Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dllhost.exe *32 Infection (COM Surrogate)


  • This topic is locked This topic is locked
5 replies to this topic

#1 zhibben92

zhibben92

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:34 AM

Posted 14 October 2014 - 02:09 PM

Hey all,

 

First time posting here on the forums. I've recently encountered a problem that I can't seem to fix myself. I'm running Windows 7 Pro 64 bit. If I open up the task manager and look under the processess tab I will find numerous dllhost.exe  *32 processes. If I try to end them, they will just reappear and restart the cycle. I need some guidance! If anyone could tell me of step one, please let me know. I've tried a few things already like a virus scan, malware scan, and even manually removing the dllhost.exe and replacing it(this didn't go over so well seeing as I couldn't bypass permission). I also get a consistent popup on my desktop that says: "Security Alert, You do not have permission to download this file", or somewhere a long the lines of that. It appears, and disappears quickly.

 

Thanks all,

Zacch

 

 

 

EDIT: I posted it in this section of the forums so I can upload attachments.

 

UPDATE: FRST logs

Attached File  Addition.txt   31.91KB   4 downloads

Attached File  FRST.txt   24.85KB   3 downloads



BC AdBot (Login to Remove)

 


#2 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:09:34 AM

Posted 14 October 2014 - 03:00 PM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

I will reply later today since I am at work right now.

 

 

Regards,

Georgi


cXfZ4wS.png


#3 zhibben92

zhibben92
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:34 AM

Posted 14 October 2014 - 04:46 PM

Sounds good! Thank you!



#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:09:34 AM

Posted 15 October 2014 - 12:28 PM

Hello,

 

I am sorry about the delay. I had a busy day at the office.

 

 

Please download the following file => and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

Also can you please temporary disable the real-time protection of your security software? Check here how:

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Then go to C:\FRST\Quarantine and right click on the folder, select send to compressed(zip) folder that will make a zipped copy of this folder.

Then please upload it to http://www.bleepingcomputer.com/submit-malware.php?channel=122 so we can examine the files and submit to antivirus companies if needed.
After that please delete the zip file you just created and re-enable Symanted Endpoint Protection and Windows Defender.

 

Also let me know if the problem still persists.

 

 

Regards,

Georgi


cXfZ4wS.png


#5 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:09:34 AM

Posted 25 October 2014 - 04:03 AM

Hi,

 

Do you still need assistance?

 

 

Regards,

Georgi


cXfZ4wS.png


#6 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:09:34 AM

Posted 19 November 2014 - 03:42 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

cXfZ4wS.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users