Home Malware Programs Browser Hijackers Social Privacy

Social Privacy

Posted: January 6, 2014

Threat Metric

Ranking: 12,356
Threat Level: 5/10
Infected PCs: 83,264
First Seen: January 6, 2014
Last Seen: October 5, 2023
OS(es) Affected: Windows

Social Privacy is a fake security add-on for your browser that, ironically, reduces your Web-browsing security by closing programs arbitrarily and making contact with the Socialprivacy.org website. Social Privacy's ultimate goals and intended long-term functions still are being investigated, but malware researchers would consider deleting Social Privacy to be something to be done with the same quickness you'd show when removing any threat. In no situation should you consider Social Privacy's 'security features' to be genuine or advantageous for your browser.

The Hidden Cost of Your Online Privacy

In most cases, browser add-ons that disguise their true intentions are used for loading advertisements or redirecting your browser to a specific website, but, occasionally, malware researchers see something slight more threatening than that. The latest entry into the 'threatening' category of browser add-ons is Social Privacy, which claims to provide features related to detecting and blocking unsafe websites. However, the solid benefits of its security features appear to have been considered irrelevant by most PC users, as, according to its general usage statistics, Social Privacy tends to be uninstalled within a month.

Social Privacy also has at least one, lesser known alias than its main brand name: Trojan.AVKill.28849. Observed behavior that warrants its identification as a threat – rather than just a Potentially Unwanted Program – includes:

  • Making unauthorized network contact with its website, socialprivacy.org.
  • Terminating at least two types of Web browsers: Google's Chrome and Mozilla's Firefox.

Social Privacy also has a history of being installed along with adware, browser hijackers and other threats. Having your homepage set to sites like Wiresearch.com, seeing pop-up advertisements and seeing advertisement banners injected into random Web pages are some of the symptoms seen in the latest attacks. Social Privacy doesn't necessarily cause these symptoms, but its own functions run counter to the safety and performance of your PC.

Cutting Social Privacy Off from Your Online Social Life

Although only a slim minority of PC security companies have identified Social Privacy as such, Social Privacy has some of the essential traits of a threat, and should be treated as unsafe to your PC as long as Social Privacy is installed. Malware researchers were able to track down some of Social Privacy's most recent distribution strategies as of December 2013. Fraudulent software updates for Firefox and other popular browsers appear to be carrying Social Privacy, along with other, unrelated threatening programs.

True security for your PC, first and foremost, comes from recognizing the harmful traits of overly-invasive programs, such as Social Privacy's tendency to close your Web browsers. In any incident where you feel that Social Privacy is involved, reboot the affected PC into Safe Mode, which blocks the automatic start up routines of most threatening programs. Afterward, run an anti-malware scan with the most thorough system-scanning options that are available. Any other way of deleting Social Privacy takes the risk of allowing Social Privacy, or software related to Social Privacy, continuing to harm your computer's security.

Aliases

(Suspicious) - DNAScan [CAT-QuickHeal]

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



C:\PROGRAM FILES (X86)\SOCIAL PRIVACY DNS\DNSWATCH.EXE File name: DNSWATCH.EXE
Size: 148.48 KB (148480 bytes)
MD5: 77aea6e0f5a28dbe8f057d5c7a7ad2ff
Detection count: 31,183
File type: Executable File
Mime Type: unknown/EXE
Path: C:\PROGRAM FILES (X86)\SOCIAL PRIVACY DNS\DNSWATCH.EXE
Group: Malware file
Last Updated: January 11, 2021
C:\Program Files (x86)\Social Privacy\sp64.dll File name: sp64.dll
Size: 150.52 KB (150528 bytes)
MD5: 35201e91ba535effb625f3af30125d4f
Detection count: 9,502
File type: Dynamic link library
Mime Type: unknown/dll
Path: C:\Program Files (x86)\Social Privacy\sp64.dll
Group: Malware file
Last Updated: January 11, 2021
%PROGRAMFILES%\Social Privacy\sp.dll File name: sp.dll
Size: 125.44 KB (125440 bytes)
MD5: 9d632e37851ef4296af99a8bf9895dbe
Detection count: 2,473
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\Social Privacy
Group: Malware file
Last Updated: October 24, 2022
%PROGRAMFILES(x86)%\Social Privacy DNS\dnswatch.exe File name: dnswatch.exe
Size: 136.7 KB (136704 bytes)
MD5: 3e82b0b4de22facaa82716bce86f016d
Detection count: 1,890
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\Social Privacy DNS
Group: Malware file
Last Updated: January 6, 2014
%PROGRAMFILES%\Social Privacy\sp.dll File name: sp.dll
Size: 104.96 KB (104960 bytes)
MD5: f4362810779060e81fde7dbec3efc31d
Detection count: 1,290
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\Social Privacy
Group: Malware file
Last Updated: December 28, 2019
%PROGRAMFILES%\Social Privacy\sp.dll File name: sp.dll
Size: 125.44 KB (125440 bytes)
MD5: fd19c71319032c85bbdd058846bfcd02
Detection count: 1,105
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\Social Privacy
Group: Malware file
Last Updated: January 6, 2014
%PROGRAMFILES%\Social Privacy\sp.dll File name: sp.dll
Size: 104.96 KB (104960 bytes)
MD5: d7b9588c1b79bc1e2eff8a13d7d38ebf
Detection count: 504
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\Social Privacy
Group: Malware file
Last Updated: January 6, 2014
%PROGRAMFILES%\Social Privacy\sp.dll File name: sp.dll
Size: 104.96 KB (104960 bytes)
MD5: 34e4d4397e13479bd9566381a8022a83
Detection count: 166
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\Social Privacy
Group: Malware file
Last Updated: January 6, 2014
%PROGRAMFILES%\Social Privacy\sp.dll File name: sp.dll
Size: 104.96 KB (104960 bytes)
MD5: ad17e5906b368a37ab53d6568f28658c
Detection count: 34
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\Social Privacy
Group: Malware file
Last Updated: January 6, 2014
%PROGRAMFILES%\Social Privacy\sp.dll File name: sp.dll
Size: 125.44 KB (125440 bytes)
MD5: 743d33ff85d514557b60793bcca95087
Detection count: 28
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\Social Privacy
Group: Malware file
Last Updated: January 6, 2014
%PROGRAMFILES%\Social Privacy DNS\dnswatch.exe File name: dnswatch.exe
Size: 312.18 KB (312184 bytes)
MD5: 1ded591fd9a264790e8e266ba04dcc32
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\Social Privacy DNS
Group: Malware file
Last Updated: January 6, 2014
%PROGRAMFILES%\Social Privacy\sp.dll File name: sp.dll
Size: 125.44 KB (125440 bytes)
MD5: 64741a358481195b88e0b22b71c903b6
Detection count: 7
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\Social Privacy
Group: Malware file
Last Updated: January 6, 2014
%PROGRAMFILES(x86)%\Social Privacy DNS\dnswatch.exe File name: dnswatch.exe
Size: 148.73 KB (148736 bytes)
MD5: eb60e4fdc918ded2ef630526bd4130f7
Detection count: 6
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\Social Privacy DNS
Group: Malware file
Last Updated: April 17, 2014
%PROGRAMFILES%\Social Privacy\sp.dll File name: sp.dll
Size: 125.44 KB (125440 bytes)
MD5: 8e69e538aedaef73f8b5bbc85d8e8df7
Detection count: 5
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\Social Privacy
Group: Malware file
Last Updated: January 6, 2014
%PROGRAMFILES(x86)%\Social Privacy DNS\dnswatch.exe File name: dnswatch.exe
Size: 262.14 KB (262144 bytes)
MD5: 74b7b1c7d901ec5474676e8f069f9831
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\Social Privacy DNS
Group: Malware file
Last Updated: January 6, 2014
[SYSTEM32]\regsvr32.exe /s "%PROGRAM_FILES%\Social Privacy\sp.dll" File name: [SYSTEM32]\regsvr32.exe /s "%PROGRAM_FILES%\Social Privacy\sp.dll"
Mime Type: unknown/dll"
Group: Malware file
%HomePath%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\postinstall[1].php File name: %HomePath%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\postinstall[1].php
Mime Type: unknown/php
Group: Malware file
%AppData%\Mozilla\Firefox\Profiles\cwdgt0y8.default\user.js File name: %AppData%\Mozilla\Firefox\Profiles\cwdgt0y8.default\user.js
File type: JavaScript file
Mime Type: unknown/js
Group: Malware file
%Temp%\nsm2.tmp\Processes.dll File name: %Temp%\nsm2.tmp\Processes.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
%Temp%\nsm2.tmp\inetc.dll File name: %Temp%\nsm2.tmp\inetc.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
%Temp%\nsm2.tmp\System.dll File name: %Temp%\nsm2.tmp\System.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
%Program_Files%\Social Privacy\FF\chrome\content\overlay.xul File name: %Program_Files%\Social Privacy\FF\chrome\content\overlay.xul
Mime Type: unknown/xul
Group: Malware file
%Program_Files%\Social Privacy\FF\chrome\content\main.js File name: %Program_Files%\Social Privacy\FF\chrome\content\main.js
File type: JavaScript file
Mime Type: unknown/js
Group: Malware file
%Program_Files%\Social Privacy\Uninstall.exe File name: %Program_Files%\Social Privacy\Uninstall.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
%Program_Files%\Social Privacy\r.log File name: %Program_Files%\Social Privacy\r.log
Mime Type: unknown/log
Group: Malware file
%Program_Files%\Social Privacy\code.zip File name: %Program_Files%\Social Privacy\code.zip
Mime Type: unknown/zip
Group: Malware file
%Program_Files%\Social Privacy\FF\chrome\content\icon.png File name: %Program_Files%\Social Privacy\FF\chrome\content\icon.png
Mime Type: unknown/png
Group: Malware file
%Program_Files%\Social Privacy\sp.dll File name: %Program_Files%\Social Privacy\sp.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
%Program_Files%\Social Privacy\FF\chrome.manifest File name: %Program_Files%\Social Privacy\FF\chrome.manifest
Mime Type: unknown/manifest
Group: Malware file
%Program_Files%\Social Privacy\FF\install.rdf File name: %Program_Files%\Social Privacy\FF\install.rdf
Mime Type: unknown/rdf
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

CLSID{6D1DF4DC-7BB8-4811-94EA-5345EBFBEE2D}{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}{96B7C08E-01F0-491A-8509-9741CF47039F}{DCB1CD02-42FC-4447-B833-6405CE328D62}HKEY..\..\..\..{RegistryKeys}Software\DnsCheckSoftware\Microsoft\Internet Explorer\Approved Extensions\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{09942569-D515-42BE-9F5A-A439B20F91AB}SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dnsshieldSoftware\Mozilla\Firefox\Extensions\sp2@sp.comSOFTWARE\POLICIES\SHIELDSoftware\SP\ChromeSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{09942569-D515-42BE-9F5A-A439B20F91AB}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\dnsshieldHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}dnsshieldSHHELPERsp@sp.com

Additional Information

The following directories were created:
%PROGRAMFILES%\Social Privacy%PROGRAMFILES%\Social Privacy DNS%PROGRAMFILES%\Social Privacy DNS%PROGRAMFILES%\dnsshield%PROGRAMFILES(x86)%\Social Privacy%PROGRAMFILES(x86)%\Social Privacy DNS%PROGRAMFILES(x86)%\Social Privacy DNS%PROGRAMFILES(x86)%\dnsshield
Loading...