![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(227.2, 16%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
It sounds like you're dealing with a persistent malware issue that disguises itself as a COM Surrogate. Here are some steps you can take to address the problem:
- Run a Full Antivirus Scan: Ensure your antivirus software is up to date and perform a full system scan to detect and remove any malicious software.
- Use Malware Removal Tools: Consider using specialized malware removal tools like Malwarebytes or Windows Defender Offline to scan and remove stubborn malware.
- Check Startup Programs: Use the Task Manager to check for any suspicious programs that start with Windows. Disable any that look unfamiliar or suspicious.
- Delete Suspicious Files: Navigate to the directory mentioned (C:\Users\Ahmed\AppData\Roaming\Dll) and manually delete the suspicious file
dlI.host. Ensure that you have hidden files visible in your folder options. - Check Registry Entries: Sometimes malware creates registry entries to persist. Use
regeditto check for any entries that reference the suspicious file and remove them. Be cautious when editing the registry, as incorrect changes can cause system issues. - Reset Web Browsers: If the malware has affected your web browsers, reset them to their default settings to remove any unwanted extensions or changes.
- Reinstall Windows: If the problem persists and you cannot remove the malware, consider backing up your data and performing a clean installation of Windows.
- Seek Professional Help: If you are not comfortable performing these steps, consider seeking help from a professional technician.
Make sure to back up important data before making significant changes to your system.
References:
