please help

pc very slow to unusable , ran several virus protections and found nothing
ran 2 registry programs and also found no problems

problem is in task manager I notice dllhost.exe com surrogate is running at least 20 times
some 300k or more , if I delete them then one by one they just start appearing again

happens after rebooting even in safe mode , whether running IE or trying to play a game
tried updating several programs as suggested and deleted DIVX as also suggested

windows vista / quad core cpu
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Thomas Zucker-ScharffSolution GuideCommented:
What did you run? Can you post the logs?
red102062Author Commented:
dearest kyder , yes I forgive you and thanks for the auto tips , just checked oil as you suggested ( oil level fine ) but that didn't help my pc :-)

windows vista
pc started running very slow and will lock up completely during any process
internet explorer , email , facebook , games etc.
tried rebooting , removed some startup programs
deleted DIVX that was suggested by another site
updated GOM player that was suggested by another site
checked to make sure dllhost was located in fat32 file only , again suggested by another
tried running in safe-mode , ran Avast , Spybot and IO bits malware
also ran tweakreg and cc cleaner for registry check , have learned dllhost is related to viewing thumbnails etc , so unchecked thumbnail view, later turned on again

process tree will show about 20 dllhost.exe com surrogates running
up to400k and decreasing on down

thanks for any ones help , just standing here holding my dipstick
Download process explorer to find out  the faulty app thats slowing down your system

Run combofix

Create a new user account in control panel ..reboot ..login under the new user account and check.

Can be a corrupt user account.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Do You Have a Trusted Wireless Environment?

A Trusted Wireless Environment is a framework for building a complete Wi-Fi network that is fast, easy to manage, and secure.

did you disable startup programs yet?
 if not, it's a good first step, so : run msconfig
in the startup tab, click disable all
in the services tab, click "HideMS services" then click disable all
now reboot, and check if it helped; if it did, re-enable the programs/services in groups or 1 by 1 to find the cause
Assuming all of the above have been tried (those assume it is a normal application or bug), we can safely assume it's a virus.Please note that the more advanced viruses cannot be detected while you're in Windows (virus hooks in first, makes itself invisible to all bigger names antivirus programs).
Therefore, the only way to really scan your computer is using a boot cd/usb. Eset NOD32 is a good one, but if you don't have a subscription, there are also free versions like the AVG boot cd ( Boot from CD, scan, delete viruses, reboot.
Thomas Zucker-ScharffSolution GuideCommented:
If it is a root kit you may not detect when using boot device. Using an alternate boot device is not recommended since that also disables windows builtin protections.

Try running malwarebytes full scan after running roguekiller without rebooting in between.

I don't have access to the links maybe someone else can post for me.

EDIT: Rogue-Killer-What-a-great-name Stop-the-Bleeding-First-Aid-for-Malware
Thomas Zucker-ScharffSolution GuideCommented:
Thanks for adding the links. Also check out my article on rootkits:
@tzucker great way to confuse a user there. After I recommended using a boot CD, you come up with  the ingenious idea to scan it inside Windows, because otherwise you might "disable built-in protection systems" (whatever that means). And after that you post your own link with a tutorial recommending a boot CD?
Thomas Zucker-ScharffSolution GuideCommented:
The antirootkit s/w don't generally require an alternate boot device and you should probably read younghv's articles on best practices if you are unfamiliar with windows protections.

Please keep any other suggestions aimed at the OPs question. Just my opinion.
red102062Author Commented:
Ran combo-fix and my pc runs  better than ever
all problems are gone , combo-fix repaired what 3 other virus/malware detectors could not
Thanks very much ded9 you are a genius :-)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.