Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dllhost.exe com surrogate


  • Please log in to reply
2 replies to this topic

#1 elmoeod

elmoeod

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:37 PM

Posted 23 October 2014 - 02:37 PM

recently my computer started slowing down and completely stopping, after checking task manager, I noticed that multiple dllhost.exe was eating up all my memory.  I run norton360, I have ran malwarebytes, and spybotSD.  Only minor issues were found.

 

after watching closely, and deleting dllhost.exe as fast as I can, I noticed that before a new one popped up, Powershell.exe show up for just a second than disappear, along with others that I have not been able to see for sure, but I know one is a run dll.

 

When running in safe mode, I can keep then deleted in task manager enough to get a few things done, if I am not in safe mode, it is impossible to delete one (dllhost.exe) before 10 more pop up.

 

any questions or suggestions, please ask

 

Thanks

ElmoEOD



BC AdBot (Login to Remove)

 


#2 gody_k_cul

gody_k_cul

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:37 AM

Posted 23 October 2014 - 03:48 PM

It took me two days to kill this, if it's the same bug I caught.   Sounds like Poweliks Trojan.  Read about it before you try to kill it, and see if that's really what you have.  It's very ingenious.  It can also cause plenty of mayhem, and if you don't have something blocking it, it directs your machine to an ip address that attacks you with more bad news.  Malwarebytes protected my machine from reaching the malicious website.


I had to go to another computer and download it to a zip drive and then bring it in.  Had to run it two times.  Keep your task manager open and delete dllhost*32 every time it pops up, while you're messing with it. 


Edited by Queen-Evie, 25 October 2014 - 11:04 AM.
removed link to a tool restricted to use in Malware Removal Los. While the OP did see the post and run the tool, removing link will prevent others from using it outside MRL.


#3 elmoeod

elmoeod
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:37 PM

Posted 24 October 2014 - 02:49 PM

Thanks Gody, that seems to have taken care of it.  I ran it in safe mode first, than restarted and did it again...  so far so good






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users