Multiple dllhost.exe/Com Surrogate processes running

Farbar Recovery Scan Tool and save it to your Desktop.


Note: Make sure you download the proper version ( 32 bit or 64 bit ) for your PC. Only one will run, the correct one. So it you make a mistake and download the wrong one, go back and get the other.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your next reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Okay it seems you have confused things because you ran Combofix on your own before posting here. You should never run ComboFix on your own. Thus your logs do not show signs of multiple dllhost.exe processes running. Nor does an active Poweliks infection show completely and it is what would cause this problem.

But I do see some issues to address so we will take care of them but before we can get started, the first issue that MUST be address is that you are running multiple antivirus programs! You have Eset's NOD and also Microsoft Antimalware aka Microsoft Security Essentials installed and running. You need to uninstall one of these right now and then reboot. Then rerun the scan with FRST I requested and attach new logs.

Then we will be able to continue on with other items I observed. Also
please answer this question, "Are you really still having issues with multiple dllhost.exe processes running?" It does not look like it.

 

Yes but you posted here on the basis of not having run ComboFix. Since you did, you had already changed the status of your PC. Thus the Title of your thread was actually no longer correct.

NOTE: This script was written specifically for this user for use on this particular computer. Running this on another machine may cause damage to your operating system.


Download this >> View attachment fixlist.txt

Save fixlist.txt on your Desktop. Make sure you save it as a txt file.

• You should now have both fixlist.txt and FRST64.exe on your Desktop.
• Now I want you to disconnect your PC connection to the internet by unplugging the cable ( if it is wireless then temporarily shutdown the wireless network ).
• Run FRST64.exe by right clicking on it and selecting Run As Adminstrator
• Click the Fix button just once and wait.
• Your computer should reboot after the fix runs.
• Reconnect your internet connection after reboot so you can come back here to continue.
• The tool will make a log on the Desktop (Fixlog.txt) please attach this new log to your next reply (attach or paste)

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• Fixlog.txt
• C:\MGlogs.zip

How are things working now?