-
Appear to be Infected
I appear to be infected with some malware causing "youradexchange.com" and "survey.com-annual survey" pop ups. Just noticed this morning. I ran a scan with Malwarebytes and found only low-risk items. Did not remove anything. Also ran Norton anti-virus scan and removed some cookies which were found. Downloaded and ran Adwcleaner and it found several items but I was afraid to delete anything as some were registry keys.
Am running Windows 8, 64-bit and use Chrome as primary browser. Also have IE 10 installed but rarely use.
Can you help?
Thanks in advance!
-----------------------------------------
Edit
For future reference and others reading.
http://forums.spybot.info/showthread...nce%29-Updated
Last edited by tashi; 2015-01-28 at 23:56.
Reason: Added link to forum FAQ
-
-
AdwCleaner Log
Will download and run other software soon. I disabled a Silverlight extension in Chrome and have had no further issues. This may or may not be coincidence.
AdwCleaner v4.109 - Report created 28/01/2015 at 17:37:20
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8 (64 bits)
# Username : Bill - BILLTOSHIBA
# Running from : C:\Users\wfrcp_000\Downloads\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage
File Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal
File Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
Folder Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Folder Found : C:\Users\wfrcp_000\AppData\LocalLow\HPAppData
Folder Found : C:\Users\wfrcp_000\Favorites\StumbleUpon
Folder Found : C:\Users\wfrcp_000\Favorites\StumbleUpon
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Found : HKCU\Software\Pokki
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : [x64] HKCU\Software\Pokki
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.17183
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.toshiba.com/
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.toshiba.com
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.toshiba.com
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.toshiba.com
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.toshiba.com
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.toshiba.com
-\\ Google Chrome v40.0.2214.93
*************************
AdwCleaner[R0].txt - [4035 octets] - [28/01/2015 11:18:40]
AdwCleaner[R1].txt - [4036 octets] - [28/01/2015 11:19:01]
AdwCleaner[R2].txt - [3396 octets] - [28/01/2015 17:37:20]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [3456 octets] ##########
-
You can have AdwCleaner remove it all, it wouldn't have flagged them if they where ok
-
-
Due to inactivity, this thread will now be closed.
If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a new FRST log with a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.
It takes time to analyze logs and prepare a response. Volunteers help users at several sites, and take X number of new topics in order to give each member their attention.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules