a file in the running process's keeps popping up after a boot or reboot called "kkqoqshl.exe",

having an issue with a windows 7 professional desktop. a file in the running process's keeps popping up after a boot or reboot called "kkqoqshl.exe", is is tied to google chrome. chrome is then running in the background with about 8 to 10 of these sessions running slowly eating away the processor speed. i have run ADWCleaner, Malwarebytes, OTL by oldtimer and have come up with nothing. i want this process to be shut off to i can get the computer memory back. when i right click on file in task manager and tell it to open location i get this "C:\Users\n.lynch.NL\AppData\LocalLow\EmieUserList\fxrhjagijy\Yjxamfzp" . i deleted this and it keeps coming back. any suggestions on how to fix this? i even downgraded from IE 11 to IE 10 because one log suggested i do that and that didn't work.
bhamilton3180Asked:
Who is Participating?
 
NVITCommented:
If you want to try manually cleaning the PC, see AutoRuns by Microsoft (Sysinternals):
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

Using Autoruns successfully does require some study, but not much, in my experience. Here are some links to help you find and remove the malware:
http://www.howtogeek.com/howto/12837/use-autoruns-to-manually-clean-an-infected-pc/
http://www.howtogeek.com/school/sysinternals-pro/lesson6/all/
http://www.windowsecurity.com/articles-tutorials/viruses_trojans_malware/Hunt-Down-Kill-Malware-Sysinternals-Tools-Part1.html

Those articles mention using Process Explorer simultaneously. But, Autoruns was enough for me. I guess it depends on how bad you're infected.

General steps:
1. Install AutoRuns.
2. Disconnect from the internet.
3. Reboot the station.
4. Run autoruns.
0
 
it_saigeDeveloperCommented:
Sound's like a rootkit or other type of malware.  Have you attempted to run Combofix on this system?

-saige-
0
 
nobusCommented:
did you try roguekiller yet ? http://majorgeeks.com/RogueKiller_d6983.html
0
Live Q & A: Securing Your Wi-Fi for Summer Travel

Traveling this summer? Join us on June 18, 2018 for a live stream to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
bhamilton3180Author Commented:
thank you
0
 
NVITCommented:
Hi bhamilton3180...
Thank you for the update. I'm glad I could help.
0
 
pabrannPresidentCommented:
I downloaded the RogueKiller application. I thought it was a free program so I executed it although I was confused because it changed its name to reimage repair or something like that. It went through a process which I thought would fix the issues but after all that, it wants money to complete the repair. That doesn't make me happy....
0
 
pabrannPresidentCommented:
I am thinking I may just restore this system to factory settings. I have already backed up any necessary data from this system.
0
 
nobusCommented:
roguekiller is free - and does not change it's name
you are heavily infected  it seems
did autoruns  help?  and what did you find?
0
 
pabrannPresidentCommented:
sorry I did not try the autoruns. I ended up reinstalling windows and am just now up and running. What antivirus software do you recommend now? Is Avast any good?
0
 
nobusCommented:
pabrann  - if you wan tyot ask a question - open one for yourself plse!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.