Strange process dllhostex.exe
Discovered recently that on my comp, you start the process dllhostex.exe and ship percent to 50%. As soon as you launch the task Manager, it disappears from processes. Is in the folder WindowsSystem32. On the Internet write that it is a virus, but garbage that's what the creation date is the same as most other files in this folder, 2009-th year, when I installed Windows. That's interesting to me, he was there from the beginning? I had not seen him, and I closely followed the processes in the era of mobile Internet, and 2.5 per MB of traffic and killed everything that climbs demand the Internet or rummaged on the screw. If it's a virus, why was he silent and gave yourself 10 years? Or he can change the date of its creation? As far as I know (but I could be wrong), the creation date stored in the table files and the access is only Windows? How is this even possible?antonrogov
Anything can happen.
My advice - bekapy (archives) documents from the Disk and give a new life to my computer with a new system (OS). Need 7 on, put it on the air. System, even if to watch them carefully, still with the years come to the state of old age (if used).
Here you to think.
Spoiler
antonrogov
Throw it on a flash drive or to the cloud or anywhere important data and reinstall the system completely, fully formativas all drives.
Downloaded Dr.Web CureIt, it found this virus file and one dll-ke. Cut them.
BUT!
I searched in the net about this dllhostex.exe in the first link I learned that with him in the kit there is a folder WindowsNetworkDistribution and it viral svchost.exe. And I have this folder there! Already 2017 year! There are two executable svchost.exe and spoolsv.exe. For some reason Dr.Web CureIt did not find. I scanned them on VirusTotal and they write terrible words EternalBlue and DoublePulsar.
In the same link mentioned folder WindowsSoftwareDistribution, but that it look I don't know, moreover, that even Dr. Web CureIt found nothing there. There are too many things, most do not understand.
In General, downloaded Malwarebytes Chameleon, he too found nothing but garbage from Mail.ru and ASK. It turned out he was looking for in the folder windose and had additional properties to specify the entire folder. Then it found 49 infected files, all in the folder WindowsNetworkDistribution. It turns out that I'm still in 2017 have closed port 445 against this vulnerability, but the files are somehow not removed. Maybe just do not know about them. Yet after two reboots there is nothing superfluous in the processes no.
PS. Reinstallation of Windows is in my opinion too radical method. And long, given the fact that all of it will be necessary to re-configure and the program to install.
However, the fact that fresh virus climbed in the comp, despite the closed port, I was wary.
antonrogov
Viruses come in for many reasons, the 100% is to download any slag from the Internet, opening a website where the virus, or there drives with viruses stick someone else's, and do a fresh Windows my computer will not prevent, 1 hour, 3 hours will spend, and possibly longer, no problem, a flash drive is always with fresh wood and prog, go a little moonlighting, installing people Windows and nothing to spend 1 hour or 3 hours, depending on the computer or the laptop, and install an antivirus you will not find all viruses in the system, it's garbage.
antonrogov
It feels like you picked up WannaCry, because EternalBlue and DoublePulsar are Backdoor viruses that allow you to access your computer, and they all seem to belong to WannaCry, with such a lapse of circumstances, I advise you to roll a new Windows on your computer, because 49 viruses are brute force
in the Windows NetworkDistribution folder
As I understand it, this folder is created by the virus itself, maybe there will be a bunch of files from it.
But Windows SoftwareDistribution needs to be touched carefully.
Well, here again this vir somehow got through and again created its folders. Only a year has passed.
careenwinner
And the religion does not allow to install an antivirus? Or does the mother not give money?