Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

dllhost.exe *32 COM surrogate trojan? [Solved]


  • This topic is locked This topic is locked

#31
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Looking at back4sure it appears that you may need to reschedule the backups, but the best option would be to run it and see if the schedule transferred... Although I see it is running from windows task scheduler so mayhap you will not need to do that
  • 0

Advertisements


#32
Ted in FL

Ted in FL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

OK - working on email now.  Problems getting it to connect.  I took screenshots of the old profile and tried to use those settings in the new, but it wouldn't connect.   I'll try another approach in a minute.   

 

I tried one last time to fix the old profile by copying the ntuser files from the new profile back to the old one.  It wouldn't log on.  So, I tried just the ntuser.dat file.  It would log in, but still had the same security problem.  Guess that approach won't work, unless you have a hot tip.

 

Question: when I set up my new user, I thought I'd be able to change the file name location, so it is now "Test Admin Account."  When I changed the name of the user account, it didn't migrate the user folder too.  Not a surprise, but not ideal.  Is there a way to change this? 


  • 0

#33
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yes there is a quick workaround on the windows club blog http://www.thewindow...unt-name-change
  • 0

#34
Ted in FL

Ted in FL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

OK i'll give it a try now that I have outlook working.  Thx.


  • 0

#35
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Glad things are progressing. The big problem with a corrupted user account after an infection is that there are to many little areas where the errors could be residing, trying to find them is the proverbial needle in a haystack situation
  • 0

#36
Ted in FL

Ted in FL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Names are changed, most systems are working.  Calling it quits for now.  I can't say how much I appreciate your help.  Thanks.


  • 0

#37
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Lets clear my rubbish away now and see how it goes

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Click Start then Run.
On Windows7 or Vista you may use Start Search field if Run is not available.
In the box copy/paste the following command:

ComboFix /Uninstall

Note that there is a space between " ComboFix " and " /Uninstall " .

Then click OK (or press Enter ).
Wait for the uninstall process to complete.

Download and run Delfix

delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes.

Update and run weekly to keep your system clean


It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#38
Ted in FL

Ted in FL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Had a long workday yesterday, so just saw this.  I'll run the clean up steps this evening.  Thanks again!


  • 0

#39
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No problem, I will keep this thread open until you are happy :)
  • 0

#40
Ted in FL

Ted in FL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

OK - long work week, but back at it now.  I did the first two steps to remove ComboFix and DelFix.  I read all of the Java articles and THINK I have it disabled using the java control panel.  I loaded CryptoPrevent free version with the settings as above.  However, when given the choice to whitelist everything in the known blocked areas, I said no.  It has been a week since we assured that everything is clean, so I didn't want to do that.  Hopefully, that is OK.  I already have Malwarebytes and keep it updated, but apparently whatever got into the system wasn't picked up by that nor by McAfee. 

 

Other than reconfiguring my Office Aps, I need to reestablish wireless network connection between our two computer. That seemed to have been lost in when we established the new user.  I'll do some reading on that (it's been a couple of years since I set it up the first time).  I'd appreciate any quick tips you have though.  If I can't get it established, should I start a new topic?  Thanks again!


  • 0

Advertisements


#41
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Network is not my forte I am afraid. However, we do have some excellent techs in this area who would only be to pleased to help http://www.geekstogo.../11-networking/
  • 0

#42
Ted in FL

Ted in FL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts

Thought that might be the case.  So, I'll read up on the network forum and ask there if I have a problem.  With that, you can close this stream with my sincere thanks and appreciation!


  • 0

#43
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP