Privacy-Search est un
Browser Hijacker (pirate de navigateur) qui modifie les paramètres du navigateur (page d’accueil , page de recherche, ....) afin de forcer la consultation du site ciblé et affiche aussi des publicités.
Privacy-Search détourne la recherche sous Chrome (
search hijacker).
- Affiche ces alertes pendant l'installation
- S'installe en tant qu'extension/add-on du navigateur Chrome
- Affiche cette icône dans la Barre Chrome
- Affiche ce commutateur en cliquant sur l'icône
- Modifie les paramètres de recherche
**********Détection de
Privacy-Search dans des rapports
FRST :
CHR DefaultSearchURL: Default -> hxxp://www.privacy-search.company/spsearch/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Search Privacy
CHR DefaultSuggestURL: Default -> hxxp://www.privacy-search.company/spauto/?kwd={searchTerms}
CHR Extension: (Search Privacy) - C:\Users\{Nom_Utilisateur}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb [2017-08-15]
**********Détecté et traité par
Malwarebytes en tant que PUP/LPI (Programme potentiellement Indésirable)
Sous la version Premium,
Malwarebytes bloque le domaine info.searchprivacy.co et l'IP 104.24.105.22
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 10
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts\modules, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts\plugin, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts\core, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\_metadata, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\icon, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\css, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\img, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\USERS\{username}\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\GEJLDKALBGEJPJMAGGIHGGJFFHOONJDB, Quarantined, [466], [379317],1.0.2589
File: 23
PUP.Optional.PrivateSearch, C:\USERS\{username}\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\GEJLDKALBGEJPJMAGGIHGGJFFHOONJDB\1.24.14.2_0\MANIFEST.JSON, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\css\style.css, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\icon\icon.png, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\icon\icon16.png, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\icon\icon48.png, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\img\mob1.png, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\img\tick_green.png, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\img\Warning.png, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts\core\background.js, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts\core\content.js, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts\core\popup.js, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts\modules\constant.js, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts\modules\fingerprint.js, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts\modules\listeners.js, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts\modules\md5.js, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts\modules\user.js, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts\modules\util.js, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts\modules\variables.js, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\scripts\plugin\jquery.js, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\_metadata\computed_hashes.json, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\_metadata\verified_contents.json, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\background.html, Quarantined, [466], [379317],1.0.2589
PUP.Optional.PrivateSearch, C:\Users\{username}\AppData\Local\Google\Chrome\User Data\Default\Extensions\gejldkalbgejpjmaggihggjffhoonjdb\1.24.14.2_0\popup.html, Quarantined, [466], [379317],1.0.2589
Physical Sector: 0
(No malicious items detected)
Tutoriel d'utilisation Malwarebytes en imagesSource : Removal instructions for Privacy-Search de Metallica - Malwarebytes Forums
Toujours infecté ? Une question avant de faire des manipulations ?
Venez poster un
nouveau sujet dans ce forum :
http://forum.security-x.fr/desinfections/ en prenant soin de suivre la procédure
http://forum.security-x.fr/desinfections/procedure-preliminaire/