Threat Database Adware Adware.FrameFox


By ESGI Advisor in Adware

Threat Scorecard

Ranking: 11,122
Threat Level: 20 % (Normal)
Infected Computers: 22,093
First Seen: December 23, 2013
Last Seen: June 4, 2024
OS(es) Affected: Windows

Framefox is a Web browser extension that may have numerous unwanted effects on affected computer systems. Although security researchers have classified Framefox as a Potentially Unwanted Program, there are extremely harmful characteristics associated with Framefox, including the fact that Framefox is developed by Duuqu, which may be associated with Duqu. Duqu was associated with high profile attacks on various targets in 2011 as well as with the infamous Stuxnet, one of the most well-known threats in recent years. Although specific damaging intentions have not been observed in the case of Framefox, security researchers strongly recommend removing and avoiding Framefox immediately to prevent other threats or PUPs from making their way into the affected computer.

Understanding How Framefox is Distributed

There are several ways in which Framefox may be distributed. Framefox and similar PUPs may be distributed using the following methods:

  • Framefox may be installed as a Web browser extension and is commonly bundled with low quality freeware. Even though PC users may opt out of the installation of Framefox, not paying attention to the installation process may allow marketers to install PUPs like Framefox on the affected Web browser. You can prevent this from happening by monitoring carefully all new software installations and opting out of installing unwanted components like Framefox.
  • Framefox may be distributed using social engineering techniques. In most cases, these consist in tricking inexperienced computer users into believing that Framefox is a useful Web browser extension and then prompting them to download and install Framefox by themselves. It is important to know that social engineering is an essential part of most modern threats and that most other threat distribution methods may involve social engineering to some degree (for example, spam email messages with corrupted attachments may use social engineering strategies to trick inexperienced computer users into opening the attached files).
  • Framefox may also be distributed through email, social media, or instant messaging spam. These messages may contain risky attachments that, when opened, install Framefox on the affected Web browser.

SpyHunter Detects & Remove Adware.FrameFox

File System Details

Adware.FrameFox may create the following file(s):
# File Name MD5 Detections
1. framefox.exe.vir 6017ca94be482bcb527d92c6d481b2cc 16,774
2. framefox.exe 789eb0eee66f46947f695331a1ca58c5 1,274
3. framefox.exe b9c3e1fc5ae8131b2bc248dda370b6d6 703
4. framefox.exe 01eca800662eb1df26f897944a8ff5d4 406
5. framefox.exe 9f1f6f9b13e8458c60907180d15c83c2 169
6. framefox.exe dedd918c18d31163e2dae134a0538348 157
7. framefox.exe 894413ff7f6ded5aae568c9adaf72102 73
8. framefox.exe 5daea09aad6871fb28ff3c7bff644d4f 67
9. framefox.exe 1fd02c0b4df6218cd16e9c955a16a488 9
10. FrameFox_1909-357c9206.exe f69ab43eb987667d54518527148c5528 5
11. framefoxsetup.exe cfdfb01c8f4cc858dd098aaea145c5e1 2
12. framefox.exe 112c2f2558abf9fb8dd77881b8f865ac 2

Registry Details

Adware.FrameFox may create the following registry entry or registry entries:
SOFTWARE\Microsoft\Windows\CurrentVersion\Run\FrameFox Extensions
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\FrameFox Extensions


Adware.FrameFox may create the following directory or directories:



Adware.FrameFox may call the following URLs:



Most Viewed