Solved Com Surrogate dll host issue

[RebeccaC1976]

What happened to your files ?
All of your files were protected by a strong encryption with RSA-2048 using CryptoWall 2.0.
More information about the encryption keys using RSA-2048 can be found here: http://en.wikipedia.org/wiki/RSA_(cryptosystem)

What does this mean ?
This means that the structure and data within your files have been irrevocably changed, you will not be able to work with them, read them or see them,
it is the same thing as losing them forever, but with our help, you can restore them.

How did this happen ?
Especially for you, on our server was generated the secret key pair RSA-2048 - public and private.
All your files were encrypted with the public key, which has been transferred to your computer via the Internet.
Decrypting of your files is only possible with the help of the private key and decrypt program, which is on our secret server.

What do I do ?
Alas, if you do not take the necessary measures for the specified time then the conditions for obtaining the private key will be changed.
If you really value your data, then we suggest you do not waste valuable time searching for other solutions because they do not exist.

For more specific instructions, please visit your personal home page, there are a few different addresses pointing to your page below:
1.https://paytordmbdekmizq.tor4pay.com/1bYa7bN
2.https://paytordmbdekmizq.pay2tor.com/1bYa7bN
3.https://paytordmbdekmizq.tor2pay.com/1bYa7bN
4.https://paytordmbdekmizq.pay4tor.com/1bYa7bN
If for some reasons the addresses are not available, follow these steps:
1.Download and install tor-browser: http://www.torproject.org/projects/torbrowser.html.en
2.After a successful installation, run the browser and wait for initialization.
3.Type in the address bar: paytordmbdekmizq.onion/1bYa7bN
4.Follow the instructions on the site.

IMPORTANT INFORMATION:
Your personal page: https://paytordmbdekmizq.tor4pay.com/1bYa7bN
Your personal page (using TOR): paytordmbdekmizq.onion/1bYa7bN
Your personal identification number (if you open the site (or TOR 's) directly): 1bYa7bN

 

[TwinHeadedEagle]

Please read this topic completely to completely understand what is going on:

http://www.bleepingcomputer.com/virus-removal/cryptowall-ransomware-information

 

[RebeccaC1976]

Ok I read it, a lot of info there! What is your suggestion?

Also the rogue killer is still up on my PC. Should I delete the files it is showing as suspicious?

 

[TwinHeadedEagle]

I am not too familiar with this infection, but as the guide says, there is no way to restore your files, unless you tried some tips shown there.

Tell me is everything all right now, so we can close the case.

 

[RebeccaC1976]

Still have several iexplore instances, but seems like they will never go away. Sure we can close the case.

 

[TwinHeadedEagle]

Are they happening when Internet Explorer is closed? Do they have impact on PC performance?

 

[RebeccaC1976]

only happening now when internet explorer is open, but there are at least 2 iexplore.exe running, sometimes 3. hasnt been impacting performance, so i will just let it go. Thanks for all your help!

 

[TwinHeadedEagle]

Glad I could help. We will delete all used tools and I'll give you some tips to harden your security and learn how to protect yourself

Recommended reading:
​

MUST READ - security tips:

• Computer Security - a short guide to staying safer online.
• Simple and easy ways to keep your computer safe and secure on the Internet

MUST READ - general maintenance:

• What to do if your Computer is running slowly?

The Importance of Software Updating:
​

In order to stay protected it is very important that you regularly update all of your software. Cybercriminals depend on the apathy of users around software updates to keep their malicious endeavor running.​

Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Downloading updates and installing them can sometimes be tedious, but the advantages you get from the updates are certainly worth it.

• How to configure and use Automatic Updates in Windows
• How to update Java
• How to update Adobe Reader

Recommended additional software:
​

TFC - to clean unneeded temporary files.

Malwarebytes' Anti-Malware - to scan your system from time to time in search for malware.

Malwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.

McShield - to prevent infections spread by removable media.

Unchecky - to prevent from installing additional foistware, implemented in legitimate installations.

FiheHippo.com Update Checker - to keep your programs up-to-date.

Adblock - to surf the web without annoying ads!

Post-cleanup procedures:​

Download DelFix by Xplode and save it to your desktop.

• Run the tool by right click on the
  
  icon and Run as administrator option.
• Make sure that these ones are checked:
  • Remove disinfection tools
  • Purge system restore
  • Reset system settings
• Push Run and wait until the tool completes his work.
• All tools we used should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.

My help is free for everybody.
If you're happy with the help provided and/or wish to buy me a beer for the assistance you received, then you can consider a donation:
Thank you!​

Stay safe,
TwinHeadedEagle