Jump to content

c:\windows\syswow64\dllhost.exe issue like everyone else

maximus2321
 Share

Recommended Posts

maximus2321

maximus2321

Posted
Posted

Hello to everyone in the forum. I have run into the same issue that many of the other users on this forum have run into. My laptop is

  • Intel® Core™ i5-4200U Processor
  • Windows 8
  • 6GB DDR3L 1600MHz memory (max. 16 GB)
  • Intel® Integrated Graphics
  • 750 GB (5400rpm, Serial ATA)
  • DVD-SuperMulti drive

I currently have malware bytes and Bitdefender antivirus. Bit Defender had auto renewed my credit card for the full amount so I called and had it refunded. They refunded it, sent an email with it for a 3rd of the price it renewed it for and removed my credentials. I reinstallled after 1 day of being unprotected and not knowing it (didnt see it the email). I ran Bitdefender and both Bit defender and malware recognized a virus. I quarantined, restarted, and rescanned and both said that the lap top was virus and malware free. But now I get an notice c:\windows\syswow64\dllhost.exe. I noticed that most ask to run FRST in safe mode which I have done and I have attached a copy of the results. Any help would be greatly appreaciated

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Are any of your files encrypted???  Can you open all of your documents and photos???

 

===================================

Download the attached fixlist.txt to the same folder as FRST.exe/FRST64.exe.
Run FRST.exe/FRST64.exe and click Fix only once and wait
The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

Then...........

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

http://www.bleepingcomputer.com/download/combofix/dl/12/ <---ComboFix direct download

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.
 

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Can you see if you can locate this folder and delete it: (that's exactly what it looks like in the log)

C:\Users\Max\AppData\Roaming\????

You may have to enable hidden files to see it:

http://www.bleepingcomputer.com/tutorials/show-hidden-files-in-windows-8/

==================================

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Wait for the Prescan to finish

Click Scan to scan the system.

When the scan completes > Don't Fix anything! > Click on the Report Button > Copy and paste the Report back here.

Don't run any other options, they're not all bad!!!!!!!

RogueKiller logs will also be located here:

%programdata%/RogueKiller/Logs <-------W7

C:\Documents and Settings\All Users\Application Data\RogueKiller\Logs <-------XP

MrC

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

OK...lets scan for any adware/spyware:

Please download AdwCleaner from HERE or HERE to your desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are either adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Next..................

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Next.........

Please run a Threat Scan (Malwarebytes)

Click on settings > Detection and Protection > Non-Malware Protection > PUP (Potentially Unwanted Program) detections > Make sure it's set to Treat detections as malware

Same for PUM (Potentially Unwanted Modifications)

Quarantine All that's found

MrC

Link to post
Share on other sites
maximus2321

maximus2321

Posted
  • Author
Posted

Adwcleaner has frozen twice after scanning for over 4 hours. I installed NOD 32 antivirus and it picked up the win32 file coder trojan.cr. I deleted them and 1 hour later they picked up the same files. From what Ive read about the virus, is that it replicates all my media files and shows them as virus, but the virus it self is hidden from scanners. Should I try to run ADW clearner in safe mode?

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.