b5280fbb58c9975ff59f63efc6dee3073e0565)

9 / 68      (Adware)
updatebrowsefox.exe (by BrowseFox)  (b289953d1be67088ebb0dc155ebe6d53fd315c03)

7 / 68      (Adware)
BrowseFox.Common.dll (by BrowseFox)  (5fa62e15712b6e6c4b009b209c2ed0d0e25d43b5)

3 / 68      (Adware)
BrowseFoxBrowserFilter.exe  (aff4b15ac370b32cb87ade4312140c3d82c0218c)

1 / 68      (Adware)
BrowseFox.FFUpdate.dll  (c205c72ffa3f3a1f7f1913607eeb11be725cc2f8)

1 / 68      (Adware)
BrowseFox.GCUpdate.dll  (c515f6f224d600b9ed292782dfd61acece03a66c)

1 / 68      (Adware)
BrowseFox.IEUpdate.dll  (5e8085dfd22bb06d8c5f4592b1481c354159ad8d)

3 / 68      (Adware)
xtlsapp.exe  (3625d024dfee9ec6b38bee5e2623ab8e026be070)

Detection Incidence by Country