Malware may reinstall itself multiple times if you don't delete its core files. This may require tracking down dozens of files in different locations.
We recommend downloading Restoro to eradicate Malware for you (it should cut down the time to about 15 minutes).
What is Google Bebeh CPU Miner? And how does it function?
Google Bebeh CPU Miner is a program which has similar functionalities to Moloko CPU Miner and the Cloud Packager CPU Miner. Don’t let this program’s name fool you for it is not related in any services provided by Google. In fact, Google Bebeh CPU Miner is Trojan horse used to spread a Monero miner through Facebook messages.
This malicious Google Chrome extension is installed on a targeted computer through a Trojan downloader that installs this miner and its extension. After it is installed, Google Bebeh CPU Miner will be configured to automatically start and run in the background even if you’re not using Google Chrome. And while it is running, this Trojan horse will log in to your Facebook account and send messages to all your Facebook friends which contain links to the Trojan downloader. This kind of tactic is used to further spread the CPU miner to other PCs.
Here are some of the telltale signs that your PC is infected with the Google Bebeh CPU Miner:
- Your PC runs slowly and becomes sluggish;
- You have a hard time opening any of your programs and when you do, they often freeze or crash;
- There are other unknown processes running in your Task Manager which takes up most of the CPU processing power.
If you have experienced all of these signs or any one of those signs then you should be alarmed and take precautions. Letting this Trojan stay longer on your PC may deteriorate your PC’s performance as time pass so you have to make it your first priority to get rid of the Trojan miner.
How is Google Bebeh CPU Miner distributed?
As pointed out, Google Bebeh CPU Miner is distributed and installed in a computer through a Trojan downloader which is promoted through Facebook messages. These malware-laden messages pretend to be an adult video but in reality, it’s actually a Trojan downloader that will install Google Bebeh CPU Miner and its extension on your PC. That’s why you have to be careful when opening any links or attachments, not just on your Facebook account but on emails as well.
To eliminate Google Bebeh CPU Miner and its extension, refer to the following removal guide.
Step 1: Tap Ctrl + Shift + Esc keys on your keyboard to pull up the Task Manager
Step 2: After opening the Task Manager is opened, go to the Processes tab and locate the malicious process of Google Bebeh CPU Miner and end all of them.
Step 3: Close the Task Manager and tap the Win + R, then type in appwiz.cpl and then tap Enter or click OK to open Control Panel.
Step 4: Look for Google Bebeh CPU Miner and then uninstall it.
Step 5: Close Control Panel and then tap the Win + E keys to open File Explorer.
Step 6: Navigate to the following locations.
Step 7: Look for the malicious files created by Google Bebeh CPU Miner and delete them.
Step 8: Close the File Explorer.
The next step below is not recommended for you if you don’t know how to navigate the Registry Editor. Making registry changes can highly impact your computer. So it is highly advised to use PC Cleaner Pro instead to get rid of the entries that the Trojan has created. PC Cleaner Pro is a trusted program that helps in improving your computer’s overall performance by repairing any registry issues as well as optimizes your system. If you are not familiar with the Windows Registry skip to Step 14 onwards. However, if you are well-versed in making registry adjustments, then you can proceed to step 10.
Step 9: Open the Registry Editor, to do so, tap Win + R and type in regedit and then press enter.
Step 10: Go to the following locations and delete all the registry keys and sub-keys created by Google Bebeh CPU Miner.
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\
Step 11: Close the Registry Editor
Step 12: Launch Google Chrome.
Step 13: Reset Google Chrome back to its default state to remove any remnants of the extension of Google Bebeh CPU Miner.
- Launch Google Chrome, press Alt + F, move to More tools, and click Extensions.
- Look for LilPlay.com or any other unwanted add-ons, click the Recycle Bin button, and choose Remove.
- Restart Google Chrome, then tap Alt + F, and select Settings.
- Navigate to the On Startup section at the bottom.
- Select “Open a specific page or set of pages”.
- Click the More actions button next to the hijacker and click Remove.
Step 14: Empty your Recycle Bin.
Once you got rid of Google Bebeh CPU Miner from your PC, follow the advanced guide below to get rid of it’s the files it has created.
Perform a full system scan using SpyRemover Pro. To do so, follow these steps:
- Turn on your computer. If it’s already on, you have to reboot
- After that, the BIOS screen will be displayed, but if Windows pops up instead, reboot your computer and try again. Once you’re on the BIOS screen, repeat pressing F8, by doing so the Advanced Option shows up.
- To navigate the Advanced Option use the arrow keys and select Safe Mode with Networking then hit
- Windows will now load the SafeMode with Networking.
- Press and hold both R key and Windows key.
- If done correctly, the Windows Run Box will show up.
- Type in explorer http://www.fixmypcfree.com/install/spyremoverpro
A single space must be in between explorer and http. Click OK.
- A dialog box will be displayed by Internet Explorer. Click Run to begin downloading the program. The installation will start automatically once a download is done.
- Click OK to launch it.
- Run SpyRemover Pro and perform a full system scan.
- After all the infections are identified, click REMOVE ALL.
- Register the program to protect your computer from future threats.