Social Privacy

Posted: January 6, 2014

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Ranking:	16,367
Threat Level:	5/10
Infected PCs:	83,290

First Seen:	January 6, 2014
Last Seen:	February 21, 2025
OS(es) Affected:	Windows

Social Privacy is a fake security add-on for your browser that, ironically, reduces your Web-browsing security by closing programs arbitrarily and making contact with the Socialprivacy.org website. Social Privacy's ultimate goals and intended long-term functions still are being investigated, but malware researchers would consider deleting Social Privacy to be something to be done with the same quickness you'd show when removing any threat. In no situation should you consider Social Privacy's 'security features' to be genuine or advantageous for your browser.

The Hidden Cost of Your Online Privacy

In most cases, browser add-ons that disguise their true intentions are used for loading advertisements or redirecting your browser to a specific website, but, occasionally, malware researchers see something slight more threatening than that. The latest entry into the 'threatening' category of browser add-ons is Social Privacy, which claims to provide features related to detecting and blocking unsafe websites. However, the solid benefits of its security features appear to have been considered irrelevant by most PC users, as, according to its general usage statistics, Social Privacy tends to be uninstalled within a month.

Social Privacy also has at least one, lesser known alias than its main brand name: Trojan.AVKill.28849. Observed behavior that warrants its identification as a threat – rather than just a Potentially Unwanted Program – includes:

Making unauthorized network contact with its website, socialprivacy.org.
Terminating at least two types of Web browsers: Google's Chrome and Mozilla's Firefox.

Social Privacy also has a history of being installed along with adware, browser hijackers and other threats. Having your homepage set to sites like Wiresearch.com, seeing pop-up advertisements and seeing advertisement banners injected into random Web pages are some of the symptoms seen in the latest attacks. Social Privacy doesn't necessarily cause these symptoms, but its own functions run counter to the safety and performance of your PC.

Cutting Social Privacy Off from Your Online Social Life

Although only a slim minority of PC security companies have identified Social Privacy as such, Social Privacy has some of the essential traits of a threat, and should be treated as unsafe to your PC as long as Social Privacy is installed. Malware researchers were able to track down some of Social Privacy's most recent distribution strategies as of December 2013. Fraudulent software updates for Firefox and other popular browsers appear to be carrying Social Privacy, along with other, unrelated threatening programs.

True security for your PC, first and foremost, comes from recognizing the harmful traits of overly-invasive programs, such as Social Privacy's tendency to close your Web browsers. In any incident where you feel that Social Privacy is involved, reboot the affected PC into Safe Mode, which blocks the automatic start up routines of most threatening programs. Afterward, run an anti-malware scan with the most thorough system-scanning options that are available. Any other way of deleting Social Privacy takes the risk of allowing Social Privacy, or software related to Social Privacy, continuing to harm your computer's security.

Aliases

(Suspicious) - DNAScan [CAT-QuickHeal]

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

C:\Program Files (x86)\Social Privacy\sp64.dll

File name: sp64.dll
Size: 150.52 KB (150528 bytes)
MD5: 35201e91ba535effb625f3af30125d4f
Detection count: 9,502
File type: Dynamic link library
Mime Type: unknown/dll
Path: C:\Program Files (x86)\Social Privacy\sp64.dll
Group: Malware file
Last Updated: January 11, 2021

C:\Qoobox\Quarantine\C\Program Files (x86)\Social Privacy\sp.Dll.vir

File name: sp.Dll.vir
Size: 104.96 KB (104960 bytes)
MD5: 8c363809729f4594660038d85fcb2e48
Detection count: 726
Mime Type: unknown/vir
Path: C:\Qoobox\Quarantine\C\Program Files (x86)\Social Privacy\sp.Dll.vir
Group: Malware file
Last Updated: December 22, 2020

%PROGRAMFILES%\Social Privacy\uninstall.exe

File name: uninstall.exe
Size: 63.41 KB (63415 bytes)
MD5: 97db530d618a8deec6371088b499aae7
Detection count: 47
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\Social Privacy
Group: Malware file
Last Updated: January 6, 2014

%PROGRAMFILES%\Social Privacy\sp.dll

File name: sp.dll
Size: 125.44 KB (125440 bytes)
MD5: 64741a358481195b88e0b22b71c903b6
Detection count: 7
File type: Dynamic link library
Mime Type: unknown/dll
Path: %PROGRAMFILES%\Social Privacy
Group: Malware file
Last Updated: January 6, 2014

%PROGRAMFILES(x86)%\Social Privacy DNS\dnswatch.exe

File name: dnswatch.exe
Size: 148.73 KB (148736 bytes)
MD5: eb60e4fdc918ded2ef630526bd4130f7
Detection count: 6
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\Social Privacy DNS
Group: Malware file
Last Updated: April 17, 2014

[SYSTEM32]\regsvr32.exe /s "%PROGRAM_FILES%\Social Privacy\sp.dll"

File name: [SYSTEM32]\regsvr32.exe /s "%PROGRAM_FILES%\Social Privacy\sp.dll"
Mime Type: unknown/dll"
Group: Malware file

%HomePath%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\postinstall[1].php

File name: %HomePath%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\postinstall[1].php
Mime Type: unknown/php
Group: Malware file

%AppData%\Mozilla\Firefox\Profiles\cwdgt0y8.default\user.js

File name: %AppData%\Mozilla\Firefox\Profiles\cwdgt0y8.default\user.js
File type: JavaScript file
Mime Type: unknown/js
Group: Malware file

%Temp%\nsm2.tmp\Processes.dll

File name: %Temp%\nsm2.tmp\Processes.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file

%Temp%\nsm2.tmp\inetc.dll

File name: %Temp%\nsm2.tmp\inetc.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file

%Temp%\nsm2.tmp\System.dll

File name: %Temp%\nsm2.tmp\System.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file

%Program_Files%\Social Privacy\FF\chrome\content\overlay.xul

File name: %Program_Files%\Social Privacy\FF\chrome\content\overlay.xul
Mime Type: unknown/xul
Group: Malware file

%Program_Files%\Social Privacy\FF\chrome\content\main.js

File name: %Program_Files%\Social Privacy\FF\chrome\content\main.js
File type: JavaScript file
Mime Type: unknown/js
Group: Malware file

%Program_Files%\Social Privacy\Uninstall.exe

File name: %Program_Files%\Social Privacy\Uninstall.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

%Program_Files%\Social Privacy\r.log

File name: %Program_Files%\Social Privacy\r.log
Mime Type: unknown/log
Group: Malware file

%Program_Files%\Social Privacy\code.zip

File name: %Program_Files%\Social Privacy\code.zip
Mime Type: unknown/zip
Group: Malware file

%Program_Files%\Social Privacy\FF\chrome\content\icon.png

File name: %Program_Files%\Social Privacy\FF\chrome\content\icon.png
Mime Type: unknown/png
Group: Malware file

%Program_Files%\Social Privacy\sp.dll

File name: %Program_Files%\Social Privacy\sp.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file

%Program_Files%\Social Privacy\FF\chrome.manifest

File name: %Program_Files%\Social Privacy\FF\chrome.manifest
Mime Type: unknown/manifest
Group: Malware file

%Program_Files%\Social Privacy\FF\install.rdf

File name: %Program_Files%\Social Privacy\FF\install.rdf
Mime Type: unknown/rdf
Group: Malware file

More files

Registry Modifications

The following newly produced Registry Values are:

CLSID{6D1DF4DC-7BB8-4811-94EA-5345EBFBEE2D}{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}{96B7C08E-01F0-491A-8509-9741CF47039F}{DCB1CD02-42FC-4447-B833-6405CE328D62}HKEY..\..\..\..{RegistryKeys}Software\DnsCheckSoftware\Microsoft\Internet Explorer\Approved Extensions\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{09942569-D515-42BE-9F5A-A439B20F91AB}SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dnsshieldSoftware\Mozilla\Firefox\Extensions\sp2@sp.comSOFTWARE\POLICIES\SHIELDSoftware\SP\ChromeSOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{09942569-D515-42BE-9F5A-A439B20F91AB}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{91FBEA5C-E3C7-42EA-8C2B-B168189AB5BE}SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\dnsshieldHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}dnsshieldSHHELPERsp@sp.com

Additional Information

The following directories were created:

%PROGRAMFILES%\Social Privacy%PROGRAMFILES%\Social Privacy DNS%PROGRAMFILES%\Social Privacy DNS%PROGRAMFILES%\dnsshield%PROGRAMFILES(x86)%\Social Privacy%PROGRAMFILES(x86)%\Social Privacy DNS%PROGRAMFILES(x86)%\Social Privacy DNS%PROGRAMFILES(x86)%\dnsshield