Chrome : C:\Users\......\User Data\Default\Secure Preferences

[Demky]

Hello.

I used Malwarebytes adwCleaner on my computer and it detected "3 malwares" :

Chromium préf trouvée:
C:\Users\demky\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://start.mysearchdial.com/?f=1&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0CyEyEyCtCzytA0EtB0CyE0FyCyDtBtBtN0D0Tzu0CyByCyBtN1
Chromium préf trouvée:
[C:\Users\demky\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://start.mysearchdial.com/?f=1&a=MSD3_14_10_CH&cd=2XzuyEtN2Y1L1Qzu0B0C0E0EyB0ByBtB0EzyzytB0ByEyDtAtN0D0Tzu0SyBzyy
Chromium préf trouvée:
[C:\Users\demky\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.palikan.com/?f=7&a=plk_ir_15_39&cd=2XzuyEtN2Y1L1Qzu0B0C0E0EyB0ByBtB0EzyzytByC0CyBtCtN0D0Tzu0StCtAyCtAtN1L2

When I click "clean", it remove the malware but everytime I restart computer then chrome the malware comeback.

I reinitialised chrome setting but it did nothing.

I don't know what to do, any ideas ?

thanks for your time

 

[TwinHeadedEagle]

Hello,

Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
• Accept the Terms of use.
• Wait until the database is updated.
• Click Scan.
• When finished, please click Clean.
• Your PC should reboot now.
• After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

 

[Demky]

Hi,
This is the result :

Spoiler: AdwCleaner

# AdwCleaner v6.047 - Rapport créé le 08/06/2017 à 16:11:27
# Mis à jour le 19/05/2017 par Malwarebytes
# Base de données : 2017-06-08.1 [Serveur]
# Système d'exploitation : Windows 10 Home (X64)
# Nom d'utilisateur : demky - MSI
# Exécuté depuis : E:\Google Drive\Dky80g\Saved Data\Outils - Optimise - Nettoie PC\adwcleaner_6.047.exe
# Mode: Nettoyage
# Support : Customer Support & Help Center



***** [ Services ] *****



***** [ Dossiers ] *****



***** [ Fichiers ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Raccourcis ] *****



***** [ Tâches planifiées ] *****



***** [ Registre ] *****



***** [ Navigateurs ] *****

[-] [C:\Users\demky\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Supprimé: hxxp://start.mysearchdial.com/?f=1&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0CyEyEyCtCzytA0EtB0CyE0FyCyDtBtBtN0D0Tzu0CyByCyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=472615744&ir=
[-] [C:\Users\demky\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Supprimé: hxxp://start.mysearchdial.com/?f=1&a=MSD3_14_10_CH&cd=2XzuyEtN2Y1L1Qzu0B0C0E0EyB0ByBtB0EzyzytB0ByEyDtAtN0D0Tzu0SyBzyyCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0DtD0A0Fzz0BtCtGyDyD0F0CtGzyzy0FtBtGzyyE0D0CtGyB0FyBzytD0D0AyCtBtAyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBzzyCtCyEzy0EtAtG0EyCtA0FtG0EtDtDyBtGzy0E0AzytGyD0DyCtD0DtC0FtC0B0DyCzy2Q&cr=1320318924&ir=
[-] [C:\Users\demky\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Supprimé: hxxp://www.palikan.com/?f=7&a=plk_ir_15_39&cd=2XzuyEtN2Y1L1Qzu0B0C0E0EyB0ByBtB0EzyzytByC0CyBtCtN0D0Tzu0StCtAyCtAtN1L2XzutAtFtCtBtFyDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2S0C0EyCyEtCtByDtBtGyEtCzztBtGyEyD0FzztGzz0F0AtAtG0E0DtAyB0CzytCyDtC0DyD0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0BtDtDzy0DyDyEtG0AtD0ByDtGyEyCyE0BtGzz0FyB0FtGyBzztD0DtCzz0ByBzz0CtAyE2QtN0A0LzuyE&cr=20450030&ir=


*************************

:: Clés "Tracing" supprimées
:: Paramètres Winsock réinitialisés

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3313 octets] - [23/04/2017 20:41:02]
C:\AdwCleaner\AdwCleaner[C2].txt - [2788 octets] - [25/04/2017 13:53:32]
C:\AdwCleaner\AdwCleaner[C3].txt - [2587 octets] - [29/04/2017 11:51:26]
C:\AdwCleaner\AdwCleaner[C4].txt - [2735 octets] - [08/06/2017 11:29:52]
C:\AdwCleaner\AdwCleaner[C5].txt - [2882 octets] - [08/06/2017 12:03:43]
C:\AdwCleaner\AdwCleaner[C6].txt - [2061 octets] - [08/06/2017 12:14:08]
C:\AdwCleaner\AdwCleaner[C7].txt - [2507 octets] - [08/06/2017 16:11:27]
C:\AdwCleaner\AdwCleaner[S0].txt - [2800 octets] - [23/04/2017 20:35:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [2372 octets] - [25/04/2017 13:50:50]
C:\AdwCleaner\AdwCleaner[S2].txt - [2237 octets] - [29/04/2017 11:42:27]
C:\AdwCleaner\AdwCleaner[S3].txt - [2385 octets] - [08/06/2017 11:28:45]
C:\AdwCleaner\AdwCleaner[S4].txt - [2761 octets] - [08/06/2017 11:42:08]
C:\AdwCleaner\AdwCleaner[S5].txt - [2455 octets] - [08/06/2017 12:12:54]
C:\AdwCleaner\AdwCleaner[S6].txt - [2194 octets] - [08/06/2017 12:22:18]
C:\AdwCleaner\AdwCleaner[S7].txt - [3131 octets] - [08/06/2017 13:16:42]
C:\AdwCleaner\AdwCleaner[S8].txt - [3206 octets] - [08/06/2017 16:10:30]

########## EOF - C:\AdwCleaner\AdwCleaner[C7].txt - [3247 octets] ##########

 

[Demky]

I can't edit last message, I don't know if it's safe to delete the file with the malware :

C:\Users\demky\AppData\Local\Google\Chrome\User Data\Default\Secure Preference

is it ? there is only text inside it

 

[TwinHeadedEagle]

Have Adwcleaner fixed the issue? If not, yes, you can remove secure preferences file.

 

[Demky]

no, as I said, it fix the issue but when I restart chrome again, the malware come again...

I don't know what to do.

I uploaded log files, it's exatly the same.

Do you have any idea ?

 

[TwinHeadedEagle]

Can you reinstall Chrome?