dllhost.exe *32 COM surrogate trojan? [Solved]
Posted 19 October 2014 - 01:05 PM
Posted 19 October 2014 - 01:52 PM
OK - working on email now. Problems getting it to connect. I took screenshots of the old profile and tried to use those settings in the new, but it wouldn't connect. I'll try another approach in a minute.
I tried one last time to fix the old profile by copying the ntuser files from the new profile back to the old one. It wouldn't log on. So, I tried just the ntuser.dat file. It would log in, but still had the same security problem. Guess that approach won't work, unless you have a hot tip.
Question: when I set up my new user, I thought I'd be able to change the file name location, so it is now "Test Admin Account." When I changed the name of the user account, it didn't migrate the user folder too. Not a surprise, but not ideal. Is there a way to change this?
Posted 19 October 2014 - 01:58 PM
Posted 19 October 2014 - 02:27 PM
Posted 19 October 2014 - 08:20 PM
Names are changed, most systems are working. Calling it quits for now. I can't say how much I appreciate your help. Thanks.
Posted 20 October 2014 - 07:38 AM
I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean
A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:
Click Start then Run.
On Windows7 or Vista you may use Start Search field if Run is not available.
In the box copy/paste the following command:
Note that there is a space between " ComboFix " and " /Uninstall " .
Then click OK (or press Enter ).
Wait for the uninstall process to complete.
Download and run Delfix
: Keep Java Updated :
WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
CryptoPrevent install this programme to lock down and prevent crypto ransome ware
Update and run weekly to keep your system clean
It is critical to have both a firewall and anti virus to protect your system and to keep them updated.
To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe
Posted 21 October 2014 - 10:13 AM
Had a long workday yesterday, so just saw this. I'll run the clean up steps this evening. Thanks again!
Posted 25 October 2014 - 06:02 AM
OK - long work week, but back at it now. I did the first two steps to remove ComboFix and DelFix. I read all of the Java articles and THINK I have it disabled using the java control panel. I loaded CryptoPrevent free version with the settings as above. However, when given the choice to whitelist everything in the known blocked areas, I said no. It has been a week since we assured that everything is clean, so I didn't want to do that. Hopefully, that is OK. I already have Malwarebytes and keep it updated, but apparently whatever got into the system wasn't picked up by that nor by McAfee.
Other than reconfiguring my Office Aps, I need to reestablish wireless network connection between our two computer. That seemed to have been lost in when we established the new user. I'll do some reading on that (it's been a couple of years since I set it up the first time). I'd appreciate any quick tips you have though. If I can't get it established, should I start a new topic? Thanks again!
Posted 25 October 2014 - 06:25 AM
Posted 25 October 2014 - 06:32 AM
Thought that might be the case. So, I'll read up on the network forum and ask there if I have a problem. With that, you can close this stream with my sincere thanks and appreciation!
Posted 25 October 2014 - 06:37 AM
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users