ad: cq2k-1

Silent worm running your computer! DLLhost.exe com surrogate

Discussion in 'General Announcements' started by KC8WIK, Nov 1, 2014.

Thread Status:
Not open for further replies.
ad: L-HROutlet
ad: l-rl
ad: Radclub22-2
ad: Left-3
ad: L-MFJ
ad: Left-2
ad: abrind-2
  1. KC8WIK

    KC8WIK Premium Subscriber QRZ Page

    I have been hit by an Internet worm, it got in on a download from a trusted web site. That's why this worm is so prolific, it disguises itself as a windows system file and does the "dirty" when you download certain files.
    Take a look at your Windows Task Monitor on the Processes tab. Do you see multiple instances of DLLhost .exe and are any of them listed as com surrogates. Usually, this is not a constant running process, and rarely is bigger than about 8K per instances.
    If so then check out www.malwaretips.com and they can fix you. They fixed me, no cost!

    kc8wik
     
  2. WB9UDA

    WB9UDA Ham Member QRZ Page

    No such thing on my computer.

    But, as a Computer Repair Professional, I contend that the best repair is prevention.
    A well protected computer won't become infected with Malware in the first place.

    That site you mentioned, is pushing McAfee products. A real POC!

    McAfee was the only act around 34 years ago, but that is no longer true.

    There is NO one program or suite of programs from any one vender that will totally protect your computer from all forms of Malware.
    I use and recommend a "Package" of Anti-Malware software to keep a PC free of the software gremlins.
    My own preferences include, but are not necessarily limited to:

    AVG Anti-Virus, 2015 (FREE)
    Spybot Search & Destroy (FREE)
    Spyware Blaster (FREE)
    Malware Bytes (FREE)
    Super Anti Spyware (FREE)
    Trojan Hunter (Paid Subscription)

    Each program can find things that the others can't. That's why I suggest the "Package" concept, in malware prevention.
    I share most of the FREE programs with all my customers and we all stay Malware free.

    Good Luck!
    WB9UDA :cool:
     
  3. KA9JLM

    KA9JLM Ham Member QRZ Page

    What version of windows are you using ? What was the file location on your computer ?

    My guess is that it will be back.


    Good Luck.
     
  4. K4ISR

    K4ISR Ham Member QRZ Page

    Long time computer tech and server admin here.

    The antivirus programs have really changed over the years. It used to be that the mainstream companies had he best protection (Norton, Mcafee, etc). Then as they expanded their offerings, their antivirus protection went to crap. Today they spread themselves out to cover so many angles, their entire line of programs is nothing more than marketing and offers mediocre protection.

    Then some other freemium (free programs that have premium upgrade options) have also gone the same way down the drain like AVG and Malwarebytes. While these 2 used to be good, I have found their protection actually causes a LOT more problems with locking down key Windows files that can only be resolved by a complete drive format and OS reinstall. Most of these "protective" programs is like a RF wave, their protection is good for awhile then drops to crap then goes up then back down....

    * The program I have used for years because it stays consistently good is Avira. It is free, but also has a paid option which is mostly for supporting them, not a bunch of other useless programs that offer very little protection (although the paid version does have some extra options if you choose to take advantage of it).

    * Spyware Blaster is great because it maintains a list of the bad sites and does not constantly stay running in the background.
    * SuperAntiSpyware is good once you're infected by something serious, but what I do, and recommend for other people is install it, scan and clean the system 4-5 times, then remove it. This program will SERIOUSLY slow down the entire computer if left installed, even brand new high end systems.

    I watch this site every few months to check their latest testing and scores: http://www.av-comparatives.org/ and check under Comparatives. Usually the first 3 or 4 should give a good idea. If you have looked at these tests for a few years, you would see the RF wave I mentioned above where most of the claimed "better" programs go from good to bad and back to good every 6-12 months or more. The issue I have is when they are at the bottom of the bad wave, that leaves your computer open to all kinds of new stuff thats out there.
     
  5. KA0HCP

    KA0HCP XML Subscriber QRZ Page

    DLLHOST.EXE is a legitimate Windows function. It is always possible to acquire a virus which hijacks portions of your OS.

    Beware internet urban myths that have you deleting OS files with no sign of virus infection. Better to check your computer with several reliable antivirus/malware programs, than to start monkeying around chasing unsubstantiated viruses.
     
  6. KA9JLM

    KA9JLM Ham Member QRZ Page

    You do not need all of the Crap, that claims to protect you.

    Windows File Checker still works, as far as I know.

    If that file is running out of the system environment, it could be a problem.

    IE running in your Office Dir, tattling on you. You can thank your friends for using a bootleg copy of Office for that. Or blame yourself for installing bootleg MS software.


    It is not a virus, it is built in by design. And MS Loves it.



    Have Fun Every One.
     
  7. K8PV

    K8PV Guest

    It's amazing that anybody, but especially hams. would use Windows on the Internet. Windows 3.1b was not suitable nor has any version since been suitable. I have been on the Internet since before the WWW and have NEVER had a virus or worm.

    Switch to Linux or OS-X, two operating systems designed from the beginning for the Internet. Simple.
     
  8. K7BED

    K7BED Ham Member QRZ Page

    I have to agree, W8SDG. Had I not bought my extremely overpriced (but lovely) MacBook Pro 2 years ago I would still be using Linux. The only thing preventing me from continuing to use Linux is the trackpad on my MBP as it doesn't play nice with Linux.

    I hate to see people complain about catching a virus or some other version of malware when it's so easy to just format your drive and put Linux on it. There, problem solved. But I do know that many people don't even know how to burn an iso let alone how to install any OS.

    Then there are the programs/apps people are used to using and once they find out that their favorite (pick a program) isn't available on Linux they refuse to switch.

    I tend to really like one particular website to help find programs that do similar things for MS Windows and Linux, called OS Alternatives osalt.com.

    For example, instead of using Photoshop in Linux (you can't) you can use GIMP (Gnu Image Manipulation Program).

    Windows was not made (nor updated) for use on the internet. The whole OS is not designed to protect itself or the user logged in from malware. Linux/BSD-based systems are ideal for use on the internet but until people quit following what everyone else is doing Linux will never become very popular, also because there is no real money to be made by using or developing Linux OS or apps. Of course there could be proprietary apps made for Linux but not many people would buy them since the entire premise of Linux is open source and with few people (comparitivly) actually using Linux there is even a much smaller sample of people willing to spend a lot of money for commercially produced software for linux.

    OS X may be free these days but the hardware it runs on certainly isn't. I for one will be switching back to Linux with the next computer I buy, which will be whenever this one fails to run properly (assumingn it's not a HDD/SSD or RAM problem. Luckily my current MBP has the ability to have the RAM and HDD upgraded by myself. Newer hardware makes that impossible. Another reason to NOT buy Apple computers these days. Bah humbug.
     
  9. K4ISR

    K4ISR Ham Member QRZ Page

    By comparison, OSX does not get viruses nearly as much, but there are plenty of viruses out there that can vary from benign advertising or porn popups, to full blown OS take over.

    If you really want to avoid viruses, step into a Linux distro such as Ubuntu which locks down root access by default (requires at least a password when you need it). If it wasn't for software testing with my job as a computer tech and server admin, I would only have one windows PC, and that would be for the XYL. Even with that, I still only have 4 Windows PCs, and 4 or 5 more as test servers (plus several laptops running Ubuntu).
     
  10. KT1F

    KT1F Ham Member QRZ Page

    Can you give an example of what Linux does (in your words) "to protect itself or the user logged in from malware" that a modern version of Windows does not do?

    I'm pro Linux myself but I don't think your statement really stands up to scrutiny when applied to modern versions of Windows. Users routinely running with admin permissions used to be a big problem with Windows but that's a thing of the past.
     
    Last edited: Dec 8, 2014
  11. WB9UDA

    WB9UDA Ham Member QRZ Page

    I have to give out with an uncontrollable belly laugh, when anyone, especially a self proclaimed IT Expert, says that they stay 100% safe with just one program.
    That's foolhardy at best and just plain ill-advised and dangerous at worse.

    I've specialized in Computer Security and efficiency for 34 years and I'm here to tall y'all that there is still NO ONE program or suite that can 100% protect you against all the various forms of Malware that are out there. Every program on the market, is good only as far as what they were designed to do. I've found NO one program that will catch every form of Malware out there.
    Most Anti-Virus programs are not now or ever were designed to find and remove adware, spyware or PUM's. Forget about trojans and worms.
    I've found only one program, for instance, that will find and remove Tracking Cookies. That's Super Anti Spyware.

    On one teenager's PC, after running all my favorite Security programs, I then ran "Trojan Hunter" (in Free Trial mode) which found 1400 instances of Trojans, not found by any other program.
    So to clean up an infected PC, you need a lot more than just one program.

    You can't possibly know what Malware is on your PC, till you run the programs that when combined, look for "Everything".

    It's a jungle out there and if you're not prepared for that.....stay home. (and stay off of the Internet)

    Cheers Mates, and Happy Holidays!

    WB9UDA :cool:
     
  12. K5GHS

    K5GHS Ham Member QRZ Page

    Make Microsoft Flight Simulator X, Train Simulator, and other similar games compatible and we'll start talking. I can probably name a few other things I use the PC for as well.

    I don't have the kind of money some hams do to "dedicate" a computer to ham radio and such OS's and then another for other things.

    This is the reason why most hams use Windows. Ham Radio is one of many functions the PC is used for.
     
  13. KA9JLM

    KA9JLM Ham Member QRZ Page

    "So to clean up an infected PC, you need a lot more than just one program."

    Not really.

    Ghost is the only one you need. Works every time for me. Using a Win 98 Boot disk.

    After a Low level format and reload, all is good again.

    I use the "WinForce Control Panel" Only, and have never got a virus. You do not need all of the Crapware.

    Most problems are due to Hard Drive problems.


    Good Day.


    73


     
  14. KL7AJ

    KL7AJ Ham Member QRZ Page

    I hate noisy worms.
     
  15. KA9JLM

    KA9JLM Ham Member QRZ Page


    I like the ones that smack their lips when a fish goes to eat them.
     
Thread Status:
Not open for further replies.

Share This Page

ad: Alphaant-1