You are reading 0 threads
  • Author
    Messages
    • #26791
      Nicholas Coolman
      Key Master

      Superfluous Software

      ColdSearch, Potentially Superfluous Extension (EPS).

      These programs or applications like ColdSearch can be described as superfluous. These are mainly legitimate programs that are not necessarily necessary for the proper functioning of your system and sometimes even unwanted.

      These programs install as a browser extension, with or without your consent, through freeware installation repackaged, a technique which consists of offering other software during installation. Once installed, they appear in the form of a browser toolbar (Toolbar), a search bar or one of icon allowing the execution of a task or the launch of a program.

      Some of these programs can collect information about your browsing habits without your knowledge and resell it to unscrupulous advertising organizations. Installing a large number of extensions causes a slowdown when launching your browser but also an increase in your system's RAM memory, which can considerably hamper you while browsing the Web.

      Note that the virus analysis of this software does not show any malicious detection.  Read more

      Chromium code: ldlonoipnhoplkciiafhcjkkbkpaodnj

      Main Actions:
      - It installs an extension program for the Google Chrome (G2) browser,
      – It installs a Mozilla Firefox (P2) browser plugin,
      - It modifies the Internet search provider (O69),

      ZHPDiag Overview:
      G2 – GCE: Preference [User Data\Default] [ldlonoipnhoplkciiafhcjkkbkpaodnj] ColdSearch
      P2 – EXT: (…) — C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\coldsearch.xml
      O69 – SBI: prefs.js [tmi – muvda3d6.default] user_pref(“browser.search.defaultenginename”, “coldsearch”);
      O69 – SBI: prefs.js [tmi – muvda3d6.default] user_pref(“browser.search.selectedEngine”, “coldsearch”);
      C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\coldsearch.xml
      C:\Users\Coolman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieinnneanoadfjcfhpjjncohgejljopj
      [HKLM\SOFTWARE\Google\Chrome\Extensions\ieinnneanoadfjcfhpjjncohgejljopj]

      ZHPCleaner Overview
      REPLACED Chrome Preferences: “https://coldsearch/”
      REPLACED Chrome Preferences: “https://s.coldsearch.com/”
      REPLACED Chrome Preferences: “https://www.piesearch.com/”
      DELETED: [egx9kv7f.default] – user_pref(“browser.search.searchengine.url”, “https://s.coldsearch.com/web?type=ds&ts=220049&pid=%5B…%5D

      Alias:
      PUP.ColdSearch [Reason Heuristics]
      PUP.Optional.ColdSearch
      Hijacker.Browser

      Diagnose with ZHPSuite...  Uninstall with Windows...  Delete with ZHPCleaner...  Remove with Malwarebytes...

      Free support forum
      Nicholas Coolman

You are reading 0 threads
  • You must be logged in to reply to this topic.
Back to top