[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

RogueKiller hangs on Checking process - dllhost.exe

Posted on 2014-01-21
13
Medium Priority
?
3,347 Views
Last Modified: 2014-02-03
I am working on a computer that has been infected, this time with PUPs.  I was able to do a System Restore for before Re-markit and others downloaded.  I've run Rkill, AdwCleaner, JRT, MBAM, SAS and Hitman Pro, no big issues.  I am attempting to run RogueKiller but it hangs on Checking processes - dllhost.exe

I have run RogueKiller on this computer before with no issue.  Any ideas?
Thanks,
Mags
0
Comment
Question by:Mags
  • 7
  • 5
13 Comments
 
LVL 18

Accepted Solution

by:
web_tracker earned 1000 total points
ID: 39799059
Try running it in safemode, or try a different download of the application. I use rogue killer often as part of the malware removal tool in the IT department at the university.  I have issues when the app froze up taking longer to scan than normal. I either tried rebooting the system or running it in safemode, or redownloading the app and trying to scan again.
0
 
LVL 93

Assisted Solution

by:nobus
nobus earned 1000 total points
ID: 39799304
try running sfc, or a repair; your OS looks corrupted :
http://www.sevenforums.com/tutorials/681-startup-repair.html            REPAIR
http://www.sevenforums.com/tutorials/1538-sfc-scannow-command-system-file-checker.html         SFC
0
 

Author Comment

by:Mags
ID: 39800374
Thanks guys...your help is always appreciated.  I will be able to access her computer in a day or so...I'll be in touch!
Mags
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 

Author Comment

by:Mags
ID: 39816725
Hoping to get on her computer tomorrow!
0
 

Author Closing Comment

by:Mags
ID: 39826634
Ran sfc /scannow with no issues, ran RogueKiller in Safemode then in Normal mode. It found these issues -

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

Fixed and made sure host and proxy were good.

Her computer is running well!  Thanks guys!
Mags
0
 
LVL 93

Expert Comment

by:nobus
ID: 39827334
you should still run it in normal mode
0
 

Author Comment

by:Mags
ID: 39827869
Thanks nobus...as I stated above I did...the scan ran without issue.  Any other suggestions??
I appreciate all of your assistance!
Mags
0
 
LVL 93

Expert Comment

by:nobus
ID: 39827884
do i undestand you correct?  you posted 2 registry entries it found; now you say "the scan ran without issue" ???
0
 

Author Comment

by:Mags
ID: 39827906
Nobus maybe I am not expressing myself correctly and/or I may not be running RogueKiller correctly.

I tried running RogueKiller on her computer and it would not complete the initial scan.  I ran sfc /scannow which showed no errors.  I ran it 3 times.

I then started her computer in safe-mode, ran RogueKiller and it found then deleted two registry issues.

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED

I then restarted her computer in normal mode and re-ran RogueKiller and it found no issues and the host was set correctly.

Was this done correctly?
0
 
LVL 93

Expert Comment

by:nobus
ID: 39828881
yes, and my ans  wer to that was : "you should still run it in normal mode" = Roguekiller
0
 

Author Comment

by:Mags
ID: 39829904
Thanks Nobus!  Your assistance and confirmation were greatly appreciated!
Mags
0
 
LVL 93

Expert Comment

by:nobus
ID: 39830038
i try to please everyone; but i don't succeed always
0
 

Author Comment

by:Mags
ID: 39830192
You did this time...thanks!
Mags
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
This Micro Tutorial will teach you the basics of configuring your computer to improve its speed. It will also teach you how to disable programs that are running in the background simultaneously. This will be demonstrated using Windows 7 operating…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question