Solved

RogueKiller hangs on Checking process - dllhost.exe

Posted on 2014-01-21
13
3,147 Views
Last Modified: 2014-02-03
I am working on a computer that has been infected, this time with PUPs.  I was able to do a System Restore for before Re-markit and others downloaded.  I've run Rkill, AdwCleaner, JRT, MBAM, SAS and Hitman Pro, no big issues.  I am attempting to run RogueKiller but it hangs on Checking processes - dllhost.exe

I have run RogueKiller on this computer before with no issue.  Any ideas?
Thanks,
Mags
0
Comment
Question by:MagsMcKinley14
  • 7
  • 5
13 Comments
 
LVL 18

Accepted Solution

by:
web_tracker earned 250 total points
Comment Utility
Try running it in safemode, or try a different download of the application. I use rogue killer often as part of the malware removal tool in the IT department at the university.  I have issues when the app froze up taking longer to scan than normal. I either tried rebooting the system or running it in safemode, or redownloading the app and trying to scan again.
0
 
LVL 91

Assisted Solution

by:nobus
nobus earned 250 total points
Comment Utility
try running sfc, or a repair; your OS looks corrupted :
http://www.sevenforums.com/tutorials/681-startup-repair.html            REPAIR
http://www.sevenforums.com/tutorials/1538-sfc-scannow-command-system-file-checker.html         SFC
0
 

Author Comment

by:MagsMcKinley14
Comment Utility
Thanks guys...your help is always appreciated.  I will be able to access her computer in a day or so...I'll be in touch!
Mags
0
 

Author Comment

by:MagsMcKinley14
Comment Utility
Hoping to get on her computer tomorrow!
0
 

Author Closing Comment

by:MagsMcKinley14
Comment Utility
Ran sfc /scannow with no issues, ran RogueKiller in Safemode then in Normal mode. It found these issues -

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

Fixed and made sure host and proxy were good.

Her computer is running well!  Thanks guys!
Mags
0
 
LVL 91

Expert Comment

by:nobus
Comment Utility
you should still run it in normal mode
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:MagsMcKinley14
Comment Utility
Thanks nobus...as I stated above I did...the scan ran without issue.  Any other suggestions??
I appreciate all of your assistance!
Mags
0
 
LVL 91

Expert Comment

by:nobus
Comment Utility
do i undestand you correct?  you posted 2 registry entries it found; now you say "the scan ran without issue" ???
0
 

Author Comment

by:MagsMcKinley14
Comment Utility
Nobus maybe I am not expressing myself correctly and/or I may not be running RogueKiller correctly.

I tried running RogueKiller on her computer and it would not complete the initial scan.  I ran sfc /scannow which showed no errors.  I ran it 3 times.

I then started her computer in safe-mode, ran RogueKiller and it found then deleted two registry issues.

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED

I then restarted her computer in normal mode and re-ran RogueKiller and it found no issues and the host was set correctly.

Was this done correctly?
0
 
LVL 91

Expert Comment

by:nobus
Comment Utility
yes, and my ans  wer to that was : "you should still run it in normal mode" = Roguekiller
0
 

Author Comment

by:MagsMcKinley14
Comment Utility
Thanks Nobus!  Your assistance and confirmation were greatly appreciated!
Mags
0
 
LVL 91

Expert Comment

by:nobus
Comment Utility
i try to please everyone; but i don't succeed always
0
 

Author Comment

by:MagsMcKinley14
Comment Utility
You did this time...thanks!
Mags
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now