Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Unusual process + odd symptoms.
Message
<blockquote data-quote="zuki" data-source="post: 666137" data-attributes="member: 65544"><p>Hey there. I'm new to the forum and would love some help identifying some issues with my PC that could be malicious. </p><p></p><p>There is a particular instance of dllhost.exe that appears on my PC at random, usually after being logged in for a while. I know that I'm not starting any programs when this thing appears, it has a mind of it's own. </p><p></p><p>Attached is a screenshot showing some properties of the process while it's running. This thing worries me for a couple of reasons:</p><ul> <li data-xf-list-type="ul">It keeps me from shutting down. If it's running and I press 'Shut down' nothing will happen for over 5 minutes. My PC acts like it's not turning off at all. After I've done this I'm unable to run ANYTHING as administrator as it just creates a bunch of frozen Consent.exe processes. Then about 5-8 minutes later my computer will abruptly turn off but not before I see a brief error message: <em>"Too many other files are currently in use by 16-bit programs."</em> There's more to the error but it disappears too quickly. <br /> </li> <li data-xf-list-type="ul">The strange user SIDs that don't appear on other processes. They're the ones starting with S-1-5-32 on the screenshot. They don't appear in the wmic useraccount command either.<br /> </li> <li data-xf-list-type="ul">The -localserver XXXXXX-XXXX-XXXetc flag that shows up in only a few new results on google, with no information.</li> <li data-xf-list-type="ul">The random appearance.</li> </ul><p>I have hundreds of Event ID 7001 error messages per day with: </p><p><em>"The Computer Browser service depends on the Workstation service which failed to start because of the following error: </em></p><p><em>The service cannot be started, either because it is disabled or because it has no enabled devices associated with it."</em></p><p>They happen sporadically but about 10-20 errors each time it happens.There aren't any other PCs on my network. </p><p></p><p>Additionally I'm no longer able to run the chkdsk command. "Cannot lock the current drive. Chkdsk cannot run because the volume is in use by another process." </p><p></p><p>Any ideas? Thank you.</p></blockquote><p></p>
[QUOTE="zuki, post: 666137, member: 65544"] Hey there. I'm new to the forum and would love some help identifying some issues with my PC that could be malicious. There is a particular instance of dllhost.exe that appears on my PC at random, usually after being logged in for a while. I know that I'm not starting any programs when this thing appears, it has a mind of it's own. Attached is a screenshot showing some properties of the process while it's running. This thing worries me for a couple of reasons: [LIST] [*]It keeps me from shutting down. If it's running and I press 'Shut down' nothing will happen for over 5 minutes. My PC acts like it's not turning off at all. After I've done this I'm unable to run ANYTHING as administrator as it just creates a bunch of frozen Consent.exe processes. Then about 5-8 minutes later my computer will abruptly turn off but not before I see a brief error message: [I]"Too many other files are currently in use by 16-bit programs."[/I] There's more to the error but it disappears too quickly. [*]The strange user SIDs that don't appear on other processes. They're the ones starting with S-1-5-32 on the screenshot. They don't appear in the wmic useraccount command either. [*]The -localserver XXXXXX-XXXX-XXXetc flag that shows up in only a few new results on google, with no information. [*]The random appearance. [/LIST] I have hundreds of Event ID 7001 error messages per day with: [I]"The Computer Browser service depends on the Workstation service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it."[/I] They happen sporadically but about 10-20 errors each time it happens.There aren't any other PCs on my network. Additionally I'm no longer able to run the chkdsk command. "Cannot lock the current drive. Chkdsk cannot run because the volume is in use by another process." Any ideas? Thank you. [/QUOTE]
Insert quotes…
Verification
Post reply
Top