Jump to content

protesidenext.com adware; can't find & delete it


Recommended Posts

This is a duplicate copy of a topic I posted a few minutes ago by mistake in the wrong forum, i.e., Forums Announcements & Feedback, where I assume it will be rejected because it's the wrong forum.  So I apologize for the duplicate posting.  If I manage to get this one posted, I'll go back there and try to delete the previous posting.

Whenever I open a new web page on Google Chrome running on a Win10 machine (Lenovo laptop), Malwarebytes presents a window reporting that it is blocking a website due to adware.  The domain always reported is "protesidenext.com".  I don't know how to get rid of the offending adware.  Malwarebytes scans report that my computer is clean.  I've also run adwcleaner_7.2.7.0.exe and HitmanPro_x64.exe.  In addition, I opened the Chrome settings and told Chrome to delete:

  1. Cookie and other site data;
  2. Cached ¡mages and files;
  3. Passwords and other sign-in data;
  4. Autofill form data;
  5. Content settings; and
  6. Hosted app data

I would appreciate any help you could give me in finding an removing the adware that triggers the Malwarebytes warning shown in the attached PNG file.

Lastly, attached in a zip file is a Malwarebytes report, in case that is helpful.

Thank you for your help.

                Marc

 

malwarebytes report.zip

Malwarebytes Adware Warning; Protesidenext.com.png

Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

If the problem persists IN CHROME and you Sync Chrome with other devices reset the Sync.

Read this article and proceed.

Chrome Secure Preferences detection always comes back
https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/
<<<>>>

If after a restart of the computer the problem persists scan the computer with this program.

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Please post the logs  for my review.

Wait for further instructions.

If all is well please let me know.

Link to post
Share on other sites

Question:  One of the instructions (to which your instructions led me) says: "So first of all, make sure you have the latest version of malwarebytes installed (currently 3.4.5)https://www.malwarebytes.com/mwb-download/"  

when I get to the download page, I don't know which version to download.  I understand that my version of Malwarebytes is Malwarebytes Premium, but I don't know whether it's a "Home" version or "Business" version; and so I don't know which version to download and install in order to be sure that I have the latest  version.   Could you tell me which version to download and install?

Thanks,

                       Marc

p.s.  Thank you for giving me detailed instructions.  It is reassuring to me.

Link to post
Share on other sites

Hi.  I still have the malware.
I followed your directions twice.  But I still have the malware.
On Sat, Feb 23, 3:52 AM, I sent you a response, but it does not appear here on the forum website.   So, I'm replying again with the same info.  
 
But this time, instead of pasting "FRST.txt" into the body of the body of my response, I'm attaching the "FRST.txt" file to my reponse.  I'm attaching the file instead of pasting it into the body of my response, because I suspect that the great length of "FRST.txt" caused my response to be rejected as a response to be posted here.
 
FYI, I noticed that, when I started Chrome again, there was briefly a window that said that a sync was started.   But I thought we turned off sync'ing.  I don't understand why it sync'd.
 
I also attached the file you asked me to attach (Addition.txt) and a report from the last time I ran a Malwarebytes complete scan.
 
I look forward to hearing from you.
Kindest regards,
                      Marc

FRST.txt

2019-02-23_03-38-43 Malwarebytes Scan Report.txt

Addition.txt

Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Nothing suspicious was found in your logs.

Your copy of Chrome has probably been compromised

step1.gif Remove Chrome from your Computer and reinstall a fresh copy later.

step2.gifIf you remove the syncing of your account you must remove it before you save your bookmarks etc...
Delete Your Google Chrome Browser Sync Data if you sync with other devices. <- Important ...
https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/

step3.gif Before you remove Chrome Export your Bookmarks
Chrome will export your bookmarks as a HTML file, which you can then import into another browser.
How To: http://ccm.net/faq/31791-how-to-backup-your-google-chrome-bookmarks

step4.gif Before you remove Chrome Export your Passwords
How to export your saved passwords from Chrome
https://betanews.com/2018/03/09/export-chrome-passwords/

step5.gif Clear your Chrome cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en

step6.gif Remove Chrome using the the instructions on this page.
https://support.google.com/chrome/answer/95319?hl=en

step7.gif Re-install Chrome and the Bookmarks.
<<<>>>

Any remaining issues?


 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.