- Aug 29, 2017
- 2
Hey there. I'm new to the forum and would love some help identifying some issues with my PC that could be malicious.
There is a particular instance of dllhost.exe that appears on my PC at random, usually after being logged in for a while. I know that I'm not starting any programs when this thing appears, it has a mind of it's own.
Attached is a screenshot showing some properties of the process while it's running. This thing worries me for a couple of reasons:
"The Computer Browser service depends on the Workstation service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it."
They happen sporadically but about 10-20 errors each time it happens.There aren't any other PCs on my network.
Additionally I'm no longer able to run the chkdsk command. "Cannot lock the current drive. Chkdsk cannot run because the volume is in use by another process."
Any ideas? Thank you.
There is a particular instance of dllhost.exe that appears on my PC at random, usually after being logged in for a while. I know that I'm not starting any programs when this thing appears, it has a mind of it's own.
Attached is a screenshot showing some properties of the process while it's running. This thing worries me for a couple of reasons:
- It keeps me from shutting down. If it's running and I press 'Shut down' nothing will happen for over 5 minutes. My PC acts like it's not turning off at all. After I've done this I'm unable to run ANYTHING as administrator as it just creates a bunch of frozen Consent.exe processes. Then about 5-8 minutes later my computer will abruptly turn off but not before I see a brief error message: "Too many other files are currently in use by 16-bit programs." There's more to the error but it disappears too quickly.
- The strange user SIDs that don't appear on other processes. They're the ones starting with S-1-5-32 on the screenshot. They don't appear in the wmic useraccount command either.
- The -localserver XXXXXX-XXXX-XXXetc flag that shows up in only a few new results on google, with no information.
- The random appearance.
"The Computer Browser service depends on the Workstation service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it."
They happen sporadically but about 10-20 errors each time it happens.There aren't any other PCs on my network.
Additionally I'm no longer able to run the chkdsk command. "Cannot lock the current drive. Chkdsk cannot run because the volume is in use by another process."
Any ideas? Thank you.