Computer Support Forum

processes labeled google chrome but chrome isn't running

Question: processes labeled google chrome but chrome isn't running

i suppose these are also needed

Relevance 100%
Preferred Solution: processes labeled google chrome but chrome isn't running

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

Answer: processes labeled google chrome but chrome isn't running

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyone's topic as fast as possible. But bear in mind that I have private life like everyone and I cannot be here 24/7. So please be patient with me. Also, some infections require less, and some more time to be removed completely, so bear this in mind and be patient.
Please stay with me until the end of all steps and procedures and I declare your system clean. Just because there is a lack of symptoms does not indicate a clean machine. If you solved your problem yourself, set aside two minutes to let me know.

Please attach all report using button below. Doing this, you make it easier for me to analyze and fix your problem.

Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.


Download Malwarebytes Anti-Rootkit to your desktop.

Double-click the icon to start the tool.
It will ask you where to extract it, then it will start.
Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
Click in the introduction screen "next" to continue.
Click in the following screen "Update" to obtain the latest malware definitions.
Once the update is complete select "Next" and click "Scan".
When the scan is finished and no malware has been found select "Exit".
If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
Open the MBAR folder and paste the content of the following files in your next reply:
"mbar-log-{date} (xx-xx-xx).txt"
"system-log.txt"

Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

9 more replies
Relevance 115.42%

hello I am having the same problem with my pc and was wondering if I could get some help to resolve I am not could with computers or typing so I will do my best
 

Answer:processes labeled google chrome but chrome isn't running

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

17 more replies
Relevance 89.32%

I noticed a lat jump after updating adobe. I checked my processes and there is a ton of Google Chrome Processes running. I did not have chrome loaded at that time. I have win 7. I have run bitfinder and it finds nothing wrong. I try ending them but they launch right back up. Bitfinder has found 430 infected web resource detected just today but it blocks it and says computer is safe. 
 
kraxzciwyk.exe*32  is the image name and the description is Google Chrome.

Answer:Lots of Google Chrome processes running but don't have chrome installed

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware to your desktop.NOTE. If you already have MBAM 2.0 installed scroll dow... Read more

16 more replies
Relevance 88.45%

My computer is running Windows 7.
 
About a week ago, I started getting messages saying "Google Chrome has crashed" when Google Chrome was not open. When I opened task manager, many Google Chrome processes under the same name were running. To try to fix the problem, I uninstalled Google Chrome, but the processes are still running.
 
Right now there are about 15 processes named "dlxyoesklw.exe *32" with the description "Google Chrome" in the task manager. The number of running processes changed frequently, and there are sometimes more than 30 running, all using various amounts of memory. When I press "End Process," more processes just appear.
 
If I press "Open File Location," it now takes me to C:\Users\Owner\AppData\LocalLow\EmieBrowserModeList\igsqvescqy\mwqvrxfk
If I try to delete the .exe file, it says "The action can't be completed because the file is open in Google Chrome. Close the file and try again" but of course Google Chrome is uninstalled.
 
Twice I have tried to delete the whole folder by restarting the computer and quickly deleting it before the processes launched. This did not work, as the processes still appeared after the file was deleted, and the folder relocated to a new one under \AppData\LocalLow\
The folder used to be in \AppData\LocalLow\EmieSiteList\ before it relocated.
 
I have G Data TotalSecurity 2014 installed but it did not find anything.
 
This behavior is very suspicious. What should I... Read more

Answer:Google Chrome processes running when Chrome is uninstalled

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scr... Read more

18 more replies
Relevance 88.16%

Hello,
 
I'm trying to repair my parents computer. They were getting Trojan horse warning messages and crashing to blue screens. So far I have updated the BIOS and uninstalled all the browser addons and questionable apps I found on there PC. Since updating the BIOS it hasn't crashed to blue screen. However I'm getting a lot of lywqyjla.exe processes that say they belong to Google Chrome. I uninstalled Google Chrome and they are still there. Each of them is using varying amounts of memory and the CPU usage keeps spiking. I have run malware bytes and adw cleaner, each of them said they found and removed threats but these processes keep showing up.

Answer:Multiple Google Chrome processes running even though I uninstalled Google Chrome

Welcome to BC !
 
Run a scan using RKill. Read its description as to what it does. Once you have successfully run the scan, DO NOT reboot.
Proceed with the other scans. Reboot if the MBAM or other scans ask you to.
RKill Download
 
Download Malwarebytes' Anti-Malware from Here
Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).
Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
The scan may take some time to finish,so please be patient.
If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then... Read more

1 more replies
Relevance 78.3%

Hi, I am new to the forum but came here because I have seen another thread that looked similar to my problem.  I don't have Google chrome installed, but I see multiple processes running (named gtgpalgcum.exe *32) with Google Chrome as the description.  I believe my computer is infected with some kind of malware.  Can anyone help me with this issue? 
Stan

Answer:Multiple Google Chrome Processes Running

Welcome to Bleeping Computer,
Please do the following:
Please download the Farbar Recovery Scan Tool from here:http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ (for 32bit systems)http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ (for 64bit systems)
Note: Wait for the direct download to begin, do not click on anything else on the page.
save it to your desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it.
When the tool opens click Yes to disclaimer.
Press the Scan button.
It will make a log (FRST.txt) in the same directory the tool is run.
Please attach that log to your reply.
The first time the tool is run, it makes a second log (Addition.txt).
Please attach that to your reply as well
NEXT
Download Malwarebytes Anti-Rootkit (MBAR) from the following link and save it to your desktop.http://downloads.malwarebytes.org/file/mbar
**Next, exit Malwarebytes Anti-Malware ( MBAM ) if it is running. You can do so via the notification area icon near the clock. Right click on the mbam icon, and select Exit.**
Next...Double click on the MBAR file you downloaded.
Approve the UAC prompt in Vista and newer operating systems.
Click OK on the next screen, to allow the package to extract the contents of the file to it's own folder, mba... Read more

2 more replies
Relevance 78.3%

I noticed after a reformat (previous severe infection) that it was only a few days before my system slowed down considerably.
I went into task manager and found 10-30 google chrome processes running. I removed google chrome and anything related, restarted , deleted spyware and opened it up again.
I tried to delete the processes and process trees only to have them appear again.
I am unable to use the internet much less my gaming community.
I can also provide a screenshot if necessary.
 

Answer:multiple google chrome processes running . . . .

I need Addition.txt
 

12 more replies
Relevance 78.3%

I have afake google chrome process in task manager and don't have google chrome installed. First indication of an issue was when popups prompted me to allow a windows command processor to do something. I believe I always said no.. but my kids may have said yes.
 

Answer:Fake Google Chrome Processes Running

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

17 more replies
Relevance 78.3%

I have about 15+ processes running under goggle chrome. I did my research and know its a virus, so I started the Malwarebytes scan and currently am showing as 12 malwares found, but its still going!

Thank you for the help!!
 

Answer:Google Chrome running several processes - need help with this virus!

mbar-log-2015-02-01 (15-28-36).txt
Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org

Database version:
main: v2015.02.01.07
rootkit: v2015.01.14.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Christy :: CHRISTY-PC [administrator]

2/1/2015 3:28:36 PM
mbar-log-2015-02-01 (15-28-36).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 344802
Time elapsed: 18 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 4
C:\Users\Christy\AppData\Local\Microsoft Games\Phgllgdxsq.dll (Trojan.Chrome.INJ) -> Delete on reboot. [103b66b37713cc6a1788e63105fd6d93]
C:\Users\Christy\AppData\Local\Microsoft Games\Phgllgdxsq.dll (Trojan.Chrome.INJ) -> Delete on reboot. [103b66b37713cc6a1788e63105fd6d93]
C:\Users\Christy\AppData\Local\Microsoft Games\Phgllgdxsq.dll (Trojan.Chrome.INJ) -> Delete on reboot. [103b66b37713cc6a1788e63105fd6d93]
C:\Users\Christy\AppData\Local\Microsoft Games\Phgllgdxsq.dll (Trojan.Chrome.INJ) -> Delete on reboot. [103b66b37713cc6a1788e63105fd6d93]

Registry Keys Detected: 5
HKU\S-1-5-21-1152919652-166373410-1757317350-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{66D8FBA6-D90F-40A9-AC55-84896F79CA69} (Trojan.BHO) -> Delete on reboot. [08432feac3c765d1ccf966be976... Read more

2 more replies
Relevance 78.3%

You've helped me before. FRST scan is attached. Please let me know the next step.
 

Answer:Google chrome not installed but running in processes.

Helllo,

Before we begin, please note the following:

I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
The logs can take some time to research, so please be patient with me.
Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
Instructions that I give are for your system only!
Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable. ​Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
Right-click on icon and select Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
Press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let ... Read more

6 more replies
Relevance 78.3%

Multiple Google Chrome processes running, whose image name is Bkumbzlzkp.exe.
The file location for this is C:\Users\Gel\AppData\LocalLow\EmieSiteList\Moqhsillt\Xkjonjiipp.
 

Answer:Multiple Google Chrome processes running

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

4 more replies
Relevance 78.3%

Hello. I have read most of your replies, and I am hoping I don't need to start a new thread and I can just upload my scan files here. Please let me know if I need to do something different.

Thank you in advance for all your help.
 

Answer:Fake Google Chrome Processes Running

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

1 more replies
Relevance 78.3%

Hi I was online last night surfing the internet when I had a pop up I couldn't close or exit.. so instead of turning off my computer I clicked ok. Immediately after that I opened window task manager and seen egwpdiofqs.exe being run about 8 of them. So I started to exit out of them they would immediately reappear so I tried to open file location and delete the folders it wouldn't let me as it said they were still in use from google chrome which I don't have installed. I seen posts of other people with similar problems so I already downloaded the frst64 and ran a scan. Sigh im so dumb I pretty much hit OK for this virus to get onto my computer. =( Will TIP nicely for assistance haha thanks again... P.S. my computer is terribly sluggish after this happened it tends to freeze a lot and it won't let me run system restore.

Answer:Mutliple processes running from google chrome.

(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Adobe Systems Incorporated) C:\Win... Read more

3 more replies
Relevance 78.3%

Looking for best way to fix this malware/virus issue. Currently do not have any virus protection/software (thought I did & up til recently this computere was not used for downloading files/internet access so virus software was not really needed).

Attached addition.txt and frst.txt for you to view. Computer running Windows xp 32bit. Symptoms started when downloaded zip file for printer drivers because I couldnt find my disk. Or at same time, maybe from an external drive I was copying a file to.

Again, computer harddrive constantly running, so much that manouvering around on the internet is painstaking...google chrome not installed yet processes keep popping up in task manager.

If you can help me clean this up, I would be grateful, and then suggest some virus protection software....cause obviously I need it.
Thanks.
 

Answer:Fake Google Chrome processes running

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

3 more replies
Relevance 77.43%

complete beginner here. forgive my for my outdated knowledge and lingo.

Google Chrome process called "vfiujynubu.exe" is creating itself in random folders around my computer and running itself on startup, creating many processes and hogging CPU and RAM. When I try to delete the .exe, i either can't or it recreates itself upon next computer startup and continues running fake Chrome processes (even after I have completely uninstalled Chrome).

I am a subscriber to webroot secureanywhere and reported this problem to them. They suggest it is not a problem. They probably are correct. However I don't understand why all these processes continue to run (and why the .exe is even there) after I uninstall chrome. Here is the exchange:

Hello,

After examining all the information and logs you returned to us. We can see that the file you are referring to is a genuine Google Chrome file.
[G] c:\users\keim delepine\appdata\locallow\rbxlogs\ihmevlph\kywngyniqin\vfiujynvbv.exe [MD5: 0BDAE865738D27A4D84D50591C8C9D2D] [Flags: 10001000.21689]

More info on this file can be found on the (Virus Total)VT link below:
https://www.virustotal.com/en/file/...e974ebff8700f5f93dca2ec8a6b0991e2ac/analysis/

If you still suspect that your computer is infected, please provide any additional details that might lead you to believe that your computer's behavior is due to malware, and not an unrelated technical issue.

Thank you,

The Webroot Threat Research
Your Message (Nov 6,... Read more

Answer:Fake? google chrome processes running wild

hope this helps!
 

6 more replies
Relevance 77.43%

Hi, I am infected with a virus of some sort which is causing multiple Google Chrome processes to be running using up almost all of the CPU. I have run and attached the scans.. This is very similar to the com surrogate virus I had on this computer last month which you helped me fix. Thanks in advance for your assistance.
 

Answer:Multiple Google Chrome exe processes running. -- virus?!

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

6 more replies
Relevance 77.43%

Here are uploads of FRST log, DDS and Attach logs.

Any help is appreciated.

Regards
 

Answer:Multiple Fake Google Chrome Processes Running

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

7 more replies
Relevance 77.43%

This morning a message box popped up in the middle of my screen and said something like "Google Chrome is not able to write to it's directory" but I don't even have Google Chrome installed. I went to Task Manager and noticed several processes running with Google Chrome as the description, but the processes are named "yzcuofj.exe". This seemed odd, so I was searching the web for help and came across this website. I'm a little hesitant to start downloading and running executable files, for fear of "fake helpers" getting people to download malware/viruses, but this site seems pretty legit...so here goes! I'm guessing the first thing you'll ask me to do is run FRST? (although I've seen in other threads you've asked users to run ZOEK or RogueKiller or TDSSKiller, etc)
 

Answer:Google Chrome processes running but application not installed

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

16 more replies
Relevance 77.14%

A bunch of these jpkncmkh.exe *32 processes are always open in my task manager and my cpu is running at 90 to 100% and I don't have google chrome and the description is google chrome.  These must be viruses I need to get rid of im going to attach a frst files and logs because I saw other posts that did that. Please Help!!??
 
I want to copy and paste a fix list like I saw other people do to get rid of them but I don't know  how?
 
 

Answer:Fake Chrome Processes Please Help jpkncmkh.exe *32 description google chrome

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/554784 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

20 more replies
Relevance 77.14%

Hello,

As noted above, I'm currently having problems with a process that is being detected as Gooogle Chrome taking up most of the resources on my system. This, even though I don't have Chrome installed on my computer. I've tried deleting the file, but it just pops up somewhere else.

I ran FRST and have attached the resulting reports to this thread. Any help you can provide would be greatly appreciated.

Thanks in advance,

J
 

Answer:Google Chrome Processes stalling system, but Chrome isn't installed

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

7 more replies
Relevance 76.56%

Multiple Fake Google Chrome Processed are running on laptop. See multiple similar threads. Ran FRST and have provided logs. Any assistance would be greatly appreciated!
 

Answer:Multiple Fake Google Chrome Processes Running on Laptop

Uninstall Ask Toolbar.
1. Open notepad and copy/paste the text present inside the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

Code:

Start
HKLM-x32\...\Run: [DATAMNGR] => C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe [1693800 2012-03-04] (MusicLab, LLC)
C:\Program Files (x86)\BearShare Applications\MediaBar
HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
C:\Program Files (x86)\Ask.com
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-4192403223-262647996-3079662322-1000\...\Run: [Xjdzilqlbnw] => regsvr32.exe /s "C:\Users\Jane\AppData\Local\{692D8DB2-29A3-41AE-92B9-083ADAB4A61B}\Xjdzilqlbnw.dll" <===== ATTENTION
C:\Users\Jane\AppData\Local\{692D8DB2-29A3-41AE-92B9-083ADAB4A61B}
AppInit_DLLs: C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll => C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr\x64\datamngr.dll [1778608 2012-03-04] (MusicLab, LLC)
C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64
AppInit_DLLs: C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll => C:\Program Files (x86)\BearShare Applications\MediaBar\Datamngr... Read more

4 more replies
Relevance 76.56%

fake google chrome processes run in the background causing memory log jam. Processes keep popping up if you closes them or delete them. Location of running processes are similar to the other posts similar forums. Users\*name*\AppData\LocalLow\Adobe\eairvsfboeds\Hpgvkcia
 

Answer:Fake google chrome running multiple processes (ybbkifcdeb.exe)

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable. ​Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
Right-click on icon and select Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
Press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.


Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.
Right-click on icon and select Run as Administrator to start the tool.
Follow the prompts and click Scan.
When finished, please click Clean.
Upon completion, click Report. A log (AdwCleaner[S*].txt) will open.

Please include the contents of that file in your reply.
 

3 more replies
Relevance 76.56%

Help is much appreciated, Thanks
 

Answer:Multiple rogue Google Chrome processes (rjjbiyctioq.exe) running

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

9 more replies
Relevance 76.56%

It seems that I have acquired the Google Chrome Process issue. Hopefully you will be able to help as you have with others here.
 

Answer:Another case of Google Chrome processes running without application installed

Re-run FRST.exe as you did before ...
Download fixlist.txt that you find attached at the bottom of this post and save it same place you
Press the Fix button once and wait.
FRST will process fixlist.txt
When finished, it will produce a log fixlog.txt and will keep that log in the same folder where FRST.exe is.
> Attach here fixlog.txt logreport.
 

3 more replies
Relevance 76.56%

My laptop has been running extremely slowly. I often get errors when trying to go to websites - IE says it can't display the page. When I view the Windows Task Manager, I see multiple processes running with the description "Google Chrome" however this program is not currently installed on my computer. I downloaded the Farbar Recovery Scan Tool and have attached the FRST file. Thanks in advance for your help!
 

Answer:Very slow computer, Google Chrome processes running when it is not installed

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

12 more replies
Relevance 76.56%

I ran malware and it is clean but included the file. The farbar files are attached. Thank you for all your help.

Joel
 

Answer:Very slow computer, Google Chrome processes running when it is not installed

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

26 more replies
Relevance 76.27%

I have multiple processed named Mgoqzmdjmx.exe *32 with a descriptions as Google Chrome. I'm pretty certain this is a virus of some sort. Attaching a screenshot of the task manager. Any help will be extremely appreciated.
 

Answer:Random Google Chrome Processes (even after uninstalling chrome)

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

5 more replies
Relevance 75.98%

Hello -
A customer of mine brought their personal laptop to me to look into why large amounts of data are being used up on their Verizon Hotspot.  This is a Windows 7 Home Premium laptop.  I ran multiple virus scans including ComboFix and Malwarebytes that returned zero results.  I then noticed in Task Manager that there were multiple processes running that belonged to Google Chrome.  I then verified that Chrome is not even installed.  I found the running .exe file in the \userprofile\appdata\locallow\Google directory.  Rebooted into 'Safe Mode' and then removed the folder and then scanned the registry for the same .exe name and removed them as well.  I then restarted the pc and the files reappeared, this time in the Adobe directory rather than Google.  I repeated the steps above with the same results.  Would you please help me with removing this virus?  Thank you.

Answer:Fake Google Chrome Running Multiple Processes in Task Manager

Hello! Welcome to BleepingComputer Forums!
My name is Georgi and and I will be helping you with your computer problems.
Before we begin, please note the following:
I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
The logs can take some time to research, so please be patient with me.
Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
Instructions that I give are for your system only!
Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.
 
 
Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy a... Read more

10 more replies
Relevance 75.4%

Hi,
 
I have a problem with the chrome application on my desktop, as soon as I open chrome 10+ processes open up in the task manager.
 
I am convinced this is some type of malware, i have scanned it with malware-bytes and i still continue to have these issues.
 
Is there anything else I can do? 

Answer:Chrome.exe 32* over 10 processes running upon starting up chrome!

Hello! Welcome to BleepingComputer Forums!
My name is Georgi and and I will be helping you with your computer problems.
Before we begin, please note the following:
I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
The logs can take some time to research, so please be patient with me.
Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
Instructions that I give are for your system only!
Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.
 
Since a few days have passed since this post please download the latest version of Farbar Recovery Scan Tool and save it to your desktop. Don't kill any malicious processes at your own.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Make sure that... Read more

3 more replies
Relevance 105.78%

The processes are named Adjyodaeamxj.exe *32, There are at least five of these processes running at any given time, though sometimes many more will run. They are using up large chunks of memory and taxing my computer.
 

Answer:Processes from Google Chrome, do not have chrome installed.

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

1 more replies
Relevance 102.09%

I have many "Google Chrome" processes running (jthzgxbastyz.exe *32), but I don’t have Chrome installed on this computer. I have tried to run Malwarebytes and Malwarebytes anti-root, MacAfee root kit, and several others. Anything I try to open, never actually opens. I ran DDS, but it doesn’t look like its accessing the file system. I am an administrator on this computer, but when I attempt to download anything now from Internet Explorer, I get a Security Alert " Your current security settings do not allow this file to be downloaded." I reset IE and it allows me to download the programs, but I still can’t run them. Hope this helps! Seems like I have a full blown infestation. L
 
Windows 7 Home Premium
 

 attach.txt   933bytes
  1 downloads
DDS LOG
 

 FRST.txt   22.46KB
  1 downloads
FRST LOG
 

Answer:Multiple Google Chrome Executables Running, but Chrome Not Installed

Hey, Please post the FRST Log into the thread rather attaching them. ;)

36 more replies
Relevance 100.86%

Computer crashes on startup fairly often - I've always thought it was due to running 4 monitors but it is getting more regular. Checked Task Manager this morning and found 11 instances of Google Chrome running before I even opened the browser.
After googling and reading several threads it appears there is some sort of mutating virus on my system. It does not appear that there is a standard anti-virus fix (yet) and I'm fairly basic in my computer tech skills. I got directed to this site from a few others hence I'm here seeking some help.

I've followed the 3 steps and uploaded the 2 files as directed

Any help would be much appreciated

PS I run avast (free) as real time protection and I ran Malwarebytes this morning that picked up nothing.
 

Answer:Multiple chrome.exe.32 on StartUp without Google Chrome running

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

7 more replies
Relevance 100.04%

An install of Google Crhome browser is apparantly recording cookies while the Google Chrome browser itself is not being used;  the cookies seem to be of webpages and sites that other people in this location visit through another browser.  This makes me thing that the Google Chrome browser sneaks information from the user of other browsers on the computer, and this makes me wonder, what more is being done with this set of cookies lifted from the other browser?
 
This cannot be normal; is it?
 
Every day, I come to the particular computer with google chrome on it, open history, see the cookies listed, delete them, and only use the browser in Incognito mode.  No cookies recorded during any of my usage sessions.  Later, after other people who never use Chrome use the computer, go online (with Internet Explorer), makes their website visits, and then finish; when I come back to use the computer again and go online in incognito mode on Chrome, ... there again are more cookies listed, and mostly from sites that I did not visit.
 
This just seems like it should not be happening.  Tell me about it?
 
 
IE 11, Firefox 33, Google Chrome 38
Norton 360;
Windows 7.

Answer:Google Chrome records cookies without running Google Chrome

What content settings is ticked for Cookies? I frequently use Chrome Browser so I must need to observe the behavior you were referring to as cookie populated on All cookies and site data if this is what you were referring to(?).

15 more replies
Relevance 93.48%

This is a personal computer I use for school and play. My important information is already backed up to an external.
 
Last night my computer started to run extremely slow and I had an unexpected and very bad drop in frame rates. When I looked into my task manager I noticed several “Google Chrome” processes running. I stopped them then uninstalled Chrome. I restarted and looked back into the task manager and the processes were still there.
 
At this point I ran Microsoft Security Essentials with a quick scan and it did not find any threats. I set it to run a full scan at midnight and this morning the report still had nothing in it.
 
After finding this forum and beginning the preparation portion to posting a new topic I can no longer change any setting on my Windows Firewall I only receive an error message that says:
 
Windows Firewall can’t change some of your settings Error Code 0x80070422
 
Below is the DDS text and the attach.txt is uploaded. Thank you, any help is very appreciated.
------------------------------------------------------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496  BrowserJavaVersion: 11.25.2
Run by AJ at 9:26:03 on 2015-01-05
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6028.2847 [GMT -6:00]
.
AV: Trend Micro Titanium Internet Security 2012 *Disabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92}
SP: Trend Micro Titanium Internet Security 2012 *... Read more

Answer:"Google Chrome" processes.

Well, since the average wait of 5 days is a long time, when it is nearly impossible to do any school work, I have not just been idle. While looking further into this I found this posted on YouTube buy Mr. RemoveVirus.
 
https://www.youtube.com/watch?v=HF3DcptRwuU
 
I know this is not the most reliable method to accomplish my desire for a functioning PC but I can't afford to just go buy a new one and I also can't have this one offline for so long.
 
So the progress report so far is 2 hours after "fix" and several restarts still no rogue "Google Chrome" processes and my computer CPU is not about to explode.
 
If anyone still reviews the above logs and sees anything that is a problem I will keep checking back here till the topic is closed. Hope this helps and thank you for any help in advance.

23 more replies
Relevance 93.07%

I have single tab open in Chrome, but in Task Manager, I have 12 separate processes going at once. What's the deal with that? It doesn't seem to be making too much of an impact CPU wise, but it's just simply odd. Is there anything I can/need to do about that?

More replies
Relevance 93.07%

I am running a Windows 7 machine primarily using Google Chrome. I regularly use antivirus software and a firewall and run a weekly scan. However my system runs very slowly and I have been trying to find the source of what I assume is a virus or malware.  I have tried different online scans and new antivirus programs and nothing seems to work.  I was investigating all the processes that are running and noticed multiple instances of chrome.exe *32.  I had noticed them in the past but assumed they were related to Google Chrome.  When I searched that process, I found multiple postings on your site dealing with the same problem.  It seems you have a particular order to work through the issue so I am reaching out to see if you can help me.  You seem to have been very successful in the past with other folks.  Your reply and help is greatly appreciated. 

Answer:multiple chrome.exe *32 processes running

Chrome.exe (Chrome.exe *32) is a legitimate process related to the Google Chrome web browser. Multiple copies of chrome.exe, referred to as process-per-tab, listed in Task Manager is intentional by design as a crash control. Chrome creates three types of processes (browser, renderers, and plug-ins). Each Chrome tab is treated as it's own individual process for the life of tab meaning it is treated as a separate process so that multiple tabs can run with less problems. This feature increases responsiveness, and prevents the browser from locking up if a particular web app or plug-in stops responding. In the event of a browser crash or hang in one tab, it prevents the entire browser from closing down. Chrome has its own built-in Task Manager which is accessed by right-clicking on the browser's title bar. You can see what which process does by going to Menu > Tools > Task Manager. The Chrome Task Manager lets you track resource usage for each individual tab and lets you kill any tabs that have stopped responding without having to restart the entire browser.For more specific information, please refer to:Chrome's Process Model ExplainedMulti-process ArchitectureUnderstanding Chrome & ProcessesWhy Does Chrome Have So Many Open Processes?There are numerous comments about this at the Chrome Help forum. See Multiple chrome.exe in Task Manager.Tools & Tips to Optimize & Troubleshoot Memory/CPU Usage in Firefox and Chrome:Tools to optimize the Memory Usage of Firefox an... Read more

16 more replies
Relevance 92.25%

i saw that other users had this issue solved but that the fix files were created for their particular machines. i'm hoping to get the same kind of assistance.
 

Answer:more fake google chrome processes

Hi,

1. Open notepad and copy/paste the text present inside the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Code:

C:\Users\morgan\AppData\LocalLow\{E7AE305C-39A3-4FFB-8910-E33B62A071E7}\Jcacvhbrtnb\tctmnaabyyis
HKU\S-1-5-21-4241491024-506926899-3993154103-1000\...\Run: [Cmhysiwv] => regsvr32.exe /s "C:\Users\morgan\AppData\Local\{56AD1659-E116-40E9-B946-5D157B41769E}\Cmhysiwv.dll" <===== ATTENTION
C:\Users\morgan\AppData\Local\{56AD1659-E116-40E9-B946-5D157B41769E}
SearchScopes: HKCU - Comcast URL = http://search.xfinity.com/?cat=subweb&con=mmchrome&q={searchTerms}&cid=xfstart_tech_search
BHO-x32: No Name -> {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
CHR HomePage: Default -> hxxp://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&type=W3i_SP,203,0_0,StartPage,20131147,20033,0,25,0
CHR StartupUrls: Default -> "hxxp://us.yhs4.search.yahoo.com/web/partner?&hspart=w3i&hsimp=yhs-syctransfer&
EmptyTemp:

2. Save notepad as fixlist.txt to your Desktop.
NOTE: => It's important that both files, FRST and fixlist.txt are in the same location or the fix will not w... Read more

5 more replies
Relevance 92.25%

I just ran my FRST scan while in safe mode. I don't know if that will affect the outcome of the log or going forward. I've had had this problem for a few days and haven't been able to stop and just post about it. Thank you very much in advance for assistance.
 

Answer:Fake Google chrome processes

Here is my addition file as well.
 

6 more replies
Relevance 92.25%

Initial symptoms started this morning. Have tried various methods to remove, but to no avail. I have attached the FRST logs as requested. Thank you in advance for your help.
 

Answer:Multiple Google Chrome processes

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

5 more replies
Relevance 92.25%

I need help with a fake google chrome problem. Many processes are running and slowing my computer way down. I've taken multiple steps to attempt to fix this but my problem is still here. please help me
 

Answer:Need help on fake google chrome processes

Here are zoek results, I realized they may be helpful. Like I said above, the problem is still afflicting my computer after this.
 

11 more replies
Relevance 92.25%

No idea where to begin with this. Please help!
 

Answer:Fake Google Chrome Processes

Helllo,

Before we begin, please note the following:

I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
The logs can take some time to research, so please be patient with me.
Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
Instructions that I give are for your system only!
Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.
===================================


Download Malwarebytes Anti-Rootkit to your desktop.

Double-click the icon to start the tool.
It will ask you where to extract it, then it will start.
Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
Click in the introduction screen "next" to continue.
Click in the following screen "Update" to obtain the latest malware definitions.
Once the update is complete select "Next" and click "Scan".
When the scan is finished and no malware has been found select "Exit".
If malware wa... Read more

7 more replies
Relevance 92.25%

Hello,
 I see a couple other people have posted this same problem in the last few days so hopefully someone can help.
 I have got 5-20 processes running under image name Bcexfymkqard.exe*32. Description Google Chrome. I have never installed Chrome. It is sucking maximum bandwidth from my modem. Malwarebytes did not clean it.  Please help. Here are my FRST and Addition logs:
 
FRST:
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-10-2014 01
Ran by John (administrator) on JOHN-PC on 21-10-2014 08:33:05
Running from C:\Users\John\Downloads
Loaded Profile: John (Available profiles: John)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(Locktime So... Read more

Answer:Need Help... Fake Google Chrome processes

Bumpety Bump.  Can anyone help me with this?

22 more replies
Relevance 92.25%

I would really appreciate any help with this, thanks.
 

More replies
Relevance 92.25%

Noticed other people having the same issue. Hopefully this can get fixed.
 

Answer:Fake Google Chrome processes

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable. ​Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
Right-click on icon and select Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
Press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.
 

1 more replies
Relevance 92.25%

Hello,
 
I've seen others with the same problem, but I am getting a process in Windows Task Manager that won't go away even if I go into Safe Mode and delete the file.  It is located in User\AppData\LocalLow.  I have attached the image of Windows Task Manager and the 2 FRST files.
 
Thank you for any help!
 

Answer:Fake Google Chrome Processes

Hello! Welcome to BleepingComputer Forums!
My name is Georgi and and I will be helping you with your computer problems.
Before we begin, please note the following:
I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
The logs can take some time to research, so please be patient with me.
Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
Instructions that I give are for your system only!
Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.
 
I will reply back later today with a fix.
 
 
Regards,
Georgi

8 more replies
Relevance 92.25%

Hi, this is the 3rd time I am making a thread about the fake Google Chrome processes. When I made the first two threads, TwinHeadedEagle helped me to remove the virus so it wouldn't recreate itself on startup, but it always eventually came back. I have come to discover that the virus comes back when I launch Internet Explorer. I rarely use that browser, and noticed then when the last time I opened it up the malware immediately re-created itself and started opening itself. Of course I could be wrong about IE being the cause, but this is what it seems to be.

Anyway, I need help removing it again.

Attached are fresh FRST and Addition .txts.
 

Answer:Google Chrome processes malware

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

1 more replies
Relevance 92.25%

When I open my task manager, there is 13 chrome.exe running at the same time and I don't know why. Chrome is running even though I don't even have Google Chrome on this computer. I use Firefox. There is a lot of chrome.exe running when nothing is on either. My laptop is slowing because of this. I really need help to fix this.

Answer:A Lot of Google Chrome Processes on at a Time

Looks like the Chrome.exe virus. Do a full AV scan

13 more replies
Relevance 92.25%

As described, multiple fake Chrome processes. As opposed to just the fix, I'd also like any details you can give me about this issue and what causes it.
 

Answer:Fake Google Chrome Processes

Helllo,

My name is Argus and and I will be helping you with your computer problems.

Before we begin, please note the following:

I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
The logs can take some time to research, so please be patient with me.
Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
Instructions that I give are for your system only!
Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable. ​Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
Right-click on icon and select Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
Press the Fix button just once and w... Read more

9 more replies
Relevance 92.25%

Need help removing fake Google Chrome processes. Google Chrome is not even installed on this PC. Please provide some help.
 

Answer:Google Chrome Processes killing CPU

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

3 more replies
Relevance 92.25%

Hello. Recently my PC has become infected with the "Google Chrome" virus where a fake .exe posing as Chrome creates itself, runs itself, and opens many processes which hogs CPU and RAM. Deleting the .exe is no good because this virus recreates itself in a new random folder upon next PC startup and does its same thing again. I have already run Farbar Recovery Tool, so attached are my FRST and Addition txts.
 

Answer:Fake Google Chrome processes

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

5 more replies
Relevance 92.25%

The description pretty much says it all, I ran FRST and those files are attached.
 

Answer:Fake Google Chrome Processes

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

7 more replies
Relevance 92.25%

Windows 7 PC just started running very slowly.  Noticed numerous (sometimes up to 25) processes named "mmxctdbwkm.exe" running, spawning, re-spawning constantly.  Norton 360 popups indicating "Google Chrome using excessive memory resources" - task manager shows processes having descriptions "Google Chrome" which obviously they are not as Google Chrome is not installed on this PC!  Files are under C:\users\John\appdata\LocalLow\.... I would like to follow the procedure in the link below as it describes my problem fairly accurately.  However, the process appears to require 2-way collaboration and information sharing so wanted to check first before diving in.  Thank you in advance for your help.
 
http://www.bleepingcomputer.com/forums/t/551186/fake-google-chrome-running-multiple-processes-in-task-manager/
 

Answer:Fake Google Chrome processes

Start with the scanning for Poweliks. If it is found and removed there will be more cleanup of other malware to do.
 
Please download Powelikscleaner (by ESET) and save it to your Desktop. (let me know if poweliks was found and removed as shown in the last image)
1.  Double-click on ESETPoweliksCleaner.exe to start the tool.
2.  Read the terms of the End-user license agreement and click Agree.
3.  The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.
 

 
4.  If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.
 

16 more replies
Relevance 92.25%

A couple months ago I was here and tried to resolve this issue with dozens of google chrome processes showing up and slowing down my computer. It was suggested I post in a new area so more powerful tools could be used. I didn't have time to keep trying to resolve the problem because I needed to finish off other things but now I have time again since I still have the problem. It only goes away after I run JRT but once I restart the computer, the google chrome processes start up again. From what I could find out, the file is an iobit file probably from a program I use to have but have since deleted. Would appreciate any help in figuring out this problem, thank you.
 

 dds.txt   22.77KB
  1 downloads
 attach.txt   9.76KB
  0 downloads

Answer:suspicious google chrome processes

Hey my friend, Please download FRST (by Farbar) from the link below and save it to your Desktop.Download Mirror #1If you are unsure whether you have 32-Bit or 64-Bit Windows, see hereDisable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)When the disclaimer appears, click Yes.Click Scan to start FRST.When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

2 more replies
Relevance 92.25%

This problem is eating up my CPU and I am unable to do the things I want to do. Plus I dont even have Google Chrome installed on my computer...
 

Answer:Multiple Google Chrome Processes

Hello,

http://malwaretips.com/threads/preparation-guide-before-requesting-malware-removal-help.20334/
 

1 more replies
Relevance 92.25%

Twin-Headed Eagle. I have a chrome.exe file in windows task manager that I cannot 'end process' because I think caused by ransomware blocker. This is on another desktop and Chrome browser is locked shut. I have tried to follow your instructions above and cannot get past Farber recovery scan tool installation which will download but not install - just does nothing even if I try to run as admin. Can you please help.
 

Answer:Can't kill Google Chrome processes

I got Farber to run from the networked second desktop - it seems malware/ransomeware has prevented it from running on the affected desktop. Attached are the files.
 

2 more replies
Relevance 92.25%

Hi - I'm new here, and found that I'm having the same problem as the user who posted this:
 
http://www.bleepingcomputer.com/forums/t/553030/fake-google-chrome-jhtrmnotfjhvexe-processes/
 
I've read through the above mentioned post above along with many others. I also followed a post on Reddit about this - below:
http://www.reddit.com/r/sysadmin/comments/2kl04m/fake_google_chrome_browser_process_max_out_cpu/
 
This process was continually running and spawning new processes.
C:\Users\Mike\AppData\LocalLow\Roblox\Lxjonxrom\lqsxdhhzll.exe
 
I also noticed information was being cleared and rewritten to this folder continuously:
C:\Users\Mike\AppData\LocalLow\Google\Dcdeecveb
 
I followed the suggestion about using Taskkill in the Reddit post and killed the process then immediately deleted the two folders mentioned above. I actually have all the contents of these folders still in my recycle bin (if needed).
 
Since killing the processes and removing the folders the offending processes have not restarted, however I am concerned there may be more lurking. Can you please assist with this?
 
Also, any idea how this virus/malware is being spread?  I noticed the create time on the folders was on 11/3/14 and 6:28pm.
 
Thank you in advance for all the great work you do!  This appears to be a great community!
 
Logs from DDS are attached.
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17344... Read more

Answer:Fake Google Chrome Processes

Hi & to Bleeping Computer Forums!My name is Jürgen and I will be assisting you with your Malware related problems.Before we move on, please read the following points carefully: My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.If I don't reply within 24 hours please PM me!Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.Step 1Please run a FRST scan. This will help us diagnose your problem.Please download Farbar Recovery Scan Tool and save it to your Desktop.(If you are not sure which version (32-/64-bit) applies to your system, d... Read more

10 more replies
Relevance 92.25%

Can't rid this computer of Google Chrome processes. Please Help. Regards,
 

Answer:Help on getting rid of Yusmsqa.exe *32 Google Chrome Processes

1. Open notepad and copy/paste the text present inside the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

Code:

C:\Users\Michael\AppData\LocalLow\ge3916\Rekootmimrma\Njeoyqcnkfo
HKU\S-1-5-21-1158752609-1568451080-3026114070-1000\...\Run: [xbxldamb] => regsvr32.exe /s "C:\Users\Michael\AppData\Local\Adobe\xbxldamb.dll" <===== ATTENTION
C:\Users\Michael\AppData\Local\Adobe\xbxldamb.dll
HKU\S-1-5-21-1158752609-1568451080-3026114070-1000\...\MountPoints2: {150b4f78-205b-11e1-90ce-180373cf6b89} - E:\LaunchU3.exe -a
HKU\S-1-5-21-1158752609-1568451080-3026114070-1000\...\MountPoints2: {dee0e048-c622-11e2-a605-180373cf6b89} - I:\vs_professional.exe
HKU\S-1-5-21-1158752609-1568451080-3026114070-1000\...\MountPoints2: {e7568d7c-3c34-11e1-ae63-180373cf6b89} - E:\LaunchU3.exe -a
SearchScopes: HKLM-x32 - {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm003^S06473^us&si=COe98e7Vl7kCFazm7AodOXsAUw&ptb=1512B2A9-6982-4B94-A8BD-1BBDDC5BF9AE&ind=2013082423&n=77fd3337&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {1173C974-5F69-41D9-A250-859A1E710F26} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&l... Read more

6 more replies
Relevance 92.25%

My computer started running really slow when I logged on today and websites were taking forever to load.  I noticed that there is a process called Neweozpowt.ext*32 running 10 or more times in the task manager and I can't kill them as they respawn.  Please help

Answer:Fake Google Chrome processes

Please disregard found the issue with help from Farbar recovery tool.

2 more replies
Relevance 92.25%

Apparently our family PC has been infected with the Many Google Chrome Processes bug - anywhere from 3 to 20 instances. After reading through a few forums it appears the solution may vary from case to case. The file location of the GoogleChrome process lead me to the hidden EmieBrowserModeList folder.

After running MBAM the GoodleChrome process are gone for now, but I'm not confident that all is well, so here are the log files. THANKS in advance!

MBAM.TXT

Malwarebytes Anti-Malware
www.malwarebytes.org

Update, 12/29/2014 11:01:13 PM, SYSTEM, ROTHPC_II, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1,
Update, 12/29/2014 11:01:13 PM, SYSTEM, ROTHPC_II, Manual, Rootkit Database, 2014.11.18.1, 2014.12.29.2,
Update, 12/29/2014 11:01:37 PM, SYSTEM, ROTHPC_II, Manual, Malware Database, 2014.11.20.6, 2014.12.30.2,
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan, 12/30/2014 12:27:10 AM, SYSTEM, ROTHPC_II, Manual, Start:12/29/2014 11:01:54 PM, Duration:1 hr 20 min 45 sec, Threat Scan, Completed, 7 Malware Detections, 21 Non-Malware Detections,
(end)

DDS "ATTACH.TXT"
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/11/2012 5:29:11 PM
System Uptime: 12/30/2014 12:28:10 AM (0 hours ago)
.
Motherboard: MSI | | 2AE0
Processor: AMD A10-5700 APU with Radeon(tm) HD Graphics | P0 | 3400/100... Read more

Answer:Google Chrome Processes (lots of 'em)

Welcome aboard

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==============================

MBAM log is incorrect.
Please re-read instructions how to obtain proper log.
 

20 more replies
Relevance 92.25%

I just migrated Windows 7 from one SSD to another SSD today. I did not do any type of install - just cloned the drives and set up the new drive to be the boot master. I ran the ZOEK before I knew what I was supposed to do with requesting help from this forum, so I uploaded that log, too.
 

Answer:Fake Google Chrome Processes

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

5 more replies
Relevance 92.25%

Hi,

I saw some other posts on this forum which seemed to have a similar problem with the fake google chrome processes. I've run FRST and attached the logs. Any help would be appreciated!

The folder the .exe is running from is C:\Users\Allan\AppData\LocalLow\Adobe\Yrchindou\lqkucjscrcwe
 

Answer:Fake chrome processes running as sjidauor.exe

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

6 more replies
Relevance 92.25%

When I am using Chrome, Task Manager shows that I have multiple Chrome processes running. Currently I have 11 Chrome processes running. Earlier I had 17 Chrome processes running.

Is this normal? If not, how do I correct the problem?

Thanks
Matt

Answer:[SOLVED] Multiple Chrome processes running

This is normal. Chrome does this to help make it more stable. By having every window, tab, plug-in, web app, and renderer in its own process, this allows the browser to continue to function if any one of those components crashes or becomes unresponsive.

2 more replies
Relevance 92.25%

Hi there,

I believe I have two problems, which may be separate or related, and I've had a look around the web to find some answers and have come to the conclusion that I probably need help from you guys! As the title suggests, I seem to have multiple versions of both iexplorer and chrome running at the same time, even when I am not running them at all. The processes are using large proportions of my system resources (around 10% cpu and roughly 66% of physical memory), thus making the pc slow. This is a real pain.
Also annoying is the intermittent re-direction of my browsers as they load a new web page, to move me onto some ads for lots of rubbish that I don't want.
These problems have been ongoing for a couple of weeks or so, but haven't been too much for me to cope with until the last couple of days when I have been busy on the pc.
I have done nothing to my machine to try to rectify the problem, except for searching the web to find out info on the problems.
Any help would be greatly appreciated.

 

Answer:multiple iexplorer and chrome processes running

User receiving assistance at different forum.
 

1 more replies
Relevance 92.25%

Hi, my laptop is running really slowly and has got a lot worse recently. At times it isn't too bad but it doesn't take much for it to become overwhelmed - today it ground to a halt completely. I would be incredibly grateful if you can help in any way. Thank you.
 

Answer:Slow laptop, many chrome.exe*32 processes running

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

16 more replies
Relevance 91.43%

(1) istart.webssearches.com was installed on all 3 of my browsers after downloading "File downloader". It hijacked the default search engine and home page. I successfully redefined them, but since the hijack Chrome closes itself immediately after being run and, if it does stay open, does not remember the previously open tabs.
 
(2) Before installing the suspect program I had created a system restore point and also saved my registry files using ERUNT, but restoring them did not fix the problem. Malwarebytes found and removed Win tasks for "MySearchDial" and a registry key with a suspect Chrome extension - but this didn't help either.
 
(3) The problems disappear if I manually kill the numerous chrome processes found in Task Manager. But the processes and the problems with Chrome are back after the next bootup.
 
==================== DDS.TXT ========================
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.67.2
Run by Abba at 10:25:34 on 2014-10-03
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.8182.4845 [GMT 3:00]
.
AV: Panda Free Antivirus *Enabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
SP: Panda Free Antivirus *Enabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
.
============== Running Processes =========... Read more

Answer:When Chrome is run, fake chrome processes make it disappear

Hello buznog,

Welcome to Bleeping Computer.
My name is fireman4it and I will be helping you with your Malware problem.

Please take note of some guidelines for this fix:
Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.

 1.Please download AdwCleaner by Xplode and save to your Desktop.
Double click on AdwCleaner.exe to run the tool .Click on the Scan button.AdwCleaner will begin to scan your computer.After the scan has finished...Click on the Clean button.Press OK when asked to close all programs and follow the onscreen prompts.Press OK again to allow AdwCleaner to restart the computer and complete the removal process.After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).Copy and paste the contents of that logfile in your next reply.A copy of that logfile will also be saved in the C:\AdwCleaner folder. 2.Download and run Junkware Removal Tool. ***Your Anti Virus may see this download as malicious, don't worry continue on. 

Please download Junkware Removal Tool to your desktop.

 shut down your protection software now to avoid potential conflicts.run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
the tool will open and start scanning your ... Read more

8 more replies
Relevance 91.43%

Hello. I have an infection where there is a .exe called "Fzpjrgr.exe" posing as Google Chrome that runs itself on startup and opens usually a dozen different processes (Chrome tabs) and keeps reopening them if I try to end the processes. I have also booted in Safe Mode, found the location of the .exe and deleted it, only to have the .exe recreate itself later in a new location and continue opening itself. My anti-virus software doesn't detect this infection. Can someone please help me in removing this?

Answer:Fake Google Chrome processes virus

bump. Still looking for help. Included in this post are my FRST.txt and Addition.txtScan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-10-2014Ran by Joe (administrator) on JOE-PC on 25-10-2014 18:44:24Running from C:\Users\Joe\DownloadsLoaded Profile: Joe (Available profiles: Joe)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 10Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe(Intel... Read more

6 more replies
Relevance 91.43%
Relevance 91.43%

Howdy,
 
New here, seem to have the same problems as many others.  Fake browser.exe processes.
 
I ran FRST as admin, here are my logs.
 
Any help is appreciated.
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-08-2014
Ran by David_2 (administrator) on BOUNTIFUL on 29-08-2014 15:08:55
Running from C:\Users\David_2\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\37.0.2062.28\remoting_host.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\37.0.2062.28\remoting_host.exe
(CrossLoop) C:\Users\David_2\AppData\L... Read more

Answer:Another Fake Google Chrome (browser.exe) processes

Hi there,please do the following:Step 1Please download this attached
 fixlist.txt   357bytes
  8 downloads and save it in the same directory as FRST.Start FRST with Administrator privileges.Press the Fix button.When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.Please copy and paste its contents in your next reply.Step 2Start FRST with administator privileges.Press the Scan button.When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.Please copy and paste this log in your next reply.

5 more replies
Relevance 91.43%

Several chrome processes are constantly trying to run in background. Keep getting pop-up warnings "Google chrome using memory" My list of programs does not show Google chrome. All of the processes are preceded with the letters vedgzjyfopt.

Answer:How do I remove google chrome processes from my computer?

Have you tried disabling the updater in services (services.msc in run command)?Disable any google/chrome entries in services. make sure you hit "apply" after you disable them.Also set the chrome browser to disable auto-update. the option should be in the settings/advanced settings options.Note, if you update chrome, you will need to disable the services again.Oh yea, one more thing. Type msconfig in the run command and disable any google entries listed (and any other items you do not wish to run at startup).message edited by Chunko

6 more replies
Relevance 91.43%

Hi - I'm new here, and found that I'm having a similar (same?) problem as the user who posted this:
 
http://www.bleepingcomputer.com/forums/t/545162/browserexe-rogue-process-taking-up-memory
 
I don't have Google chrome installed, but I see multiple processes running (named browser.exe) with Google Chrome as the description.  I also found that the process was being run from C:/Users/%USERNAME%/AppData/LocalLow/BrowserVoice/VinylGravity - so, like the other user, I ended the processes and deleted the folder, but the folder just immediately regenerated.  There was a NavigatorBeerware folder that appeared in C:/Users/%USERNAME%/AppData/LocalLow as well.
Both of those folders remanifest immediately upon deletion.  So I attempted to rename the (browser).exe in C:/Users/%USERNAME%/AppData/LocalLow/BrowserVoice/VinylGravity to browser.old as the other user did, but a new browser.exe immediately appeared.  The original folder(s) had appeared on 8/20/2014 9:36PM.
I downloaded & ran the free trial versions of spybot & malwarebytes, and no suspicious files were found/removed.  I'm periodically plagued with incessant popups that sometimes go dormant for a while.  Thank you in advance for having a look at my issue!  Attached are my logs:
 

 attach-jrm25.txt   16.9KB
  9 downloads

 dds-jrm25.txt   40.29KB
  9 downloads

Answer:Fake Google Chrome (browser.exe) processes

Greetings and to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
 
A few points to cover before we start:
Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
Make sure to read my instructions fully before attempting a step.
If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
Important information in my posts will often be in bold, make sure to take note of these.
I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know.
I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
Lets get going now
==========================
 
Hi jrm25,
I must give you this warning:
 
Looking through your logs, one or more of your infections has been identified as a Backdoor Trojan. These threats have backdoor functionality which allows hackers to remotely control your computer, steal cr... Read more

14 more replies
Relevance 91.43%

My hard disk is running like crazy and my pc won't go into sleep mode. I started task manager and found 6-7 Google Chrome processes running. They can't be stopped. They just start right back up. I don't even have Google Chrome installed. The processes all have hdeppwkv.exe *32 as an image name in task manager. They have Google Chrome as a description.

Thanks
 

Answer:Multiple Google Chrome processes can't be stopped

Helllo,

Before we begin, please note the following:

I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
The logs can take some time to research, so please be patient with me.
Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
Instructions that I give are for your system only!
Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.
==========================


Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable. ​Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
Right-click on icon and select Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
Press the Fix button just once and wait.
If for some reason the tool needs a rest... Read more

7 more replies
Relevance 91.43%

Probably starting with messages I needed to update my Java version after wandering onto an infected site, and clicking to do that update, I soon found things runnings slowly.  Reviewing the Task Manager, I found a number of Google Chrome processes running (this time as chrome.exe), without any visible corresponding browser windows, I couldn't permanently kill via the Task Manager.
 
Trying to take this in stages, I ran the AdwCleaner tool.  (Google Chrome was never my default browser on this machine, so, if reading right, that was suspicious in this log, which is attached.)  I removed an eBay link, but nothing major found here.
 
Initially, trying to deal with this as an infected executable, I moved (to hide it) the folder c:\ProgramFiles(x86)\Google\Chrome\Application, as it was the initial source when I viewed properties of all the Google Chrome processes.  At that time, the Task Manager showed them all to be chrome.exe.  (Later, properties showed as Google Chrome, but the files themselves were called browser.exe *32.)  The files re-installed, still at this time pointed to chrome.exe in the same folder, and it was basically a useless exercise.
 
Next, I installed the malwarebytes trial version.  This found a number of trojans and registry issues, triggered a restart, seems to have helped somewhat, but, with each re-start, I find about six of those files back and running again every time.  The program is still apparently... Read more

Answer:Spoof Google Chrome Processes & Other Badness

Hi there,please run the following scans to start with:Step 1Please download TDSSKiller and save it to your Desktop.Start tdsskiller.exe with administrator privileges.Accept the EULA and the KSN Statement.Click on Change parameters.Make sure that all available options (except "Loaded modules") are checked and click OK.Click on Start scan.If any threats are found don't delete them but choose the Skip option for all of them.Click on Report to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).Copy and paste its contents in your next reply.Step 2Please download Farbar Recovery Scan Tool and save it to your Desktop.Start FRST with administator privileges.Make sure the option Addition.txt is checked and press the Scan button.When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.Please copy and paste these logs in your next reply.

14 more replies
Relevance 91.43%

Hello,
 
I believe I am having a similar issue to this thread:
 
www.bleepingcomputer.com/forums/t/545472/fake-google-chrome-browserexe-processes/
 
On my customer's computer, I keep getting processes showing up in task manager that are called browser.exe *32 (identified as Google Chrome) even though Chrome is not installed on the PC.  I traced the processes to the User/AppData/LocalLow/ and the folders they are coming from are called NarratorHagg and VolunteerJawa.  I have deleted them in safe mode but they keep regenerating.
 
I ran the FRST scan and I will post my scan log below.  Any help is appreciated!
 
---------------------------------------------------------------------------------------------------------------------
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by fogal3 (administrator) on ORTHOWS3 on 26-08-2014 16:02:22
Running from C:\Users\fogal3\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/to... Read more

Answer:Fake Google Chrome processes (browser.exe *32)

Hello,please do the following:Step 1Please download this attached
 fixlist.txt   2.58KB
  37 downloads and save it in the same directory as FRST.Start FRST with Administrator privileges.Press the Fix button.When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.Please copy and paste its contents in your next reply.Step 2Start FRST with administator privileges.Make sure the option Addition.txt (under Optional Scan) is checked.Press the Scan button.When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.Please copy and paste these logs in your next reply.

7 more replies
Relevance 91.43%

Hello.  I believe I'm having a similar issue to the one resolved in the following post:
 
http://www.bleepingcomputer.com/forums/t/545472/fake-google-chrome-browserexe-processes/
 
Google Chrome is not installed on my PC, but the Task Manager continues to show 3 instances of the Google Chrome process named "jhtrmnotfjhv.exe" running.  If I end the processes, they just reappear.  I ran Malwarebytes, Spybot, and SuperAntiSpyware but no suspicious files were detected.  The file was originally saved in "c:/users/%username%/appdata/locallow/macromedia/jognafav/udrswncoq". I surmised after some online research that all of the content in subfolder "jognafav" was bogus, so I logged in as an administrator and removed the entire folder.  However, when I logged back in as myself an identical version of this folder (and all its contents) reappeared in "c/users/%username%/appdata/locallow/temp".  I'm convinced this process is affecting my PC's performance as I've noticed changes in the past few days.  Can you please help?  I downloaded the DSS tool and generated the requested logs.  These are attached for your review.
 
Thank you.  

Answer:Fake Google Chrome (jhtrmnotfjhv.exe) processes

Hi & to Bleeping Computer Forums!My name is Jürgen and I will be assisting you with your Malware related problems.Before we move on, please read the following points carefully: My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.If I don't reply within 24 hours please PM me!Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.Step 1Please run a FRST scan. This will help us diagnose your problem.Please download Farbar Recovery Scan Tool and save it to your Desktop.(If you are not sure which version (32-/64-bit) applies to your system, d... Read more

10 more replies
Relevance 91.43%

Hi There,
New to the site. I seem to have the same problem many others have discussed here. I dowloaded and ran the FRST and here are my results.
Can you please help?? An additional note, as I was typing this yet another window is playing something in the background although I can't see it.
 
FRST Notepad-
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-08-2014 01
Ran by Christine (administrator) on MURPHS on 29-08-2014 17:59:04
Running from C:\Users\Christine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FAL3Z1SU
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Stardock Corporation) C:\Pr... Read more

Answer:Fake Google Chrome (browser.exe) processes - I have it as well

Hi there,you have more than one malware running on your system.Please execute Combofix to start with:Please download Combofix (by sUBs) and save it to your Desktop.Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.Start Combofix.exe and follow its instructions.Do not use the computer while the scan is running. This may cause the program to stall.When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).Please copy and paste the contents of this file into your next post.Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.(You can find more detailed instructions in this guide on using Combofix.)

8 more replies
Relevance 91.43%

TwinHeadedEagles helped me with this problem on Oct. 27th and it seemed to fix it but sadly it has come back six days later.

I'll repost my explanation from last thread:
Hello. Recently my PC has become infected with the "Google Chrome" virus where a fake .exe posing as Chrome creates itself, runs itself, and opens many processes which hogs CPU and RAM. Deleting the .exe is no good because this virus recreates itself in a new random folder upon next PC startup and does its same thing again.
 

Answer:Fake Google Chrome processes have returned

Hi, again.

Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

Right-click on icon and select Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
Make sure that Addition option is checked.
Press Scan button and wait.
The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content into your next reply.
 

3 more replies
Relevance 91.43%

Hi - I'm new here, and found that I'm having a similar (same?) problem as the user who posted this:
 
http://www.bleepingcomputer.com/forums/t/545472/fake-google-chrome-browserexe-processes/
 
I don't have Google chrome installed, but I see multiple processes running (named browser.exe) with Google Chrome as the description.  I also found that the process was being run from C:\Users\%USERNAME%\AppData\LocalLow\EmieSiteList\Ytybvruxk\gaynsmnsbl - so, like the other user, I ended the processes and deleted the folder, but the folder just immediately regenerated. 
 
I have downloaded dds and run it to create logs if you would like me to post those. Additionally, I have downloaded Fabar Recovery Tool as instructed in the other thread but have not run it yet.
 
Thank you for any help you can provide.

Answer:Fake Google Chrome (browser.exe) processes also

Hi & to Bleeping Computer Forums!My name is Jürgen and I will be assisting you with your Malware related problems.Before we move on, please read the following points carefully: My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.Perform everything in the correct order. Sometimes one step requires the previous one.If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.If I don't reply within 24 hours please PM me!Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.Step 1Please run a FRST scan. This will help us diagnose your problem.Please download Farbar Recovery Scan Tool and save it to your Desktop.(If you are not sure which version (32-/64-bit) applies to your system, d... Read more

14 more replies
Relevance 91.43%

Was reading threads from many other people with the same issue. Seems all the fixes were specific to their machines & there is no generic fix. Would love some help with this. Thank You!
 

Answer:Another case of fake Google Chrome processes

oops.. apparently I attached 2 copies of each report.. disregard the extra copies. sorry and here's the Addition.txt from FRST
 

4 more replies
Relevance 91.43%

Noticed a game acting odd yesterday then on start-up this morning I found all the silly processes. tried stopping them but obviously had no progress.
googled the processes and found you guys and the ability to help others with this issue.

Thank you in advance for any help you can give!
 

Answer:Multiple Google Chrome Processes Gqjmgrtv.exe *32

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

5 more replies
Relevance 91.43%

Apparently this is going around, but I just got hit with a bunch of fake google chrome processes, and I have never downloaded, installed or used chrome. Log files attached.

Thanks in advance for the help!
 

Answer:Multiple fake google chrome processes

I also ran a scan with malwarebytes anti-rootkit. Those logs are attached. It found an instance of the poweliks Trojan, which hit me last week and I thought was gone, but maybe this is all related? After the malwarebytes scan, the bogus processes are gone right now, but I'm skeptical that all is well now. One thing I do know is maybe it's time to ditch Norton 360...
 

5 more replies
Relevance 91.43%

Ran Malware which did not find anything, Spybot found a few things but did not remove the Google Chrome stuff.

Tried to run FRST but it says it's not compatible with my system. What do you recommend?
 

Answer:Fake Google Chrome processes hogging CPU

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

8 more replies
Relevance 91.43%

Hello. I believe I'm having a similar issue to the one resolved in the following post:
 
http://www.bleepingcomputer.com/forums/t/545472/fake-google-chrome-browserexe-processes/
 
Google Chrome is not installed on my PC, but the Task Manager continues to show 3 instances of the Google Chrome process named "jhtrmnotfjhv.exe" running. If I end the processes, they just reappear. I ran Malwarebytes, Spybot, and SuperAntiSpyware but no suspicious files were detected. The file is saved in "c:/users/%username%/appdata/locallow/temp/jognafav/udrswncoq".  I'm convinced this process is affecting my PC's performance as I've noticed changes in the past few days. Can you please help? I downloaded the DSS tool and generated the requested logs. These are attached for your review.
 
Thank you.

Answer:Fake Google Chrome (jhtrmnotfjhv.exe) processes

Hello pantojaf,

Welcome to Bleeping Computer.
My name is fireman4it and I will be helping you with your Malware problem.

Please take note of some guidelines for this fix:
Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
   If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
   Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

   Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  I will be analyzing your log. I will get back to you with instructions.  1.Please download AdwCleaner by Xplode and save to your Desktop.Double click on AdwCleaner.exe to run the tool .Click on the Scan button.AdwCleaner will begin to scan your computer.After the scan has finished...Click on the Clean button.Press OK when asked... Read more

4 more replies
Relevance 91.43%

My computer has been bogged down by multiple fake google chrome processes that keep popping up.  I downloaded and ran the FRST, below are the FRST and Addition logs.  Any help will be greatly appreciated.
 FRST.txt   44.01KB
  0 downloads
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2014 01
Ran by Kentaro Abe (administrator) on GALLY on 11-12-2014 02:48:49
Running from C:\Users\Kentaro Abe\Desktop
Loaded Profile: Kentaro Abe (Available profiles: Kentaro Abe)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Lavasoft Limited) C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualizat... Read more

Answer:Infected with multiple google chrome processes

Hello and welcome.  Please follow these guidelines while we work on your PC:Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I’ve given you the “All clear.”  Absence of symptoms does not mean your machine is clean!Please do not run any scans or install/uninstall any applications without being directed to do so.Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed.   Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it in the same location as FRST (usually your desktop) as fixlist.txtHKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1451700218-2503860457-661068883-1000\...\Run: [xwmypuchpc] => regsvr32.exe /s "C:\Users\Kentaro Abe\AppData\Local\Macromedia\xwmypuchpc.dll" <===== ATTENTION
C:\Users\Kentaro Abe\AppData\Local\Macromedia\xwmypuchpc.dll
2014-11-11 20:20 - 2014-11-11 20:20 - 00000000 __SHD () C:\Users\Kentaro Abe\AppData\Local\EmieBrowserModeList
EmptyTemp:NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemNow run FRST again.When the tool opens click Yes to disclaimer.Press the Fix button just once and wait.The tool will make a log (Fixlog.txt) please post it to y... Read more

12 more replies
Relevance 91.43%

Hello,
I have several fake google chrome processes that keep appearing under task manager.  If I end the processes, more just appear.
All have the name:  ybvwcdhrvmk.exe *32
The location of this process is AppData>LocalLow>Apple Computer>cizveoortqui>fqevmdgnxsk
Please help!  Thanks in advance!
Sunil

Answer:Fake google chrome processes keep appearing

Step 1: Malwarebytes Scan. Please download Malwarebytes Anti-Malware (MBAM) to your desktop.NOTE. If you already have MBAM 2.0 installed scroll down. Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.At the end, be sure a checkmark is placed next to the following:
Launch Malwarebytes Anti-MalwareA 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.On the Dashboard, click the 'Update Now >>' linkAfter the update completes, click the 'Scan Now >>' button.Or, on the Dashboard, click the Scan Now >> button.If an update is available, click the Update Now button.A Threat Scan will begin.When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.In most cases, a restart will be required.Wait for the prompt to restart the computer to appear, then click on Yes. After the restart once you are back at your desktop, open MBAM once more.Click on the History tab > Application Logs.Double click on the Scan Log which shows the Date and time of the scan just performed.Click 'Export'.Click 'Text file (*.txt)'In the Save File dialog box which appears, click on Desktop.In the File name: box type a name for your scan log.A message box named 'File Saved' should appear stating "Your file has been successfully exported".Click OkCopy Paste that... Read more

6 more replies
Relevance 91.43%

I have multiple processes on Google Chrome running in the background and almost every time I open a new tab I get re-directed to ads / virus. I've ran a lot of different program and they all come up empty so I hope you can help.
 
I've attached logs from FRST:
 

 Addition_22-05-2016_11-21-16.txt   38.41KB
  1 downloads
 

 FRST_22-05-2016_11-21-16.txt   59.83KB
  2 downloads

Answer:Multiple Google Chrome (32 bit) Processes + Pop Ups in Browser

Duplicate post.This topic will be closed.

1 more replies
Relevance 91.43%

My hard disk is running like crazy and my pc won't go into sleep mode. I started task manager and found 6-7 Google Chrome processes running. They can't be stopped. They just start right back up. I don't even have Google Chrome installed. The processes all have hdeppwkv.exe *32 as an image name in task manager. They have Google Chrome as a description.
 

Answer:Multiple Google Chrome processes can't be stopped

Helllo,

My name is Argus and and I will be helping you with your computer problems.

Before we begin, please note the following:

I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
The logs can take some time to research, so please be patient with me.
Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
Instructions that I give are for your system only!
Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable. ​Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
Right-click on icon and select Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
Press the Fix button just once and w... Read more

3 more replies
Relevance 91.43%

Thank you in advance for any help you can provide.

It's really nice to know that for every bad guy creating these viruses, there's a good guy out there to help people in need. Thank you for the work you do, and thank you for reading my post.

I hope the information above is sufficient.

EDIT: P2P program utorrent has been disabled
 

Answer:Multiple Fake Google Chrome Processes

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

5 more replies
Relevance 91.43%

Almost every time I open up a new tab or try to go to a new URL in Google Chrome I get a pop up or re-directed to an ad or virus site. I have ran so many different scanners that come up with 0 that its starting to drive me crazy that its still there.
 
Here's the FRST logs (I downloaded that fixit.txt and ran it with additions):
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:22-05-2016 01
Ran by Niklas (administrator) on DESKTOP-2GDOA4M (22-05-2016 11:20:24)
Running from C:\Users\Niklas\Downloads
Loaded Profiles: Niklas (Available Profiles: Niklas)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program ... Read more

Answer:Multiple Google Chrome (32 bit) Processes + Pop Ups in Browser

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/615148 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

0 more replies
Relevance 91.43%

I have multiple processes on Google Chrome running in the background and almost every time I open a new tab I get re-directed to ads / virus. I've ran a lot of different program and they all come up empty so I hope you can help.
 
Here are logs from FRST:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:22-05-2016 01
Ran by Niklas (administrator) on DESKTOP-2GDOA4M (22-05-2016 11:20:24)
Running from C:\Users\Niklas\Downloads
Loaded Profiles: Niklas (Available Profiles: Niklas)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Apple Inc.) C:\Pr... Read more

Answer:Multiple Google Chrome (32 bit) Processes + Pop Ups in Browser

Duplicate post.This topic will be closed.

0 more replies
Relevance 91.43%

I would appreciate if you could reply to this as soon as possible and thank you.
 

Answer:Google Chrome Malware Spamming Processes

Just a heads up but the files with the Korean text written in the .txt files are all clean and not malicious.
 

2 more replies
Relevance 91.43%

I first noticed my computer was running slow on 11/1 (it was last used on 10/30 without any noticeable issues). I looked in the Task Manager and there are 10-15 processes named "arwrlqtdyy.exe *32" (with descriptions of "Google Chrome"). I do not have Google Chrome installed on my computer. Ending these processes does nothing as they just re-appear. Malwarebytes Anti-malware and Microsoft Security Essentials both said my computer was clean. Any help you can provide would be greatly appreciated! I have attached the FRST scan log (as well as the Addition one). Thanks in advance!
 

Answer:Request Help with Fake Google Chrome Processes

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

At the top of your post, please click on the "Watch thread" button and make sure to check Watch this thread...and receive email notifications. This will send an email to you as soon as I reply to your topic, allowing me to solve your problem faster.
Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
Instructions I give to you are very simple and made for complete beginner to follow. That's why you need to read through my instructions carefully and completely before executing them.
Please do not run any tools other than the ones I ask you to, when I ask you to. Some of these tools can be very dangerous if used improperly. Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.

All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
If during the process you run across anything that is not in my instructions, please stop and ask. If any tool is running too much time (few hours), please stop and inform me.
I visit forum several times at day, making sure to respond to everyon... Read more

3 more replies