Tech Support Guy banner
Cancel
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice

search.tb.ask browser hijacker

2411 Views 7 Replies 2 Participants Last post by  Mark1956
P
I seem to have picked up a browser hijacker. The problem first became apparent two days ago (Mon, 7-9-14). I believe the hijacker came from another user downloading templates for use in MS Word, though I can't be certain. Now I have an Ask.com toolbar in Chrome and when I run a search (from the Chrome address bar), I'm directed away form my default Google search results. I use Google Maps a lot, but now when I search for an address, Google Maps never comes up in my search results. The problem doesn't seem to extend to IE or Firefox, which I use less frequently than Chrome. I have thus far taken no steps to resolve this issue... I'll wait for your guidance.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Pentium(R) D CPU 3.40GHz, Intel64 Family 15 Model 6 Stepping 4
Processor Count: 2
RAM: 4021 Mb
Graphics Card: Intel(R) Q965/Q963 Express Chipset Family, 384 Mb
Hard Drives: C: Total - 476837 MB, Free - 436220 MB;
Motherboard: Dell Inc., 0WK833
Antivirus: Norton 360, Updated and Enabled
Save
Like
Status
Not open for further replies.
1 - 8 of 8 Posts
Mark1956
2
Sounds like a simple case of Adware. Please run the tool below and post the log produced after the reboot.

Click on this link to download : ADWCleaner Click on the Download Now button and save it to your desktop.

NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click on this icon on your desktop:

You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.

NOTE: If for any reason the report does not appear, open Windows Explorer and click on the C: drive in the left pane, in the right pane you should find a new folder called Adwcleaner, double click on it and you will see the saved logs. Find the log that has a number in brackets starting with an S NOT R, similar to this: Adwcleaner[S1], double click on the one with the highest number and the log will open, Copy & Paste it into your reply.

See less See more
Save
Like
P
Thanks for the quick response! AdwCleaner seems to have fixed the problem. The unwanted ask.com toolbar is gone and the search results seem to be back to normal. I've pasted the log file below. Let me know if there's anything else I need to check. Thanks!

# AdwCleaner v3.215 - Report created 09/07/2014 at 13:35:41
# Updated 09/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Owner - DINOSAUR-PC
# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207

-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2dxtj6oy.default\prefs.js ]

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=2F5CEC52-02A6-4462-A99B-B7E1E69C2D51&n=780c47ad&ind=2014070701&p2=^Y6^xdm267^YYA^us&si=CK7O4ejns78CFQxp7AodfEUAYA
Deleted [Startup_urls] : hxxps://mail.google.com/mail/u/0/?shva=1#inbox
Deleted [Extension] : dhhjmlmdpcpiojiffodbldlkgcnaeogp

[ File : C:\Users\Public.DINOSAUR-PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Startup_urls] : hxxps://mail.google.com/mail/u/0/#inbox

*************************

AdwCleaner[R0].txt - [1826 octets] - [09/07/2014 13:32:31]
AdwCleaner[S0].txt - [1765 octets] - [09/07/2014 13:35:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1825 octets] ##########
See less See more
Save
Like
Mark1956
Please run Adwcleaner again and post the new log to make sure all the detections have gone.

How is your browser now?
Save
Like
P
Everything seems to be running normally. Here's the new log:

# AdwCleaner v3.215 - Report created 11/07/2014 at 09:06:12
# Updated 09/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Owner - DINOSAUR-PC
# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207

-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2dxtj6oy.default\prefs.js ]

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\Public.DINOSAUR-PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1826 octets] - [09/07/2014 13:32:31]
AdwCleaner[R1].txt - [923 octets] - [11/07/2014 09:06:12]
AdwCleaner[S0].txt - [1905 octets] - [09/07/2014 13:35:41]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1042 octets] ##########
See less See more
Save
Like
Mark1956
We have a clean log, as long as there are no other problems, we are done.

I shall mark the thread as solved, but you can still post again if you wish.

I would recommend you keep Adwcleaner and run regular scans with it to keep your system clear of Adware.
Save
Like
P
Thank you very much for your help!
Save
Like
Mark1956
You're welcome.
Save
Like
1 - 8 of 8 Posts
Status
Not open for further replies.
Tech Support Guy
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Hardware Virus & Other Malware Removal Off Topic Lounge Thread Games & Discussion Networking
Top