Jump to content

Adware detected from downloading extension


Recommended Posts

I removed two PUPs using adwcleaner as a result of downloading an extension for my Firefox browser which is an an ad blocker for my Yahoo mail account. I should tell the developer about this, but I'm only assuming it was from this. There were two entries in my registry keys that adwcleaner found. The name of the Firefox extension is called Yahoo Mail Hide Ad Panel. The adware was removed. It found two entries in the registry keys.

***** [ Registry ] *****

Deleted       HKLM\Software\Wow6432Node\Classes\AppID\OverlayIcon.DLL
Deleted       HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL

Then I reported a website that Malwarebytes blocked using Firefox when I was going on Yahoo. Below are some details from the Malwarebytes log. This happened when I temporarily disabled AdBlock in order to test out another browser extension for my email account:

  -Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: PUP
Domain: partners.cmptch.com
IP Address: 74.120.19.22
Port: [53089]
Type: Outbound
File: C:\Program Files\Mozilla Firefox\firefox.exe

I also ran adwcleaner again and also Rogue Killer, but they didn't find anything.

When I reported this to the forum initially, I was instructed to run  the Farber Recovery Scan Tool and I have attached those two logs here plus my latest Malwarebytes report.

FRST.txt

Addition.txt

MalwarebytesReport.txt

Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please let me know what problem persists with this computer.

fixlist.txt

Link to post
Share on other sites

Nasdaq,

Could you please explain in detail what the problem was? I noticed the FRST program removed a bunch of temporary files. What exactly happened? Was the problem with any specific programs like the browser extensions I had in Firefox? I noticed a Facebook adblock was listed. I deleted that extension.

Thank you.

 

 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.