Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
FaGoogle Chrome Process Malware: Need Help
Message
<blockquote data-quote="Vinn1" data-source="post: 302678" data-attributes="member: 30982"><p>I got the Fake Chrome Process Malware around a week ago, but did a System Restore which seemed to have gotten rid of it until about an hour ago (11/20/2014) when it came back.. I got a popup randomly that said that something failed and then it tried to open my CMD prompt. I force closed the popup (rundll32), but it still put the Malware back onto my PC. I noticed numerous Baxigxtm.exe processes which constantly come back after I end the process, and have the obvious icon of Google Chrome.</p><p></p><p>I've read up on this Malware before, but have no idea how to truly get rid of it without having to do a full system wipe. I don't even know if that would fix the issue.</p><p></p><p>I look forward to getting a response ASAP! Thank you.</p><p></p><p>Attached is a PICTURE of the Error I get right before the Malware attaches itself.</p><p></p><p>[ATTACH=full]33050[/ATTACH]</p><p></p><p>^ I also noticed that the Process for this Error is Microsoft Register Server aka regsvr32, which apparently is used to register a DLL (most likely the corrupt DLL files associated with this Malware..) ^</p><p></p><p>PS: I also just finished using Malware Bytes AntiRoot Kit and it still found nothing.</p><p></p><p>Some code of the culprit folder from the Scan:</p><p></p><p>"\AppData\LocalLow\Portalarium\kskjxbe\Hmdfbtuugd\36.0.1985.143\libglesv2.dll</p><p>2014-11-20 15:35 - 2014-11-20 15:35 - 00126280 _____ () C:\Users\*\AppData\LocalLow\Portalarium\kskjxbe\Hmdfbtuugd\36.0.1985.143\libegl.dll</p><p>2014-11-20 15:35 - 2014-11-20 15:35 - 08537928 _____ () C:\Users\*\AppData\LocalLow\Portalarium\kskjxbe\Hmdfbtuugd\36.0.1985.143\pdf.dll</p><p>2014-11-20 15:35 - 2014-11-20 15:35 - 00353096 _____ () C:\Users\*\AppData\LocalLow\Portalarium\kskjxbe\Hmdfbtuugd\36.0.1985.143\ppGoogleNaClPluginChrome.dll</p><p>2014-11-20 15:35 - 2014-11-20 15:35 - 01732936 _____ () C:\Users\*\AppData\LocalLow\Portalarium\kskjxbe\Hmdfbtuugd\36.0.1985.143\ffmpegsumo.dll</p><p>2014-11-20 15:35 - 2014-11-20 15:35 - 14669128 _____ () C:\Users\*\AppData\LocalLow\Portalarium\kskjxbe\Hmdfbtuugd\36.0.1985.143\PepperFlash\pepflashplayer.dll"</p><p></p><p></p><p>EDIT: I deleted the Portalarium folder and got the Baxigxtn to stop briefly, but then the error popped up again and it ended up in a raidcall folder instead..</p><p></p><p>The process keeps multiplying and popping up again as soon as I delete it.. I'm getting really mad..</p></blockquote><p></p>
[QUOTE="Vinn1, post: 302678, member: 30982"] I got the Fake Chrome Process Malware around a week ago, but did a System Restore which seemed to have gotten rid of it until about an hour ago (11/20/2014) when it came back.. I got a popup randomly that said that something failed and then it tried to open my CMD prompt. I force closed the popup (rundll32), but it still put the Malware back onto my PC. I noticed numerous Baxigxtm.exe processes which constantly come back after I end the process, and have the obvious icon of Google Chrome. I've read up on this Malware before, but have no idea how to truly get rid of it without having to do a full system wipe. I don't even know if that would fix the issue. I look forward to getting a response ASAP! Thank you. Attached is a PICTURE of the Error I get right before the Malware attaches itself. [ATTACH=full]33050[/ATTACH] ^ I also noticed that the Process for this Error is Microsoft Register Server aka regsvr32, which apparently is used to register a DLL (most likely the corrupt DLL files associated with this Malware..) ^ PS: I also just finished using Malware Bytes AntiRoot Kit and it still found nothing. Some code of the culprit folder from the Scan: "\AppData\LocalLow\Portalarium\kskjxbe\Hmdfbtuugd\36.0.1985.143\libglesv2.dll 2014-11-20 15:35 - 2014-11-20 15:35 - 00126280 _____ () C:\Users\*\AppData\LocalLow\Portalarium\kskjxbe\Hmdfbtuugd\36.0.1985.143\libegl.dll 2014-11-20 15:35 - 2014-11-20 15:35 - 08537928 _____ () C:\Users\*\AppData\LocalLow\Portalarium\kskjxbe\Hmdfbtuugd\36.0.1985.143\pdf.dll 2014-11-20 15:35 - 2014-11-20 15:35 - 00353096 _____ () C:\Users\*\AppData\LocalLow\Portalarium\kskjxbe\Hmdfbtuugd\36.0.1985.143\ppGoogleNaClPluginChrome.dll 2014-11-20 15:35 - 2014-11-20 15:35 - 01732936 _____ () C:\Users\*\AppData\LocalLow\Portalarium\kskjxbe\Hmdfbtuugd\36.0.1985.143\ffmpegsumo.dll 2014-11-20 15:35 - 2014-11-20 15:35 - 14669128 _____ () C:\Users\*\AppData\LocalLow\Portalarium\kskjxbe\Hmdfbtuugd\36.0.1985.143\PepperFlash\pepflashplayer.dll" EDIT: I deleted the Portalarium folder and got the Baxigxtn to stop briefly, but then the error popped up again and it ended up in a raidcall folder instead.. The process keeps multiplying and popping up again as soon as I delete it.. I'm getting really mad.. [/QUOTE]
Insert quotes…
Verification
Post reply
Top