(Google Inc.) Ipmvlwyfwmdn.exe using up memory
- Thread starter TurkSDSU
- Start date
I have attached the file as requested and after reading other user's posts, I have also noticed multiple dllhost.exe *32 COM Surrogate that I can end process but they keep returning. I am unsure if either of these issues is a possible cause to my connection speed dropping dramatically while online gaming. I average around 35 ping and it has been spiking on average to 300 and yesterday I even saw a 900 ping. Thanks for the reply.
- Apr 24, 2014
- 3,395
1. Open notepad and copy/paste the text present inside the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
2. Save notepad as fixlist.txt to your Desktop.
NOTE: => It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
3. Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.
Note: If the tool warned you about the outdated version please download and run the updated version.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Code:
CustomCLSID: HKU\S-1-5-21-2222387085-2878984009-3964471230-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
Task: {6A0C387D-46C3-4B06-85CB-3449A843DC08} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
C:\Users\Brandon\AppData\LocalLow\Sun\bfajjvhle\oimkehy
HKU\S-1-5-21-364233733-4225134241-1576640876-1001\...\Run: [DYMO] => rundll32.exe "C:\Users\Brandon\AppData\Local\Temp\",CreateInstance <===== ATTENTION
HKU\S-1-5-21-364233733-4225134241-1576640876-1001\...\Run: [qcujejlwce] => regsvr32.exe /s "C:\Users\Brandon\AppData\Local\{0A013DC8-BAE8-4654-A06A-F92317D97CFF}\qcujejlwce.dll" <===== ATTENTION
C:\Users\Brandon\AppData\Local\{0A013DC8-BAE8-4654-A06A-F92317D97CFF}
HKU\S-1-5-21-364233733-4225134241-1576640876-1001\...0c966feabec1\InprocServer32: [Default-shell32] C:\Users\Brandon\AppData\Local\{8c2f3244-0c4b-220e-9a2c-125d24fb1178}\n. ATTENTION! ====> ZeroAccess/Alureon?
C:\Users\Brandon\AppData\Local\{8c2f3244-0c4b-220e-9a2c-125d24fb1178}
SearchScopes: HKCU - DefaultScope {2348AF2A-4E4C-48B8-8AFB-44B8D11DDB23} URL = https://duckduckgo.com/?q={searchTerms}
SearchScopes: HKCU - {2348AF2A-4E4C-48B8-8AFB-44B8D11DDB23} URL = https://duckduckgo.com/?q={searchTerms}
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
C:\Users\Brandon\AppData\Local\{8c2f3244-0c4b-220e-9a2c-125d24fb1178}
C:\Users\Brandon\AppData\Local\{8c2f3244-0c4b-220e-9a2c-125d24fb1178}\@
C:\Users\Brandon\ADM-1.dat
C:\Users\Brandon\CL.dat
EmptyTemp:NOTE: => It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
3. Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.
Note: If the tool warned you about the outdated version please download and run the updated version.
I am still seeing the fake chrome apps in the task manager. I ran a 2nd scan and will attach the newer file
Similar threads
- Locked