1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Task Manager Shows Fake Chrome Processes

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by CLi7NT, Mar 3, 2016.

  1. CLi7NT

    CLi7NT Private E-2

    My laptop runs slower than usual and is creating new folders in weird places. I did notice task manager processes for chrome and did an online search to find a few connected to fake processes like
    programdata\ntuser.pol and programdata\Roaming and windows\XSxS.

    I ran MGlogs and attached the zip that was one my desktop after it completed.
     

    Attached Files:

  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

  3. CLi7NT

    CLi7NT Private E-2

    Sorry for the delay feel a sleep.
     

    Attached Files:

  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    What strange folders are you referring to?
     
  5. CLi7NT

    CLi7NT Private E-2

    I attached a screen shot. See the added shortcuts for the folders My Music, My Pictures, My Videos? When I click on one of them a pop up warning about permission comes up and if I hit continue another warning come up saying you have been denied permission to access this folder. To gain access to this folder you will need to use the security tab. Just never seen these or had this happen before i guess the 1/21/06 date when they were created.
     

    Attached Files:

  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Not sounding like malware at all. What happens when you click continue?
     
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    These are not problems and you are not allowed access them. The "My Music", "My Pictures", and "My Videos" aren't actually folders, they are links ( junction points ) for compatibility with older applications, it isn't possible to actually open them even as administrator. The actual folders in are in your user account folder and probably named "Music", "Pictures", and "Videos" or possibly "My Music", "My Pictures" and "My Videos".
     
    CLi7NT and Kestrel13! like this.
  8. CLi7NT

    CLi7NT Private E-2

    Thanks for the insight. They were never there before and seemed strange that they were shortcuts newly created inside documents as well as they had the message saying you have been denied permission to access this folder. To gain access to this folder you will need to use the security tab.

    What do I do with the issues found in the logs from:
    RogueKiller log rg.txt - multiple antirootkits?
    Malwarebytes mb.txt - PUP.Optional.OpenCandy and PUP.Optional.OpenCandy?
     
  9. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    They are not anti rootkits OR rootkits... they are all normal entries to be left alone!
    What Malware Bytes found has already been quarantined according to the log...
     
  10. CLi7NT

    CLi7NT Private E-2

    oh so i'm clean? very cool. I thought opencandy was malware. thanks so much for your help! I'll donate and recommend!
     
    Kestrel13! likes this.
  11. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    It's not malware, it's a potentially unwanted application, IE: You might not want it, but you may want it. ;)
    Yes your logs are clean. :) Thankyou very much indeed for the donation and recommendations! Bless you!
     

Share This Page


MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds


<