How To Detect and Remove the Chrome.exe Virus

Understanding the difference between your real Chrome browser file and the Chrome.exe virus, also called Poweliks Trojan, can help you protect your data and speed up your computer.
We receive compensation from the products and services mentioned in this story, but the opinions are the author's own. Compensation may impact where offers appear. We have not included all available products or offers. Learn more about how we make money and our editorial policies.

To hide their malware, cybercriminals created the Chrome.exe virus, also known as the Poweliks trojan. Because the malware appears to be a real application, you don’t realize your device has been infected.

This type of malware is the cybercriminal version of Obi-Wan Kenobi telling Stormtroopers, “These aren’t the droids you’re looking for.” You can expect to see the Chrome.exe process in your Task Manager if you're using Google Chrome. Meanwhile, the Chrome.exe that’s running is really the malware you want to remove.

To remove Chrome malware, you should install a highly-rated antivirus program that scans your device and quarantines the infected process. Keep reading our Chrome.exe virus removal guide for step-by-step instructions.

In this article
How to identify the Chrome.exe virus
How to remove the Chrome.exe Virus
What is the Chrome.exe virus?
How to avoid malware infections
Chrome.exe FAQ
Bottom line

How to identify the Chrome.exe virus

Although the trojan malware “Jedi mind trick” can sound scary, you can still use Google Chrome without worrying too much. By understanding the difference between how the legitimate Chrome.exe and the Poweliks Chrome.exe virus work, you can identify a virus infection and keep using your favorite browser.

What is your computer doing?

Poweliks uses the same name as your browser’s executable file, but your computer will act differently. You can look for the following symptoms to diagnose your computer with the virus:

  • Your computer is slow.
  • You see a lot of pop-up ads when browsing.
  • You see ads from websites you’ve never visited.
  • You can’t access websites.
  • Your browser won’t let you download files.
  • You find suspicious browser extensions you haven't installed.

How much memory is your browser using?

Just like you need to check for symptoms that differentiate strep and the common cold, you want to look for additional digital symptoms to determine whether your computer has a dangerous infection. Other indicators of the Chrome.exe virus might include high CPU usage. You should also check for the following:

  1. Look in your Windows Task Manager to see what programs are running and look for Chrome.exe*32.
  2. You may see more than one version of the Chrome.exe file. This is the first hint that your computer is infected.
  3. Review the Memory column in Windows Task Manager for Chrome.exe*32.
  4. If you have a lot of tabs open, close them to see if that reduces the amount of memory Chrome uses.

What processes should you look for?

If Chrome is still taking up a lot of memory, now you need to start thinking about the final definitive test. Just like you’d go to the doctor to get a throat culture for strep, it’s time for you to take a full look at your device. Although Poweliks looks like Google Chrome, it has some unique characteristics. Going back to your Task Manager, you need to look for the following processes:

  • dllhost.exe *32
  • dllhst3g.exe *32
  • DLLHOST.exe
  • dllhst3g.exe

What other files should you look for?

Finally, you might want to search your file folders for Chrome.exe*32. To do this:

  1. Open your Task Manager.
  2. Right-click on the Chrome.exe*32 process.
  3. Open the file location.

The only file location where you should find the Chrome.exe*32 file is this directory:

C:\Program Files (x86)\Google\Chrome\Application

If you find the file anywhere else, you have a Poweliks infection.

How to remove the Chrome.exe Virus

Although it might take you some time to locate the Chrome.exe virus, you don’t need to buy a new device. You can remove the virus by taking the following steps.

1. Install and update antivirus software

The Chrome.exe virus is just the beginning of the problem. With malware like Poweliks, you have to worry about the additional malware that it downloads, launches, and updates. With all these other files, you either need advanced IT skills or antivirus software to help you.

Finding the best antivirus software for your needs is the first step. Although most antivirus should be able to detect Poweliks, the following have specific detections for it:


No Fuss, Real-Time Online and Mobile Protection
Editorial Rating
Learn More
On TotalAV's website
Antivirus Software
First year discount on paid plans
  • Real-time protection from viruses, malware, and online threats
  • Blocks tracking cookies and ads, proactively monitors for data breaches, and option to schedule smart scans
  • 100% compatible with Windows, Mac, Android, and iOS operating systems on up to 3 devices
  • Lacks firewall protection

TotalAV is cost-effective, user-friendly, and comes with the antivirus essentials you need, including antivirus scans, protection from phishing attacks, ransomware, malicious apps and extensions, and more. It even offers a free version, so you can always keep your device protected and try it out risk-free before committing.

Get TotalAV | Read Our TotalAV Review


Enjoy Norton’s 100% Virus Protection Promise
Editorial Rating
Learn More
On Norton 360 Antivirus's website
Antivirus Software
Norton 360 Antivirus
Save up to 58% your first year
  • 4 plans available, all including antivirus, malware, ransomware, and hacking protection, Cloud backup, and a secure password manager
  • Option to add VPN connection, dark web monitoring, privacy monitoring, and more
  • Compatible with Windows, Mac, Android, and iOS on up to 10 devices depending on plan

Norton is more than just an antivirus, it also offers comprehensive cybersecurity suites. It has no shortage of features, including identity theft protection, parental controls, and a VPN.

Get Norton | Read Our Norton Review


Editorial Rating
Learn More
On Bitdefender's website
Antivirus Software
  • Antivirus software offering reliable security
  • Simple yet powerful interface tools
  • Perfect protection score in third-party tests

With excellent protection scores, friendly customer service, and a full range of security features, Bitdefender is a great choice for protecting your device from malware. When we tested it, it had no impact on our system performance.

Get Bitdefender | Read Our Bitdefender Review


Online Protection With VPN Access and Identity Monitoring
Editorial Rating
Learn More
On McAfee's website
Save $90 on a 2-year plan
  • Premium antivirus, scam, and web protection, plus a VPN, identity monitoring, and secure password manager
  • Added peace of mind with 24/7 expert online support and McAfee’s Virus Protection Pledge
  • Compatible with Windows, Mac, Android, iOS, and ChromeOS on up to 5 devices

A well-known and well-regarded name in the antivirus industry, McAfee also scored well in third-party protection tests. Along with a firewall, it also includes phishing protection, parental controls, and a file shredder. We especially like that its cheapest plan, Antivirus Basic, is still packed with a firewall, password manager, VPN, and identity monitoring.

Get McAfee | Read Our McAfee Review

2. Run an antivirus scan

After downloading an antivirus program or antimalware tool, you need to run a full system scan. To do this, you should:

1. Open the solution’s dashboard or main window.

options on window

2. Look for System Scan.

After running anti-virus window says you are safe

3. Click Start Scan.

window showing files scanning for viruses

4. Once the antivirus completes the scan, you can review the report that looks like this:

No threats found message after scanning files for virus

3. Delete corrupted files

Your antivirus will automatically quarantine the virus’s files. Many will also delete them, but if yours doesn’t, then you may want to find a malware removal tool that works with your operating system. For example, Malwarebytes works with both Mac and Windows operating systems, so if your household has devices running both, this is a good option for you.

These solutions usually delete all the corrupted files for you. For example, in Malwarebytes, you would see this type of report:

Our antivirus came up with a bunch of notifications to let us know it fully removed the Chrome.exe virus and deleted any corrupted files.

4. Restart your computer and scan again

As you would on a math test, double-check your work. Cybercriminals don’t want you to be able to remove malware, so they build persistence into them.

Restarting your computer stops all processes, cleans up your device’s memory, and clears out the cache. You want to make sure that you’re starting with a clean slate after you remove the malware.

Because malware processes automatically start running as soon you log in, doing one more antivirus scan ensures everything is cleaned up.

Another part of the Chrome.exe virus is adware, which causes unwanted ads to pop up while you use your device. Many of these ads may contain links to additional malware, but potentially unwanted programs (PUPs) like the Poweliks adware could also collect your personal data. 

To uninstall unwanted adware on Windows 7, 10, or 11, open your Control Panel > Programs and Features > Uninstall a program and select the program you want to remove.

5. Reset your browser settings

After you've cleaned Chrome.exe off your device, you should also take steps to remove any Chrome malware from your browser. You can do this by resetting your browser settings.

  1. Open Google Chrome.
  2. Click on the three dots on the top-left corner and select Settings.
  3. Select Reset settings on the left-hand side of the Chrome settings. 
  4. Click Restore settings to their original defaults.
  5. From the pop-up, click Reset settings to confirm.

You can also remove any suspicious browser extensions directly from Chrome

What is the Chrome.exe virus?

The Chrome.exe virus, or Poweliks trojan, is a Trojan horse malware that disguises itself as a legitimate computer program to evade detection. The ".exe" means it's an executable file. When someone clicks on the file, it gives the computer instructions about what to do next.

When a user clicks on the file to open it, it triggers a series of actions:

  • The Poweliks downloader installs on the device.
  • The Microsoft Windows registry stores the file under the name Chrome.exe.
  • The installer deletes itself.

Because the malware, disguised as Google Chrome, installs in the Windows registry and not the hard drive, antivirus tools have a hard time detecting it.

Once installed, the virus can:

  • Read your emails
  • Access your phone contacts
  • Establish connections with hidden websites
  • Create, modify, or remove files or processes
  • Collect and send system information
  • Perform click fraud, or generate multiple clicks on advertisements to generate more revenue
  • Download additional malware
  • Be controlled by a cybercriminal

How to avoid malware infections

Just as taking your Vitamin C helps your immune system protect you against colds and strep, you can also take steps to protect your information and devices. Learning how to stay safe online is the protective vitamin for your digital health.

Update your devices and software

In the case of Poweliks and other downloader malware, the danger lies in its ability to control the device and install other malicious software. Typically, malware takes advantage of vulnerabilities, the weaknesses in an operating system or software’s code.

Software and operating updates fix these weaknesses, so installing security patches is a critical cybersecurity step.

Secure your wireless network

By securing your wireless network, you can protect your devices from different types of attacks, including malware. To secure your network, you can edit your router’s settings to:

  • Encrypt it using Wi-Fi Protected Access 2 (WPA2).
  • Change the default password.
  • Update firmware to protect against vulnerabilities.
  • Scan your router for malware.

You should also consider using a virtual private network (VPN) to further secure your Wi-Fi connection — especially if you connect to public Wi-Fi. A VPN makes it harder for hackers to target your device with malware by disguising your IP address. During our testing, these top VPN apps stood out from the rest:

The best VPN apps for securing your Wi-Fi network

Starting price Starts at $3.39/mo (billed every two years) Starts at $2.19/mo (billed every two years) Starts at $2.03/mo (billed every two years)
Number of devices 10 Unlimited 7
Server count 6,300+ in 111 countries 3,200+ in 100 countries 11,700+ in 100 countries
Streaming support
Torrenting support
Learn more See NordVPN Pricing See Surfshark Pricing See CyberGhost Pricing

Be careful when downloading files

Poweliks is called a fileless malware because it installs in the registry instead of the system. However, cybercriminals typically hide the malware in malicious documents either sent by email or downloadable from a malicious website.

To protect against the Chrome.exe virus, you should only download attachments or files when you can trust the sender or website.

Change your passwords

To protect yourself, you should have a unique password for every login. After you delete any malware from your device, you should reset all your passwords. Some malware, such as Poweliks, can download and install a virus that steals usernames and passwords.

Use an antivirus

When you install antivirus software on your device, it regularly scans for, detects, and deletes malware. With this protection, you don’t have to worry about looking for signs that a virus infected your device. 

Even Macs and Chromebooks should have some form of antivirus protection. If you're missing this key form of protection, check out our guide to the best antivirus software for recommendations.

Chrome.exe FAQ


Is Chrome.exe a virus?

Chrome.exe is the name of the Chrome browser software file. However, the Poweliks virus, also called the Chrome.exe virus, uses the same name as the legitimate software file to hide in a computer’s registry.


What is the Poweliks Trojan?

The Poweliks Trojan, also called the Chrome.exe virus, is a malware that disguises itself by stealing the name of the Chrome browser. Poweliks is a fileless malware, which means it installs in a device’s registry rather than the hard drive. By hiding in the registry, it’s more difficult to detect, which allows it to continue to download and install other malware or send information to cybercriminals.


Why do I have so many chrome.exe in my task manager?

Chrome creates a separate process for each tab, extension, utility, and subframe. It runs multiple processes for each tab, utility, and extension so if the browser or tabs crash, the user doesn’t lose any data.


Can Chrome get a virus?

The Google Chrome browser is a software that can get a virus. The Google Chrome virus is a browser hijacker malware that changes settings and configurations without the user’s permission. Signs of infection include:

  • Pop-up ads
  • Redirects to suspicious websites
  • Changes to the homepage
  • Browser setting changes or deletions
  • Suspicious browser extensions

To remove the virus, you should:

  1. Open Chrome.
  2. Click on the three dots in the top right corner to open the drop-down menu.
  3. Scroll down to Settings.
  4. Once in settings, go to Advanced > Reset and clean up.
  5. Click Clean up computer and select Find harmful software.
  6. Delete any malicious programs found in the browser.

Bottom line

For most people, a virus like Poweliks can feel overwhelming. However, the good thing about technology is that you don’t have to be an IT expert to fix most things. When you have a good antivirus and learn about online safety, you can prevent most cyber dangers and continue to do everything you enjoy online.

No Fuss, Real-Time Online and Mobile Protection
Editorial Rating
Learn More
On TotalAV's website
Antivirus Software
First year discount on paid plans
  • Real-time protection from viruses, malware, and online threats
  • Blocks tracking cookies and ads, proactively monitors for data breaches, and option to schedule smart scans
  • 100% compatible with Windows, Mac, Android, and iOS operating systems on up to 3 devices
  • Lacks firewall protection

Author Details
Karen Walsh is a lawyer and former-internal-auditor-turned-subject-matter-expert in cybersecurity and privacy compliance. Karen has been published by leading industry outlets and quoted by The New York Times and CNN Investigative reporters.