Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dllhost.exe


  • This topic is locked This topic is locked
36 replies to this topic

#31 satchfan

satchfan

  • Malware Response Team
  • 335 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:05:43 PM

Posted 04 May 2013 - 05:12 PM

Chrome is a bit of a nuisance so let's try to deal with this without having to get rid of it altogether , (if you want to keep it)

 

Reset Chrome’s home page:

 

OTL doesn’t fix the Chrome home page so we need to do it manually:

  • open Google Chrome
  • click on the Customize icon Chrome.gif, at the top right
  • click on Settings
  • under “On start-up”, check Open a specific page or set of pages and then on Set pages
  • delete any pages that you don’t want
  • set your start page to the page you want, eg www.google.com.

Once you have typed in the address in the 'Open this page' box, this change is saved. If you close this tab and click on the home icon you should now get your home page.

 

================================================

 

Run ESET Online Scan

 

IMPORTANT Please make sure you uncheck the box next to Remove found threats. Eset will detect anything that looks even slightly suspicious, which could include legitimate program files. If you do not uncheck the box, Eset will automatically remove all suspicious files which could leave some of your software inoperable.

 

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read [url="http://www.bleepingcomputer.com/forums/topic114351.html"]here[/url].

 

Hold down Control and click on the following link to open ESET OnlineScan in a new window.

 

ESET OnlineScan

 

  • click the Eset online Scanner button.
  • for alternate browsers only: (Microsoft Internet Explorer users can skip these steps)


    o click on esetinstaller.exe to download the ESET Smart Installer. Save it to your desktop.
    o double click on the Eset installer icon on your desktop.

 

  • check Yes, I accept the Terms of Use
  • click the Start button.
  • accept any security warnings from your browser.
  • check Scan archives and and Remove found threats.
  • click Advanced settings and select the following:


    o Scan potentially unwanted applications
    o Scan for potentially unsafe applications
    o Enable Anti-Stealth technology
     

  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • when the scan completes, push List of found threats
  • push Export to Text file and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

     

    [color="#FF0000"]Note - if ESET doesn't find any threats, no report will be created.

     

  • push the back button.
  • push Finish

If a log has been produced post it in your next reply.

 

Thanks

 

Satchfan


Edited by satchfan, 04 May 2013 - 05:18 PM.

SignatureBCnoASAP.gif

 


BC AdBot (Login to Remove)

 


#32 zaphryn78

zaphryn78
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:12:43 PM

Posted 05 May 2013 - 09:08 AM

I did everything as requested and it told me "nothing was found"



also, I changed Chromes homepage to google. 



#33 satchfan

satchfan

  • Malware Response Team
  • 335 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:05:43 PM

Posted 05 May 2013 - 04:41 PM

Everything seems to be in order.

How are things now?


SignatureBCnoASAP.gif

 


#34 zaphryn78

zaphryn78
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:12:43 PM

Posted 06 May 2013 - 09:18 AM

I still have a dllhost.exe file that consumes over 12-15 million of my RAM showing up. It happened to me like 3 times yesterday and I had to keep ending the process tree. So the problem doesn't appear solved. I wonder if it has to do with a file that was deleted or corrupted. I may have to just reinstall windows. 



#35 satchfan

satchfan

  • Malware Response Team
  • 335 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:05:43 PM

Posted 07 May 2013 - 03:17 AM

Sorry about the delay but things were a bit hectic yesterday.

 

Note: If you have MalwareBytes Anti-Malware 1.6 or higher installed and are using the Pro version or trial version, please temporarily disable it for the duration of this fix as it may interfere with the successfully execution of the script below.

Run OTL

  • double click on the icon to run it.
  • copy/paste ALL the following text written inside the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :Services
    
    :OTL
    SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    
    :Reg
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MsMpSvc]
    [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend]
    :Commands
    [purity]
    [emptytemp]
    [Reboot]
  • click the Run Fix button at the top
  • let the program run unhindered, reboot when it is done
  • please post the OTL fix log and new OTL log.

===================================================

Open Windows Explorer, (Windows key+E).

Locate C:\FixitRegBackup.reg, right-click on the file, select Edit, and when it opens in Notepad, copy and paste the contents in your next reply.

===================================================

Please try downloading SystemLook again save it to your Desktop.

 

SystemLook (64-bit)
 

  • double-click SystemLook.exe to run it.
  • copy the content of the following codebox into the main textfield - please make sure you include the colon, (:), at the beginning:
    :filefind
    *Shareaza*
    
    :folderfind
    *Shareaza*
    
    :Regfind
    Shareaza
  • click the Look button to start the scan.
  • when finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt
Logs to include in the next post:

OTL fix log
New OTL log
SystemLook.txt
Contents of FixitRegBackup.reg


Satchfan

 


SignatureBCnoASAP.gif

 


#36 satchfan

satchfan

  • Malware Response Team
  • 335 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:05:43 PM

Posted 10 May 2013 - 01:45 AM

Hi Zaphryn78

 

It has been several days since I sent my last set of instructions.

 

Please let me know if you are having problems.

 

Thanks

 

Satchfan


SignatureBCnoASAP.gif

 


#37 satchfan

satchfan

  • Malware Response Team
  • 335 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:05:43 PM

Posted 12 May 2013 - 02:37 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

SignatureBCnoASAP.gif

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users