marceepoo

Hi. I still have the malware. I followed your directions twice. But I still have the malware. On Sat, Feb 23, 3:52 AM, I sent you a response, but it does not appear here on the forum website. So, I'm replying again with the same info. But this time, instead of pasting "FRST.txt" into the body of the body of my response, I'm attaching the "FRST.txt" file to my reponse. I'm attaching the file instead of pasting it into the body of my response, because I suspect that the great length of "FRST.txt" caused my response to be rejected as a response to be posted here. FYI, I noticed that, when I started Chrome again, there was briefly a window that said that a sync was started. But I thought we turned off sync'ing. I don't understand why it sync'd. I also attached the file you asked me to attach (Addition.txt) and a report from the last time I ran a Malwarebytes complete scan. I look forward to hearing from you. Kindest regards, Marc FRST.txt 2019-02-23_03-38-43 Malwarebytes Scan Report.txt Addition.txt

I downloaded and I am installing mb3-setup-consumer-3.7.1.2839-1.0.538-1.0.9304.exe Please let me know if that is not the right version that I should have installed. Marc

Question: One of the instructions (to which your instructions led me) says: "So first of all, make sure you have the latest version of malwarebytes installed (currently 3.4.5): https://www.malwarebytes.com/mwb-download/" when I get to the download page, I don't know which version to download. I understand that my version of Malwarebytes is Malwarebytes Premium, but I don't know whether it's a "Home" version or "Business" version; and so I don't know which version to download and install in order to be sure that I have the latest version. Could you tell me which version to download and install? Thanks, Marc p.s. Thank you for giving me detailed instructions. It is reassuring to me.

Thank you for the prompt reply. Attached please find the mbst-grab-results.zip file. I look forward to hearing from you. Marc mbst-grab-results.zip

This is a duplicate copy of a topic I posted a few minutes ago by mistake in the wrong forum, i.e., Forums Announcements & Feedback, where I assume it will be rejected because it's the wrong forum. So I apologize for the duplicate posting. If I manage to get this one posted, I'll go back there and try to delete the previous posting. Whenever I open a new web page on Google Chrome running on a Win10 machine (Lenovo laptop), Malwarebytes presents a window reporting that it is blocking a website due to adware. The domain always reported is "protesidenext.com". I don't know how to get rid of the offending adware. Malwarebytes scans report that my computer is clean. I've also run adwcleaner_7.2.7.0.exe and HitmanPro_x64.exe. In addition, I opened the Chrome settings and told Chrome to delete: Cookie and other site data; Cached ¡mages and files; Passwords and other sign-in data; Autofill form data; Content settings; and Hosted app data I would appreciate any help you could give me in finding an removing the adware that triggers the Malwarebytes warning shown in the attached PNG file. Lastly, attached in a zip file is a Malwarebytes report, in case that is helpful. Thank you for your help. Marc malwarebytes report.zip

All of a sudden, Malwarebytes insists on blocking a vbscript I coded and use a lot, the name of which is "inputBox wscript.popup_aaa.vbs", and it's attached to this posting in a rar file. I added the vbscript to my Malwarebytes exclusions, and I even excluded the entire directory: But Malwarebytes continues blocking the script, and announces that it blocked the "exploit". I need to get Malwarebytes to stop blocking the script. Any help would be much appreciated. I can't continue to use Malwarebytes if I can't use the vbscripts I have coded, even though I love the protection Malwarebytes provides. Here's the Malwarebytes "exploit" report: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 12/14/18 Protection Event Time: 1:14 PM Log File: 3820f5f0-ffe5-11e8-a8a1-ac220bbf9628.json -Software Information- Version: 3.6.1.2711 Components Version: 1.0.508 Update Package Version: 1.0.8325 License: Premium -System Information- OS: Windows 10 (Build 17134.471) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0 -Exploit Data- Affected Application: cmd Protection Layer: Application Behavior Protection Protection Technique: Exploit payload process blocked File Name: C:\WINDOWS\System32\WScript.exe C:\WINDOWS\System32\WScript.exe E:\Apps\UtilitiesByMarc\inputBox wscript.popup_aaa.vbs e:\zmani\2018-12-14-13-14-18-0.7055475.txt 8 Report of wdPropertyTitle 0 URL: dtff (end) inputBox wscript.popup_aaa.vbs.rar