Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Multiple chrome.exe in taskmanager.


  • Please log in to reply
5 replies to this topic

#1 Redbeard1381

Redbeard1381

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 18 December 2014 - 11:18 PM

I was brought her to your site by a google search. I am having multiple issues with my pc running slow. I am not very computer saavy and need help. My PC is running multiple chrome.exe in taskmanager and I need help resolving this issue. Through browsing your site, it appears I may have a trojan. My wife uses this PC and has complained about multiple pop ups and a slow running PC.

 

Operating system is Windows 7 

 

Let me know what I need to do to help you guys help me.

 

Thanks

William

 



BC AdBot (Login to Remove)

 


#2 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 19 December 2014 - 01:53 AM

Hello there     :welcome:
 
Welcome to Bleeping Computer, I'm LighthouseParty. Let's run a couple of scans to see what could be causing this.
 
:step1: Please download MiniToolBox to your desktop

  • Double click MiniToolBox.
  • Select the following and then press go.
  • Post the log in your next reply.

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points
 
:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log.

  • On the dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

:step4: Non-malware removal steps
 
Run System File Checker - http://support.microsoft.com/KB/929833
Run Disk Check - http://support.microsoft.com/kb/2641432
Run Disk Cleanup - http://windows.microsoft.com/en-gb/windows/delete-files-using-disk-cleanup

Thanks and good luck!



#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,766 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA

Posted 19 December 2014 - 12:08 PM

...My PC is running multiple chrome.exe in taskmanager and I need help resolving this issue....


FYI: Chrome.exe (Chrome.exe *32) is a legitimate process related to the Google Chrome web browser. Multiple copies of chrome.exe, referred to as process-per-tab, listed in Task Manager is intentional by design as a crash control. Chrome creates three types of processes (browser, renderers, and plug-ins). Each Chrome tab is treated as it's own individual process for the life of tab meaning it is treated as a separate process so that multiple tabs can run with less problems. This feature increases responsiveness, and prevents the browser from locking up if a particular web app or plug-in stops responding. In the event of a browser crash or hang in one tab, it prevents the entire browser from closing down. Chrome has its own built-in Task Manager which is accessed by right-clicking on the browser's title bar. You can see what which process does by going to Menu > Tools > Task Manager. The Chrome Task Manager lets you track resource usage for each individual tab and lets you kill any tabs that have stopped responding without having to restart the entire browser.

For more specific information, please refer to:With that said it would not hurt to continue with the above instructions to investigate the pop-ups and slowness with most likely is caused by Adware.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 Redbeard1381

Redbeard1381
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:30 AM

Posted 19 December 2014 - 03:48 PM

Minitoolbox

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Goins (administrator) on 19-12-2014 at 15:44:34
Running from "C:\Users\Goins\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
 
=========================== Installed Programs ============================
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - )
EuroTalk Talk Now! (HKLM-x32\...\{F26615EF-AF0A-486C-99C9-B65C8C401EBC}) (Version: 2.2.5.1 - EuroTalk Interactive)
Fences (HKLM-x32\...\Fences) (Version:  - Stardock Corporation)
Fences (Version: 1.0 - Stardock Corporation) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Jasc Paint Shop Pro 9 (HKLM-x32\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.01.0000 - Jasc Software Inc)
Kaspersky Anti-Virus 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Anti-Virus 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Control Panel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
Pro PC Cleaner (HKLM-x32\...\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}) (Version: 2.5.5 - Pro PC Cleaner)
Refresher1.2 (HKLM-x32\...\Refresher1.2_is1) (Version: 1.2 - Refresher)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
========================= Restore Points ==================================
 
09-12-2014 21:42:19 Windows Update
10-12-2014 05:17:38 Windows Update
13-12-2014 06:29:01 Windows Update
14-12-2014 18:27:32 Windows Update
18-12-2014 04:16:19 Windows Update
 
**** End of log ****


#5 Redbeard1381

Redbeard1381
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:30 AM

Posted 19 December 2014 - 04:15 PM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 12/19/2014
Scan Time: 3:47:55 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2014.12.19.06
Rootkit Database: v2014.12.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Goins
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 355853
Time Elapsed: 10 min, 24 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 1
PUP.Optional.BBQLeads.A, HKU\S-1-5-21-4287712945-1967766992-3548325220-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BBQLeadsApplication, C:\Program Files (x86)\bbqleads\BBQLeadsApplication.exe, Quarantined, [81318bd9205c7db9377b63ee04ff54ac]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 3
PUP.Optional.BBQLeads.A, C:\ProgramData\bbqleads, Quarantined, [b9f976ee0a721a1ce8c998b94bb8a65a], 
PUP.Optional.BBQLeads.A, C:\Program Files (x86)\bbqleads, Quarantined, [81318bd9205c7db9377b63ee04ff54ac], 
PUP.Optional.BBQLeads.A, C:\Program Files (x86)\bbqleads\Optimizer Pro 3.11, Quarantined, [81318bd9205c7db9377b63ee04ff54ac], 
 
Files: 15
PUP.Optional.StormWatch.A, C:\$Recycle.Bin\S-1-5-21-4287712945-1967766992-3548325220-1000\$RLLNLQK.exe, Quarantined, [3082154fd2aa3ff7b300aaabde22a45c], 
PUP.Optional.OptimizerPro, C:\$Recycle.Bin\S-1-5-21-4287712945-1967766992-3548325220-1000\$RR57T5T.exe, Quarantined, [b8fa0f554c306bcb2eb4291ce91811ef], 
PUP.Optional.OptimizerPro, C:\$Recycle.Bin\S-1-5-21-4287712945-1967766992-3548325220-1000\$R3FVI1O.exe, Quarantined, [931f80e409730135ce13093c649de31d], 
PUP.Optional.BBQLeads.A, C:\ProgramData\bbqleads\ctr_1418274812, Quarantined, [b9f976ee0a721a1ce8c998b94bb8a65a], 
PUP.Optional.BBQLeads.A, C:\ProgramData\bbqleads\errsent.config, Quarantined, [b9f976ee0a721a1ce8c998b94bb8a65a], 
PUP.Optional.BBQLeads.A, C:\ProgramData\bbqleads\instlgsent.config, Quarantined, [b9f976ee0a721a1ce8c998b94bb8a65a], 
PUP.Optional.BBQLeads.A, C:\ProgramData\bbqleads\ServiceConfig2.json, Quarantined, [b9f976ee0a721a1ce8c998b94bb8a65a], 
PUP.Optional.BBQLeads.A, C:\Program Files (x86)\bbqleads\AppResources.dll, Quarantined, [81318bd9205c7db9377b63ee04ff54ac], 
PUP.Optional.BBQLeads.A, C:\Program Files (x86)\bbqleads\BBQLeadsApplication.exe, Quarantined, [81318bd9205c7db9377b63ee04ff54ac], 
PUP.Optional.BBQLeads.A, C:\Program Files (x86)\bbqleads\HtmlAgilityPack.dll, Quarantined, [81318bd9205c7db9377b63ee04ff54ac], 
PUP.Optional.BBQLeads.A, C:\Program Files (x86)\bbqleads\Microsoft.Win32.TaskScheduler.dll, Quarantined, [81318bd9205c7db9377b63ee04ff54ac], 
PUP.Optional.BBQLeads.A, C:\Program Files (x86)\bbqleads\Newtonsoft.Json.dll, Quarantined, [81318bd9205c7db9377b63ee04ff54ac], 
PUP.Optional.BBQLeads.A, C:\Program Files (x86)\bbqleads\RestSharp.dll, Quarantined, [81318bd9205c7db9377b63ee04ff54ac], 
PUP.Optional.BBQLeads.A, C:\Program Files (x86)\bbqleads\Optimizer Pro 3.11\OptProMon.dll, Quarantined, [81318bd9205c7db9377b63ee04ff54ac], 
PUP.Optional.BBQLeads.A, C:\Program Files (x86)\bbqleads\Optimizer Pro 3.11\OptProStart.exe, Quarantined, [81318bd9205c7db9377b63ee04ff54ac], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 

 Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Kaspersky Anti-Virus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Pro PC Cleaner   
 Google Chrome (39.0.2171.65) 
 Google Chrome (39.0.2171.71) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Kaspersky Lab Kaspersky Anti-Virus 2013 avp.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log`````````````````````` 
 
 


#6 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 19 December 2014 - 04:51 PM

Hello there,

:step1: Please uninstall some programs
 
There's currently some programs on your PC that we need to remove, for the time-being at least. Press the Windows + R key on your keyboard and type in appwiz.cpl and press enter. Navigate to each of the following below one-by-one and click uninstall:

  • Pro PC Cleaner

If any programs listed above aren't in Programs and Features, you can just skip them.

:step2: Please download rKill to your desktop

  • Double click it (Win 7, 8 and Vista users, right-click and select run as admin)
  • The tool will run and then a log file should open.
  • Please post the contents of it in your next reply.

Please don't restart your computer before running the next step.

:step3: Please download AdwCleaner to your desktop

  • Double click adwcleaner_x.xxx.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • If prompted, click I agree.
  • Click scan. When it's finished, select clean.
  • Allow AdwCleaner to restart your computer.
  • Once your computer's restarted, a log should appear.
  • Please post this in your next reply.

:step4: Please download Junkware Removal Tool to your desktop

  • Double click JRT.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • Press any key and the scan will begin.
  • At the end, a log will open. Please post this in your next reply.

:step5: Please visit the ESET Online Scanner webpage
:exclame: Internet Explorer MUST be used for this step.  :exclame:

  • Click the checkbox next to 'Yes, I accept the Terms of Use' and click start.
  • Select the checkboxes which are displayed in the picture below.

jqnp8z.png

  • Press start and the scan will now begin - this scan will take a long time.
  • When the scand finished, select list threats and then export.
  • Choose a name for the log (e.g ESET) and click save (to your desktop)
  • Press the back button and then click finish. Please include the contents of the log in your reply.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users