Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Odd dllhost.exe running. Paranoid?


  • Please log in to reply
3 replies to this topic

#1 RaveBlack

RaveBlack

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 16 January 2015 - 04:52 AM

Every so often, I notice a dllhost.exe running under my username pop up in Task Manager. Looking at it in Process Explorer tells me that it's running from the legitimate source (system32), with a processid of {F9717507-6651-4EDB-BFF7-AE615179BCCF}. It's not spawning multiple dllhost.exes and it's not taking up tons of CPU/memory. It's just under 3 MB in memory, and it's just starting, running for less than a minute or so, then stopping. And it's making me really nervous, especially since I can't find anything to tell me what it is.

I run Windows 7, my normal antivirus is Norton 360, and I have additionally scrubbed my system with ESET, CCleaner, TDSSKiller, MalwareBytes, AdwCleaner, and Junkware Removal Tool, on both regular mode and safe mode. As it's still doing it, it's either not malware or something that none of those have picked up. I had no problems running any of them, and I know from experience that malware can prevent antivirus programs from running.

Please set my mind at ease. Is it something I need to worry about, or am I just being incredibly paranoid?


Edited by RaveBlack, 16 January 2015 - 04:58 AM.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:23 AM

Posted 16 January 2015 - 05:01 AM

{F9717507-6651-4EDB-BFF7-AE615179BCCF} is legitimate.

Are you having any issue?

#3 RaveBlack

RaveBlack
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:06:23 AM

Posted 16 January 2015 - 05:07 AM

I actually didn't know if this was going to become an issue or if I was being incredibly paranoid, as I couldn't find a definitive answer anywhere regarding it. I lost my old computer to a nasty bit of malware, so I tend to get rather on edge about this computer, plus I didn't know if that was a legitimate thing and if it was supposed to do that.

I really should've asked someone sooner, I've been worrying myself for days that something had gotten into my computer and compromised it, even though I'd scrubbed it as much as I had.

Thank you very much, I'll sleep better tonight.


Edited by RaveBlack, 16 January 2015 - 05:22 AM.


#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:23 AM

Posted 16 January 2015 - 06:10 AM

I would personally drop Norton as it is a resource hog and hs sub standard detection rates. :)

 

These are the two that I use on my personal machines one per machine of course.

 

 

http://tiranium-antivirus.olympe.in/products.html Tiranium Free

 

http://www.360totalsecurity.com/ 360 Total Security

 

Have a good day. :)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users