Jump to content
RichterB

Google Chrome malwares? Can I just white list them?

Recommended Posts

Hello, I know there is already a topic about this(here), but I just would like to know if it's safe to add the detected folder to the Allow List of Malwarebytes, instead of disable the function inside Chrome.

The program reports these :

Folder: 1
PUP.Optional.ASK, C:\USERS\MARCO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 1, 454827, , , , 

File: 12
PUP.Optional.ASK, C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, No Action By User, 1, 454827, , , , 
PUP.Optional.ASK, C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000137.ldb, No Action By User, 1, 454827, , , , 
PUP.Optional.ASK, C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000140.ldb, No Action By User, 1, 454827, , , , 
PUP.Optional.ASK, C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000143.ldb, No Action By User, 1, 454827, , , , 
PUP.Optional.ASK, C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000145.log, No Action By User, 1, 454827, , , , 
PUP.Optional.ASK, C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000146.ldb, No Action By User, 1, 454827, , , , 
PUP.Optional.ASK, C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, No Action By User, 1, 454827, , , , 
PUP.Optional.ASK, C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, No Action By User, 1, 454827, , , , 
PUP.Optional.ASK, C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, No Action By User, 1, 454827, , , , 
PUP.Optional.ASK, C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, No Action By User, 1, 454827, , , , 
PUP.Optional.ASK, C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, No Action By User, 1, 454827, , , , 
PUP.Optional.ASK, C:\USERS\MARCO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 1, 454827, 1.0.18948, , ame, 

 

The topic linked below, suggests to disable the Sync function of Chrome. But can I just add the folder to the Allow list?

Thanks in advance.

Share this post


Link to post
Share on other sites

Hi, 

My name is Maurice. I will be helping and guiding you, going forward on this case.

Let me know what first name you prefer to go by.

 

Please follow my directions as we go along.  Please do not do any changes on your own without first checking with me.

If you will be away for more than 3 consecutive days,  do try to let me know ahead of time, as much as possible.

 

Please only just attach   all report files, etc  that I ask for as we go along.

 

This P U P  should be removed.   and not placed in the allow list.

Read about this threat  https://blog.malwarebytes.com/detections/pup-optional-ask/

 

The Google SYNC being on will hamper the cleanups.  You need to set it to Off so the cleanups can proceed.   [   much later when all done, you can turn it back on ]

[   1  ]

Turn it Off please.

Using Chrome browser  go to https://www.google.com/settings/chrome/sync and sign into your account.
Scroll down until you see the "reset sync" button and click on the button
At the prompt click on "Ok".


[    2    ]

I  would suggest to download, Save, and then run Malwarebytes ADWCLEANER.

Please close Chrome and all other open web browsers after you have saved the Adwcleaner and before you start Adwcleaner scan.

Adwcleaner  detects factory Preinstalled applications too!

 

Please download  Malwarebytes AdwCleaner  https://downloads.malwarebytes.com/file/adwcleaner
 

Be sure to Save the file first, to your system.  Saving to the Downloads folder should be the default on your system.

 

Go to the folder where you saved Adwcleaner. Double click Adwcleaner  to start it.

At the prompt for license agreement, review and then click on I agree.

 

You will then see a main screen for Adwcleaner. ( if you do not see it right away, minimized the other open windows, so you can see Adwcleaner).

Then click on Dashboard button.

Click the blue button "Scan Now".

 

allow it a few minutes to finish the Scan.   Let it remove what it finds.

NOTE:  When it comes to the section "

Pre-installed applications

 

You can skip that.

Please find and send the Adwcleaner "C" clean report.

In Adwcleaner, click the "Reports" button.  Look at the list of reports for the latest date & type "Clean".

Double Click that line & it will open in Notepad.   Save the file to your system and then Attach that with your reply.

 

That C clean report will be the one with the most recent Date and time at folder  C:\AdwCleaner\Logs

Thanks.  Keep me advised.

 

 

Share this post


Link to post
Share on other sites
7 hours ago, Maurice Naggar said:

CUT

 

 

Hello, I'm not able to run ADWCleaner. In Windows normal mode, it just doesn't run.

In Safe Mode it gives an error message 0xc0000005

Googling for it, I've seen there was other people with this error.

Share this post


Link to post
Share on other sites

Anyway, even if ADWCleaner doesn't work, seems I was able to solve the problem.

As you suggested, I disabled Chrome Sync, and used the Reset Sync. After that, Malwarebytes found only 1 threat file and I deleted it.

Now, the scan find nothing, also after restarting PC and Chrome.

Share this post


Link to post
Share on other sites

Hi,  It seems you are indicating that Malwarebytes for Windows latest scan reports no P U P  & no malware.

Is there anything that you need at this point ?    or are you all good to go ?

Share this post


Link to post
Share on other sites

That is fine.  You are welcome !

 

It is not enough to just have a security program installed. Each pc user needs to practice daily safe computer and internet use.

 

Best  practices & malware prevention:
Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.
First rule of internet safety: slow down & think before you "click".

Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).


Free games & free programs are like "candy". We do not accept them from "strangers".


Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program.

 

 

Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

Use a Standard user account rather than an administrator-rights account when "surfing" the web.
See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html
Dont remove your current login. Just use the new Standard-user-level one for everyday use while on the internet.

 
Do a Windows Update.

Make certain that Automatic Updates is enabled.
https://support.microsoft.com/en-us/help/12373/windows-update-faq




Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

For other added tips, read "10 easy ways to prevent malware infection"

.

I wish you all the best.

Sincerely,

Maurice

Share this post


Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.