In our organiztion we are continually experiencing hundreds/thousands of log entries for PUP.Option.MindSpark in various forms within Chrome. Wondering how best to either block these or if this is something we need to worry about? Below is a sample from a Management Console report. Please let me know if I should be looking in a different area.
Usually repeated detection, removal and detection again of an object is a sign of a rootkit infection, however the path here is for Google's browser, this is a Google profile sync issue.
Chrome has an autosync feature that automatically places browser extensions and settings from a users home machine(s) to whichever other machine(s) they use and are signed into with Chrome.
For a more complete removal you need to have the users sign out of Chrome and then rescan, and use ADWCleaner - h