Labeled: Extension, LPS, Navigator, SUP, Superfluous
- This topic contains 0 replies, 1 participant, and was last updated by Nicholas Coolman, 3 years and 7 months ago.
-
AuthorMessages
-
-
August 7 2020 to 10 21 h min #26791Nicholas CoolmanKey Master
ColdSearch, Potentially Superfluous Extension (EPS).
These programs or applications like ColdSearch can be described as superfluous. These are mainly legitimate programs that are not necessarily necessary for the proper functioning of your system and sometimes even unwanted.
These programs install as a browser extension, with or without your consent, through freeware installation repackaged, a technique which consists of offering other software during installation. Once installed, they appear in the form of a browser toolbar (Toolbar), a search bar or one of icon allowing the execution of a task or the launch of a program.
Some of these programs can collect information about your browsing habits without your knowledge and resell it to unscrupulous advertising organizations. Installing a large number of extensions causes a slowdown when launching your browser but also an increase in your system's RAM memory, which can considerably hamper you while browsing the Web.
Note that the virus analysis of this software does not show any malicious detection. Read more
Chromium code: ldlonoipnhoplkciiafhcjkkbkpaodnj
Main Actions:
- It installs an extension program for the Google Chrome (G2) browser,
– It installs a Mozilla Firefox (P2) browser plugin,
- It modifies the Internet search provider (O69),ZHPDiag Overview:
G2 – GCE: Preference [User Data\Default] [ldlonoipnhoplkciiafhcjkkbkpaodnj] ColdSearch
P2 – EXT: (…) — C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\coldsearch.xml
O69 – SBI: prefs.js [tmi – muvda3d6.default] user_pref(“browser.search.defaultenginename”, “coldsearch”);
O69 – SBI: prefs.js [tmi – muvda3d6.default] user_pref(“browser.search.selectedEngine”, “coldsearch”);
C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\coldsearch.xml
C:\Users\Coolman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieinnneanoadfjcfhpjjncohgejljopj
[HKLM\SOFTWARE\Google\Chrome\Extensions\ieinnneanoadfjcfhpjjncohgejljopj]ZHPCleaner Overview
REPLACED Chrome Preferences: “https://coldsearch/”
REPLACED Chrome Preferences: “https://s.coldsearch.com/”
REPLACED Chrome Preferences: “https://www.piesearch.com/”
DELETED: [egx9kv7f.default] – user_pref(“browser.search.searchengine.url”, “https://s.coldsearch.com/web?type=ds&ts=220049&pid=%5B…%5DAlias:
PUP.ColdSearch [Reason Heuristics]
PUP.Optional.ColdSearch
Hijacker.BrowserDiagnose with ZHPSuite... Uninstall with Windows... Delete with ZHPCleaner... Remove with Malwarebytes...
Free support forum
Nicholas Coolman
-
-
AuthorMessages
- You must be logged in to reply to this topic.