I've been browsing the other threads of those with the same issue as mine but I'm not sure if i should just follow the same directions. Can anyone either help me solve this or direct me to the right thread to follow instructions?
.dllhost COM surrogate running multiple instances
- Thread starter fangshway
- Start date
- Status
- Mar 8, 2013
- 22,627
- Mar 8, 2013
- 22,627
This is a very powerful tool that should be used only if advised by Malware Analyst.
Do not run ComboFix on your own!
Referring to this instruction, please download ComboFix by sUBs and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
- Right-click on
icon and select
Run as Administrator to start the tool.
- Accept the disclaimer and agree if prompted to install Recovery Console.
- Do not take any actions while ComboFix goes through your System - it may cause it to stall!
- This scan may take some time!
- When finished - it will display a logfile (located also on your main drive, usually C:\ComboFix.txt).
Include that log in your next reply.
- Mar 8, 2013
- 22,627
Very good, we're making some progress 
Scan with Farbar Recovery Scan Tool
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
- Right-click on
icon and select
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File). - Make sure that Addition option is checked.
- Press Scan button and wait.
- The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
everything seems to be working fine since i ran combofix, however when i open chrome i still get three windows that open to alternate search engines that i never chose to use
- Mar 8, 2013
- 22,627
Download attached fixlist.txt file and save it to the Desktop:
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
- Right-click on
icon and select
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File). - Press the Fix button just once and wait.
- If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
- When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please attach it to your reply.
Tell me how is your PC now?
Last edited:
i have the fixlist.txt on my desktop along with my FRST and i ran it as administrator but it crashes after about 30 seconds. i was running other programs at the same time though let me try it without.
yeah still the same issue, heres the log from the windows crash report:
Problem Event Name: APPCRASH
Application Name: FRST64.exe
Application Version: 30.8.2014.0
Application Timestamp: 54018bca
Fault Module Name: ntdll.dll
Fault Module Version: 6.1.7600.16559
Fault Module Timestamp: 4ba9b802
Exception Code: c00000fd
Exception Offset: 00000000000536ac
OS Version: 6.1.7600.2.0.0.768.3
Locale ID: 1033
Additional Information 1: c97e
Additional Information 2: c97eac62f095f40edf8b6dab370bb979
Additional Information 3: dd13
Additional Information 4: dd139bda81a8a2271f18926f634b393a
Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409
If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt
Problem Event Name: APPCRASH
Application Name: FRST64.exe
Application Version: 30.8.2014.0
Application Timestamp: 54018bca
Fault Module Name: ntdll.dll
Fault Module Version: 6.1.7600.16559
Fault Module Timestamp: 4ba9b802
Exception Code: c00000fd
Exception Offset: 00000000000536ac
OS Version: 6.1.7600.2.0.0.768.3
Locale ID: 1033
Additional Information 1: c97e
Additional Information 2: c97eac62f095f40edf8b6dab370bb979
Additional Information 3: dd13
Additional Information 4: dd139bda81a8a2271f18926f634b393a
Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409
If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt
- Mar 8, 2013
- 22,627
about 30 seconds after i press fix, i should restart my comp and try again, i forgot to do that.
- Mar 8, 2013
- 22,627
Let's try with another tool:
Scan with ZOEK
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Post its content into your next reply.
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
- Right-click on
icon and select
Run as Administrator to start the tool.
- Wait patiently until the main console will appear, it may take a minute or two.
- In the main box please paste in the following script:
Code:createsrpoint; autoclean; chrdefaults; emptyalltemp; ipconfig /flushdns;b - Make sure that Scan All Users option is checked.
- Push Run Script and wait patiently. The scan may take a couple of minutes.
- When the scan completes, a zoek-results logfile should open in notepad.
- If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.
- Mar 8, 2013
- 22,627
Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to me or any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.
Other members who need assistance please start your own topic in a new thread. Thanks!
Other members who need assistance please start your own topic in a new thread. Thanks!
- Status
Similar threads
- Locked
