Adware.Social2Search

Short bio

Adware.Social2Search is Malwarebytes’ detection for a family of adware¬†targeting Windows systems.

Symptoms

Adware.Social2Search displays pop-up ads and additional advertisements on websites that users visit. The ads are found to encourage the installation of questionable programs, such as toolbars and optimization utilities.

goodbye Adware.Social2Search

Adware.Social2Search tries to convince users to keep it

Protection

Malwarebytes protects users from Adware.Social2Search by using real-time protection.

block Adware.Social2Search

Malwarebytes blocks Adware.Social2Search

Remediation

Malwarebytes can detect and remove Adware.Social2Search without further user interaction.

  1. Please download Malwarebytes to your desktop.
  2. Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  3. Then click Finish.
  4. Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  5. If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  6. When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  7. Restart your computer when prompted to do so.

Malwarebytes removal log

Malwarebytes log of removal for a variant of Adware.Social2Search will look similar to this:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/29/17
Scan Time: 11:49 AM
Logfile: mbamSocial2Search.txt
Administrator: Yes

-Software Information-
Version: 3.0.5.1299
Components Version: 1.0.43
Update Package Version: 1.0.1620
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {computername}\{username}

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 367332
Time Elapsed: 5 min, 32 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 1
PUP.Optional.Wajam.Gen, C:\Program Files\85890b9283acfd8343df56cd6bb80a70\04146af46813e501bb7ca87370e1aaeb.exe, Quarantined, [18446], [259462],1.0.1620

Module: 1
PUP.Optional.Wajam.Gen, C:\Program Files\85890b9283acfd8343df56cd6bb80a70\04146af46813e501bb7ca87370e1aaeb.exe, Quarantined, [18446], [259462],1.0.1620

Registry Key: 10
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Delete-on-Reboot, [131], [170024],1.0.1620
PUP.Optional.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Delete-on-Reboot, [131], [-1],0.0.0
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Delete-on-Reboot, [131], [170024],1.0.1620
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Delete-on-Reboot, [131], [170024],1.0.1620
PUP.Optional.Social2Search.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\85890b9283acfd8343df56cd6bb80a70, Delete-on-Reboot, [18492], [261569],1.0.1620
PUP.Optional.Wajam, HKCU\SOFTWARE\WajIEnhance, Delete-on-Reboot, [131], [244670],1.0.1620
PUP.Optional.Wajam.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\85890b9283acfd8343df56cd6bb80a70, Delete-on-Reboot, [18446], [259462],1.0.1620
PUP.Optional.Social2Search, HKLM\SOFTWARE\Socia2Se Browser Enhancer, Delete-on-Reboot, [444], [345866],1.0.1620
PUP.Optional.Wajam, HKCU\SOFTWARE\WajIEnhance, Delete-on-Reboot, [131], [244670],1.0.1620
PUP.Optional.Social2Search, HKLM\SOFTWARE\WOW6432NODE\Socia2Se Browser Enhancer, Delete-on-Reboot, [444], [345866],1.0.1620

Registry Value: 5
PUP.Optional.Wajam, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [131], [-1],0.0.0
PUP.Optional.Wajam, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [131], [-1],0.0.0
PUP.Optional.Wajam, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [131], [-1],0.0.0
PUP.Optional.Wajam, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Delete-on-Reboot, [131], [-1],0.0.0
PUP.Optional.Social2Search.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\85890b9283acfd8343df56cd6bb80a70|DISPLAYNAME, Delete-on-Reboot, [18492], [261569],1.0.1620

Data Stream: 0
(No malicious items detected)

Folder: 3
PUP.Optional.Wajam.Gen, C:\Program Files\85890b9283acfd8343df56cd6bb80a70\129f0fa04ac4d51af24977e119821088, Delete-on-Reboot, [18446], [259462],1.0.1620
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\85890b9283acfd8343df56cd6bb80a70, Delete-on-Reboot, [18446], [259462],1.0.1620
PUP.Optional.Social2Search.Generic, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\Socia2Se Browser Enhancer, Delete-on-Reboot, [1484], [326625],1.0.1620

File: 12
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\85890b9283acfd8343df56cd6bb80a70\129f0fa04ac4d51af24977e119821088\cf52f145a89b363b48b0ccf0bc6cc06b.ico, Delete-on-Reboot, [18446], [259462],1.0.1620
PUP.Optional.Wajam.Gen, C:\Program Files\85890b9283acfd8343df56cd6bb80a70\129f0fa04ac4d51af24977e119821088\d35531312b2e80d720898ab80ff109bc.ico, Delete-on-Reboot, [18446], [259462],1.0.1620
PUP.Optional.Wajam.Gen, C:\Program Files\85890b9283acfd8343df56cd6bb80a70\129f0fa04ac4d51af24977e119821088\f7c22fa637448a035506da9e427461e4.ico, Delete-on-Reboot, [18446], [259462],1.0.1620
PUP.Optional.Wajam.Gen, C:\Program Files\85890b9283acfd8343df56cd6bb80a70\04146af46813e501bb7ca87370e1aaeb.exe, Delete-on-Reboot, [18446], [259462],1.0.1620
PUP.Optional.Wajam.Gen, C:\Program Files\85890b9283acfd8343df56cd6bb80a70\c6182f9cb662a9e333002e06810f826d.exe, Delete-on-Reboot, [18446], [259462],1.0.1620
PUP.Optional.Wajam.Gen, C:\Program Files\85890b9283acfd8343df56cd6bb80a70\c92b3103a49ebb99abf869e8dd17de8f.exe, Delete-on-Reboot, [18446], [259462],1.0.1620
PUP.Optional.Wajam.Gen, C:\Program Files\85890b9283acfd8343df56cd6bb80a70\cf52f145a89b363b48b0ccf0bc6cc06b.ico, Delete-on-Reboot, [18446], [259462],1.0.1620
PUP.Optional.Wajam.Gen, C:\Program Files\85890b9283acfd8343df56cd6bb80a70\df1a166bec69178b887ca05ac8cb37de, Delete-on-Reboot, [18446], [259462],1.0.1620
PUP.Optional.Social2Search.Generic, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\Socia2Se Browser Enhancer\Social2Search Website.lnk, Delete-on-Reboot, [1484], [326625],1.0.1620
PUP.Optional.Social2Search.Generic, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Se Browser Enhancer\Settings.lnk, Delete-on-Reboot, [1484], [326625],1.0.1620
PUP.Optional.Social2Search.Generic, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Se Browser Enhancer\SignIn with Twitter.lnk, Delete-on-Reboot, [1484], [326625],1.0.1620
PUP.Optional.Social2Search.Generic, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Se Browser Enhancer\uninstall.lnk, Delete-on-Reboot, [1484], [326625],1.0.1620

Physical Sector: 0
(No malicious items detected)


(end)

 

Related blog content

How to remove adware from your PC

Adware the series, the final: tools section