dllhost.exe
in [Windows XP]
|
Prev: sp3 install/uninstall problem
Next: restore point
From: PA Bear [MS MVP] on 6 Aug 2010 20:41 There is a very good chance that you are seeing the effects of a hijackware infection! NB: If you had no anti-virus application installed or the subscription had expired *when the machine first got infected* and/or your subscription has since expired and/or the machine's not been kept fully-patched at Windows Update, don't waste your time with any of the below: Format & reinstall Windows. A Repair Install will NOT help! Microsoft PCSafety provides home users (only) with no-charge support in dealing with malware infections such as viruses, spyware (including unwanted software), and adware. https://support.microsoft.com/oas/default.aspx?&prid=7552&st=1 Also available via the Consumer Security Support home page: https://consumersecuritysupport.microsoft.com/ Otherwise... 1. See if you can download/run the MSRT manually: http://www.microsoft.com/security/malwareremove/default.mspx NB: Run the FULL scan, not the QUICK scan! You may need to download the MSRT on a non-infected machine, then transfer MRT.EXE to the infected machine and rename it to SCAN.EXE before running it. 2a. WinXP => Run the Windows Live Safety Center's 'Protection' scan (only!) in Safe Mode with Networking, if need be: http://onecare.live.com/site/en-us/center/howsafe.htm 2b. Vista or Win7=> Run this scan instead: http://onecare.live.com/site/en-us/center/whatsnew.htm 3. Now post the requested information (logs, etc.) in your own, new thread in one (only) of the following recommended forums for assistance by an expert in such matters. DO NOT SKIP THIS STEP!! . SpywareHammer: Malware Removal http://spywarehammer.com/simplemachinesforum/index.php?board=10.0 . Spyware Warrior: Help with spyware removal http://www.spywarewarrior.com/viewforum.php?f=5, . DSL Reports: Security Cleanup http://www.dslreports.com/forum/cleanup . Bluetack: Malware Removal http://www.bluetack.co.uk/forums/index.php?showforum=172 . AumHa: Malware Removal http://aumha.net/viewforum.php?f=30 If these procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the machine to a local, reputable and independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop. WaIIy wrote: > I don't recall installing anything new lately. > > All of a sudden, I have two instances of dllhost.exe running in Task > Manager upon boot. > > If I kill them and their processes, there is no ill effect. > > Yes, I've scanned and also run Avira and Zone Alarm Pro. > > I'd like to get rid of them. > Thanks
From: PA Bear [MS MVP] on 7 Aug 2010 02:13 Then what's causing the two instances of DLLHOST.DLL to load at boot? WaIIy wrote: > On Fri, 6 Aug 2010 20:41:59 -0400, "PA Bear [MS MVP]" > <PABearMVP(a)gmail.com> wrote: > >> There is a very good chance that you are seeing the effects of a >> hijackware >> infection! >> > <snip> >> >> WaIIy wrote: >>> I don't recall installing anything new lately. >>> >>> All of a sudden, I have two instances of dllhost.exe running in Task >>> Manager upon boot. >>> >>> If I kill them and their processes, there is no ill effect. >>> >>> Yes, I've scanned and also run Avira and Zone Alarm Pro. >>> >>> I'd like to get rid of them. >>> Thanks > > > Thanks for the info, but I have no malware/infection. > > I just can't get rid of it on boot. If I kill the two instances in > Task Manager, I'm fine. > > Also, I have very little loading on startup. I use Startup Control > Panel to stop just about everything.
From: Peter Foldes on 7 Aug 2010 09:27 Wally A quick question. How do you know you do not have a malware/infection. -- Peter Please Reply to Newsgroup for the benefit of others Requests for assistance by email can not and will not be acknowledged. http://www.microsoft.com/protect "WaIIy" <WaIIy@(nft).invalid> wrote in message news:pqgp56dm1i1nt2k9otbs96fao0579k5nj0(a)4ax.com... > On Fri, 6 Aug 2010 20:41:59 -0400, "PA Bear [MS MVP]" > <PABearMVP(a)gmail.com> wrote: > >>There is a very good chance that you are seeing the effects of a hijackware >>infection! >> > <snip> >> >>WaIIy wrote: >>> I don't recall installing anything new lately. >>> >>> All of a sudden, I have two instances of dllhost.exe running in Task >>> Manager upon boot. >>> >>> If I kill them and their processes, there is no ill effect. >>> >>> Yes, I've scanned and also run Avira and Zone Alarm Pro. >>> >>> I'd like to get rid of them. >>> Thanks > > > Thanks for the info, but I have no malware/infection. > > I just can't get rid of it on boot. If I kill the two instances in > Task Manager, I'm fine. > > Also, I have very little loading on startup. I use Startup Control > Panel to stop just about everything.
From: PA Bear [MS MVP] on 7 Aug 2010 10:58 +1 Peter Foldes wrote: > Wally > > A quick question. How do you know you do not have a malware/infection. > > "WaIIy" <WaIIy@(nft).invalid> wrote in message >> >>> There is a very good chance that you are seeing the effects of a >>> hijackware infection! >>> >> <snip> >> Thanks for the info, but I have no malware/infection. >> >> I just can't get rid of it on boot. If I kill the two instances in >> Task Manager, I'm fine. >> >> Also, I have very little loading on startup. I use Startup Control >> Panel to stop just about everything.
From: PA Bear [MS MVP] on 7 Aug 2010 15:50
So what's causing the two instances of DLLHOST.EXE to load at boot? WaIIy wrote: > On Sat, 7 Aug 2010 09:27:28 -0400, "Peter Foldes" <okf22(a)hotmail.com> > wrote: > >> Wally >> >> A quick question. How do you know you do not have a malware/infection. > > Hi Peter, > > Well, everything runs perfectly. I use Firefox and have every stopper > addon known to man. I run CCleaner twice a day. > Ran Avira and Malwarebytes. > > I can stop the instances in Task manager with no known adverse effect. > > I use Zone Alarm Pro and I have no unusual outbound requests I can see > using Process Explorer. > > I have winxp pro no network, dsl and I'm behind a router. > > Google comes up with the same issue, but no real way to stop it. > > I haven't installed any new software except an Aimp2 update. > > I might have installed a Java and Flash update and I suspect one of > those. I don't load Java on boot and goto the online Flash manager and > kabosh everything. > > I don't know for sure I have a malware/infection problem, but highly > doubt it. > > Hmm, maybe I'll stop it in Task Manager, do an Erunt and restore the > registry. Well, maybe I don't know. |