Solved

Flashing icons, Windows Explorer stopping, dllhost.exe *32 high cpu usage

Posted on 2014-04-14
8
839 Views
Last Modified: 2014-04-23
Windows 7 Home Premium
Trend Micro Titanium AV

Most noticeable symptom is that the desktop icons & task bar started flashing on and off every 5 seconds or so.  You can run other programs when that starts but you cannot run any Windows items like control panel, file explorer etc.  You can run Outlook, Chrome and others.  

It does not happen in safe mode.  It does not happen for about 10 minutes after the computer boots.  Did determine that it does happen right after "Windows Explorer has stopped working" message.  Also noticed that dllhost.exe *32 process goes really high when this is happening too -- 100,000+.  

Ran sfc /scannow.  Still happens.
0
Comment
Question by:ComputerMunkey
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 25

Accepted Solution

by:
Tony Giangreco earned 500 total points
ID: 40000735
It sounds like your Pc is infected.

Here is a comprehensive list of items I would check based on your situation.

Hope it helps!

1. Install Process Explorer to find out what runs at startup
http://technet.microsoft.com/en-us/sysinternals/bb896653

2. If you haven't also ready checked for Viruses, update your virus definitions and run a Full Scan, deleting all virus and spyware detected

3. Download and run these free anti spyware apps
AdwCleaner
http://www.bleepingcomputer.com/download/adwcleaner/

Kaspersky TDSSKiller
http://www.bleepingcomputer.com/download/tdsskiller/

ESET online scanner
http://www.eset.com/us/online-scanner/

Malwarebytes Anti-Rootkit
http://www.bleepingcomputer.com/download/malwarebytes-anti-rootkit/

www.malwarebytes.org
www.superantispyware.com
www.hitmanpro.com

4. If you don’t have any Anti Virus installed, here are a few free ones to try:
http://www.avg.com
http://www.avast.com/en-us/index
http://windows.microsoft.com/en-us/windows/security-essentials-download
http://www.bitdefender.com/solutions/free.html

If you are using Google Chrome and have the Conduit Search End and want to get red of it, here is how to do it.

1. Run this process to cleanup hidden adware
http://www.wikihow.com/Get-Rid-of-Conduit-Search-on-Google-Chrome

2. Make sure is completely removed
http://malwaretips.com/blogs/remove-conduit-search-virus/

Check System Logs:
Go to All programs, Administrative Tools, Event Viewer. Check the System and Application sections for errors that may be causing your problems.

Check for corrupt system files:
Open an elevated command prompt and run this to check for corrupted system files.
sfc /scannow

Run a Disk Cleanup
Start, All Programs, Accessories, System Tools, Disk Cleanup.
Include Temporary Internet Files and Temp files

Check for Disk Errors
Run Error Checking: Start, Computer, right click  on C:\, Tools, Error Checking.
Select "Automatically fix file system errors" and click start

Check for all programs that start at Boot using Msconfig
Start, Run, type MSCONFIG, on the startup tab, review the programs listed. Uncheck anything that should not run on startup
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 40000736
If your system is so badly infected that none of those solutions work, then I suggest backing up your data and performing a clean Windows install.
0
 
LVL 14

Expert Comment

by:Rob Miners
ID: 40000848
Also try another Keyboard.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 40001317
Have you made any progress?
0
 
LVL 3

Author Comment

by:ComputerMunkey
ID: 40001460
It isn't my computer it is a customer's and I won't be working on it until later this afternoon.  Just wanted to see feedback on these particular symptoms because I did consider malware, but I see a lot of those and this just didn't quite seem like it.  dllhost.exe is in the correct location - syswow64.  

Thank you for the responses.
0
 
LVL 14

Expert Comment

by:Rob Miners
ID: 40016370
Have you made any further progress?
0
 
LVL 3

Author Closing Comment

by:ComputerMunkey
ID: 40016403
It did, in fact end up being malware.  Answer included much of my typical malware removal steps, but it didn't feel like malware to me at first, so this helped me go in the right direction.
0
 
LVL 14

Expert Comment

by:Rob Miners
ID: 40016411
Thanks for the feed back and good to see that you're up and running. :)
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A Bare Metal Image backup allows for the restore of an entire system to a similar or dissimilar hardware. They are highly useful for migrations and disaster recovery. Bare Metal Image backups support Full and Incremental backups. Differential backup…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question