I appear to be infected with some malware causing "youradexchange.com" and "survey.com-annual survey" pop ups. Just noticed this morning. I ran a scan with Malwarebytes and found only low-risk items. Did not remove anything. Also ran Norton anti-virus scan and removed some cookies which were found. Downloaded and ran Adwcleaner and it found several items but I was afraid to delete anything as some were registry keys.

Am running Windows 8, 64-bit and use Chrome as primary browser. Also have IE 10 installed but rarely use.

Can you help?

Thanks in advance!
-----------------------------------------
Edit
For future reference and others reading. :)
http://forums.spybot.info/showthread.php?288-quot-BEFORE-You-POST-quot-%28Please-read-this-Procedure-Before-Requesting-Assistance%29-Updated

:snwelcome:

Go ahead and run AdwCleaner but press Report and post the report and lets see what it found



http://i.imgur.com/1QYkxTZ.jpg Please download aswMBR (http://public.avast.com/~gmerek/aswMBR.exe) to your desktop.

Double click the aswMBR icon to run it.
Click the Scan button to start scan.
If you are asked to update the Avast Virus database please allow it to do so.
When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.

I just want to see the report....Please Do Not Fix Anything

============================================================================




Please download Farbar Recovery Scan Tool (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/) and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
A simple way to check your system: Start --> Computer (right click) --> Properties

http://i24.photobucket.com/albums/c30/ken545/FRST_zps5d956a1a.jpg (http://s24.photobucket.com/user/ken545/media/FRST_zps5d956a1a.jpg.html)



Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Please make sure All Users is checked
Just keep the defaults as in the picture checkmarked
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Will download and run other software soon. I disabled a Silverlight extension in Chrome and have had no further issues. This may or may not be coincidence.

AdwCleaner v4.109 - Report created 28/01/2015 at 17:37:20
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8 (64 bits)
# Username : Bill - BILLTOSHIBA
# Running from : C:\Users\wfrcp_000\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage
File Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal
File Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage
File Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.zabasearch.com_0.localstorage-journal
File Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
Folder Found : C:\Users\wfrcp_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Folder Found : C:\Users\wfrcp_000\AppData\LocalLow\HPAppData
Folder Found : C:\Users\wfrcp_000\Favorites\StumbleUpon
Folder Found : C:\Users\wfrcp_000\Favorites\StumbleUpon

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Found : HKCU\Software\Pokki
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : [x64] HKCU\Software\Pokki
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17183

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.toshiba.com/
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.toshiba.com
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.toshiba.com
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.toshiba.com
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.toshiba.com
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.toshiba.com

-\\ Google Chrome v40.0.2214.93


*************************

AdwCleaner[R0].txt - [4035 octets] - [28/01/2015 11:18:40]
AdwCleaner[R1].txt - [4036 octets] - [28/01/2015 11:19:01]
AdwCleaner[R2].txt - [3396 octets] - [28/01/2015 17:37:20]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [3456 octets] ##########

You can have AdwCleaner remove it all, it wouldn't have flagged them if they where ok

Still with me ?

Due to inactivity, this thread will now be closed.

If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a new FRST log with a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

It takes time to analyze logs and prepare a response. Volunteers help users at several sites, and take X number of new topics in order to give each member their attention.