Malwarebites removed my Chrome Desktop Shortcuts

[Swifty]

I'm a fan of the Chrome browser's Desktop Icons†, and had several of them, principally an icon for my Gmail. 

After installing MalWareBytes, and running a scan, and then quarantining the 21 items found, I was horrified to discover that my Chrome Icons had disappeared. I've appended the log as Malwarebytes.txt so you can see which files had been quarantined.

I re-built my desktop icons and the next day, after Malwarebytes had quarantined the same 21 items, the icons were gone again. I began to notice the pattern.

How can I determine if these 21 items are false positives, or indicative that I need to do something about some of the files in Google Chrome UserData? 

It seems that the 21 items re-appear in my UserData directory whenever I launch any program which invokes the chrome browser.

† Chrome browser desktop icons are icons that the Chrome Browser creates on the Windows Desktop. When launched, they open the browser to a specified URL but with the browser's controls removed. So you see the content of the webpage, and almost nothing else. Ideal for things like Gmail.

MalwareBytes.txt

[blender]

Hello,

These are not false positive detections. I would like though if once you rebuild your shortcuts again (You create custom ones for sites you visit? Gmail, etc?), can you zip  them up & attach here? I'd like to have a look at them.

The detections showing in your Web Data files are related to syncing. Please see this post which explains in detail how to deal with this:

Do note that you will need to perform the same on ALL devices you sync to this account & all logins on the PC that sync to this account. Otherwise one of the devices or logins can sync back the bad data again.

Thank you,

[Swifty]

Do you mean you want me to zip the *.lnk(I presume) files created when chrome creates its' desktop icons? They are just a convoluted URL. Or the actual files that are being detected? Or something else. I get confused. Sorry for the trouble.

I used to be good at this (worked in IBM's Microsoft support team) but since retiring I'm now edging into dementia, staring into the abyss.

[blender]

Hello,

 

That's OK, it often does not take much to confuse me either.
It is winter where I live so the slope to the abyss is slippery here. Hehe.

The shortcuts (.lnk) created on your desktop. You can zip copy of them before you have MBAM clean up.

"They are just a convoluted URL" - are these ones you modified to open a specific web page?

Normally if there is malicious data detected in a LNK file, if it is a legit shortcut for say, Chrome, but the target path is hijacked to open a bad site, we just clean out the bad URL within it & restore normal function of the shortcut.
 
It would be unusual to have them outright deleted. Hoping to reproduce this on my machine so we can get to the bottom of the issue.

Thank you,

[Swifty]

In case you're wondering the outcome of this thread, I'm no longer interested in it, a victim of old-age memory loss (me, not my PC).

Shortly after the last activity (above) my Windows 10 Pro system obliterated itself overnight. It had been mis-behaving in bizarre ways for months.

I awoke to a recovery screen, but nothing it suggested worked. So the PC was re-imaged by the local PC shop. 

Having a completely fresh start, I'm going to attribute all my woes to the Windows 10 meltdown, at least until they re-appear. 

[Aura]

Thanks for the update Swifty If you ever encounter any other malware-related issue, you're always free to come back here and seek assistance.

Until then, stay safe!