Jump to content

chrome detection always comes back

passegua

By passegua
in Resolved Malware Removal Logs

 Share

Recommended Posts

passegua

passegua

Posted
Posted

Well I've followe exactly all suggested in
https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/

and I run Malwarebytes several times (chrome closed and not sync)
but every time it finds these:

Malwarebytes
www.malwarebytes.com

-Dettagli log-
Data scansione: 08/11/17
Ora scansione: 11:54
File di log: 3b982270-c473-11e7-a611-308d99f946d3.json
Amministratore: Sì

-Informazioni software-
Versione: 3.2.2.2029
Versione componenti: 1.0.212
Aggiorna versione pacchetto: 1.0.3204
Licenza: Free

-Informazioni sistema-
SO: Windows 10 (Build 16299.19)
CPU: x64
File system: NTFS
Utente: HPenvy\Danieluvi

-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Risultati: Completata
Elementi analizzati: 637332
Minacce rilevate: 6
Minacce messe in quarantena: 6
Tempo impiegato: 42 min, 25 sec

-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare

-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)

Modulo: 0
(Nessun elemento nocivo rilevato)

Chiave di registro: 0
(Nessun elemento nocivo rilevato)

Valore di registro: 0
(Nessun elemento nocivo rilevato)

Dati di registro: 0
(Nessun elemento nocivo rilevato)

Flusso di dati: 0
(Nessun elemento nocivo rilevato)

Cartella: 0
(Nessun elemento nocivo rilevato)

File: 6
PUP.Optional.Conduit, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sostituito, [579], [454832],1.0.3204
PUP.Optional.Conduit, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sostituito, [579], [454832],1.0.3204
PUP.Optional.SweetIM, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sostituito, [1183], [455282],1.0.3204
PUP.Optional.SweetIM, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sostituito, [1183], [455282],1.0.3204
PUP.Optional.ASK, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sostituito, [527], [454827],1.0.3204
PUP.Optional.ASK, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Sostituito, [527], [454827],1.0.3204

Settore fisico: 0
(Nessun elemento nocivo rilevato)


(end)

malware.txt

Link to post
Share on other sites
passegua

passegua

Posted
  • Author
Posted
19 minutes ago, Aura said:

Hi passegua :)

Can you update your Malwarebytes to the latest version (3.3), then follow the instructions in the guide once more and see if it works this time?

3.3:

https://forums.malwarebytes.com/topic/213935-malwarebytes-33-now-available/

 

I updated to the newest version, same result!

Malwarebytes
www.malwarebytes.com

-Dettagli log-
Data scansione: 08/11/17
Ora scansione: 16:29
File di log: 92afc894-c499-11e7-bd45-308d99f946d3.json
Amministratore: Sì

-Informazioni software-
Versione: 3.3.1.2183
Versione componenti: 1.0.236
Aggiorna versione pacchetto: 1.0.3206
Licenza: Free

-Informazioni sistema-
SO: Windows 10 (Build 16299.19)
CPU: x64
File system: NTFS
Utente: HPenvy\Danieluvi

-Riepilogo scansione-
Tipo di scansione: Scansione personalizzata
Risultati: Completata
Elementi analizzati: 113
Minacce rilevate: 6
Minacce messe in quarantena: 6
Tempo impiegato: 0 min, 17 sec

-Opzioni di scansione-
Memoria: Disattivata
Esecuzioni automatiche: Disattivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Disattivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare

-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)

Modulo: 0
(Nessun elemento nocivo rilevato)

Chiave di registro: 0
(Nessun elemento nocivo rilevato)

Valore di registro: 0
(Nessun elemento nocivo rilevato)

Dati di registro: 0
(Nessun elemento nocivo rilevato)

Flusso di dati: 0
(Nessun elemento nocivo rilevato)

Cartella: 0
(Nessun elemento nocivo rilevato)

File: 6
PUP.Optional.Conduit, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [579], [454832],1.0.3206
PUP.Optional.Conduit, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [579], [454832],1.0.3206
PUP.Optional.SweetIM, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [1183], [455282],1.0.3206
PUP.Optional.SweetIM, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [1183], [455282],1.0.3206
PUP.Optional.ASK, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [527], [454827],1.0.3206
PUP.Optional.ASK, C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sostituito, [527], [454827],1.0.3206

Settore fisico: 0
(Nessun elemento nocivo rilevato)


(end)

Link to post
Share on other sites
Aura

Aura

Posted
Posted (edited)

Alright, follow the instructions again, until you get to the step where you need to log in Google Chrome again after running the Malwarebytes scan and removing the threats it detected. From there, uninstall Google Chrome, and delete this folder completely: 

C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME

Once done, reinstall Google Chrome, log back in with your Google account, wait a few minutes for the sync to complete and run a new scan with Malwarebytes.

IGNORE THE SOLUTION POSTED ABOVE, AS YOU MIGHT LOOSE ALL YOUR CHROME SETTINGS/DATA.

Edited by Aura
Link to post
Share on other sites
passegua

passegua

Posted
  • Author
Posted (edited)
1 hour ago, Aura said:

Alright, follow the instructions again, until you get to the step where you need to log in Google Chrome again after running the Malwarebytes scan and removing the threats it detected. From there, uninstall Google Chrome, and delete this folder completely: 


C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME

Once done, reinstall Google Chrome, log back in with your Google account, wait a few minutes for the sync to complete and run a new scan with Malwarebytes.

 

If I uninstall Chrome I shall lose all my settings + extensions + bookmarks and so?

Thanks

 

Edited by passegua
Link to post
Share on other sites
passegua

passegua

Posted
  • Author
Posted (edited)
1 hour ago, Aura said:

Alright, follow the instructions again, until you get to the step where you need to log in Google Chrome again after running the Malwarebytes scan and removing the threats it detected. From there, uninstall Google Chrome, and delete this folder completely: 


C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME

Once done, reinstall Google Chrome, log back in with your Google account, wait a few minutes for the sync to complete and run a new scan with Malwarebytes.

 

If I uninstall Chrome I shall lose all my settings + extensions + bookmarks and so?

Thanks

 

Edited by passegua
Link to post
Share on other sites
Aura

Aura

Posted
Posted
2 hours ago, malware_destroyer said:

I am also seeing this. On a related note, it appears as though Malwarebytes is mistakenly identifying the Web Data file in \USERS\USERNAME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT as PUP.optional.ASK.

This isn't a false positive.

@passegua, can you follow the instructions in this post below? Make sure to have Malwarebytes 3.3.1 installed first.

https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/?do=findComment&comment=1180852

Link to post
Share on other sites
Ironworks

Ironworks

Posted
Posted

Popping in to say- I had this issue and doing the manual chrome setting clear seems to have fixed it. I'll check again later tonight just to make sure, but I've had a few passes now without it reappearing even after booting chrome and doing a few things with it, which is better then anything else so far.

Link to post
Share on other sites
passegua

passegua

Posted
  • Author
Posted
On 8/11/2017 at 4:43 PM, Aura said:

Alright, follow the instructions again, until you get to the step where you need to log in Google Chrome again after running the Malwarebytes scan and removing the threats it detected. From there, uninstall Google Chrome, and delete this folder completely: 


C:\USERS\DANIELE\APPDATA\LOCAL\GOOGLE\CHROME

Once done, reinstall Google Chrome, log back in with your Google account, wait a few minutes for the sync to complete and run a new scan with Malwarebytes.

IGNORE THE SOLUTION POSTED ABOVE, AS YOU MIGHT LOOSE ALL YOUR CHROME SETTINGS/DATA.

Too late :-(

Anyhow not a big problem, I re installed Chrome and imported my bookmarks from Firefox.

Then I reinstalled my extensions and seems that passwords are stored somewhere else because they are still here.

Now Malwarebytes doesn't find PUP any more,

Link to post
Share on other sites
Aura

Aura

Posted
Posted

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept