IE7, shortcuts and property sheets

I was ask to post this here from the Vista forum. Here is the problem and the link from there.

IE7, shortcuts and property sheets
When closing IE7 then
clicking on any other shortcut on the desktop it brings up that shortcuts
property sheet instead of opening that application. You can right click,
choose open and that will work but not the way I want to do it.

If after closing IE7 you bring up the taskmanager windows you can see two
instances of dllhost.exe running. As soon as those close ( by themselves
) the shortcuts again work as expected. I am not saying that the
dllhost.exe is what it causing this but it sure seems strange that the
shortcuts work again after they close.

Anyone seen anything like this or know of a fix?

http://www.windowsbbs.com/showthread.php?t=65591

---

Here is the HiJack this log file. Does anyone see anything that might cause this?

Logfile of HijackThis v1.99.1
Scan saved at 6:35:54 PM, on 6/25/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
G:\VistaFirewallControl\VistaFirewallControl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
E:\WordWebPro\wweb32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskeng.exe
F:\Pmail\winpm-32.exe
F:\Firefox\firefox.exe
D:\1Utility\FileUtilities\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///D:/1GooSech.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = I:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Tina & SQD
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O1 - Hosts: 216.127.72.86 misst.us
O1 - Hosts: 72.29.75.55 sqd.us
O1 - Hosts: 72.29.75.55 mail.joey.sqd.us
O1 - Hosts: 72.29.75.55 mail.beatles.sqd.us
O1 - Hosts: 216.136.173.10 pop.mail.yahoo.com
O1 - Hosts: 68.142.198.12 pop.att.yahoo.com
O1 - Hosts: 68.142.198.11 smtp.att.yahoo.com
O1 - Hosts: 151.155.5.201 mail.myrealbox.com
O1 - Hosts: 151.155.5.204 smtp.myrealbox.com
O1 - Hosts: 216.127.72.86 posseinternet.us
O1 - Hosts: 74.52.230.51 listateer.us
O1 - Hosts: 216.127.72.86 ashlists.org
O1 - Hosts: ftp.cuteftp.com 64.243.64.21
O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - F:\IE_AddOns\IE7Pro\IE7Pro.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\JavaVista\bin\ssv.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Windows Defender] -%ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe "
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "-C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /source=HKLM
O4 - HKLM\..\Run: [TrueImageMonitor.exe] -G:\TrueImage\TrueImageMonitor.exe
O4 - HKLM\..\Run: [TrojanScanner] -D:\1Utility\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [SoundMan] -SOUNDMAN.EXE
O4 - HKLM\..\Run: [VistaFirewallControl] G:\VistaFirewallControl\VistaFirewallControl.exe
O4 - HKLM\..\Run: [HP Software Update] -D:\HPVista\5610\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] -C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] -C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: WordWeb Pro.lnk = E:\WordWebPro\wweb32.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Open Link Target in Firefox - file://F:\Firefox\Profiles\sqd\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: View in &Firefox - F:\View in Firefox for IE\View in Firefox.htm
O8 - Extra context menu item: View This Page in Firefox - file://F:\Firefox\Profiles\sqd\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - F:\IE_AddOns\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - F:\IE_AddOns\IE7Pro\IE7Pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\JavaVista\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\JavaVista\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - G:\AVG\avgupsvc.exe
O23 - Service: Windows Media Center Service Launcher (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: VistaFirewallService - Sphinx Software - G:\VistaFirewallControl\VistaFirewallService.exe

 

Hi Dennis

Can't say that I've seen that behavior before, but I'll certainly try to help. Did you create a custom IE start page?

file:///D:/1GooSech.html

I see nothing to indicate it, but are you using any apps that would cause IIS to run? Create and post another log while using IE and any other apps you normally would be using, please.

 

I have not see this either. Yes Idid create a custom page but I have always had that.

I do not think I have any apps that would cause that to run. BTW...running Goodsync will also cause this behavior.

Here is the new HiJack Log.

---
Logfile of HijackThis v1.99.1
Scan saved at 8:47:24 PM, on 6/28/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
G:\VistaFirewallControl\VistaFirewallControl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
E:\WordWebPro\wweb32.exe
C:\Windows\system32\taskeng.exe
F:\Pmail\winpm-32.exe
D:\Hijackthis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEUser.exe
D:\Good Sync\GoodSync.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///D:/1GooSech.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = I:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Tina & SQD
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O1 - Hosts: 216.127.72.86 misst.us
O1 - Hosts: 72.29.75.55 sqd.us
O1 - Hosts: 72.29.75.55 mail.joey.sqd.us
O1 - Hosts: 72.29.75.55 mail.beatles.sqd.us
O1 - Hosts: 216.136.173.10 pop.mail.yahoo.com
O1 - Hosts: 68.142.198.12 pop.att.yahoo.com
O1 - Hosts: 68.142.198.11 smtp.att.yahoo.com
O1 - Hosts: 151.155.5.201 mail.myrealbox.com
O1 - Hosts: 151.155.5.204 smtp.myrealbox.com
O1 - Hosts: 216.127.72.86 posseinternet.us
O1 - Hosts: 74.52.230.51 listateer.us
O1 - Hosts: 216.127.72.86 ashlists.org
O1 - Hosts: ftp.cuteftp.com 64.243.64.21
O2 - BHO: IE7pro - {00011268-E188-40DF-A514-835FCD78B1BF} - F:\IE_AddOns\IE7Pro\IE7Pro.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\JavaVista\bin\ssv.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Windows Defender] -%ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe "
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "-C:\Windows\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /source=HKLM
O4 - HKLM\..\Run: [TrueImageMonitor.exe] -G:\TrueImage\TrueImageMonitor.exe
O4 - HKLM\..\Run: [TrojanScanner] -D:\1Utility\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [SoundMan] -SOUNDMAN.EXE
O4 - HKLM\..\Run: [VistaFirewallControl] G:\VistaFirewallControl\VistaFirewallControl.exe
O4 - HKLM\..\Run: [HP Software Update] -D:\HPVista\5610\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] -C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] -C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: WordWeb Pro.lnk = E:\WordWebPro\wweb32.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Open Link Target in Firefox - file://F:\Firefox\Profiles\sqd\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewlink.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: View in &Firefox - F:\View in Firefox for IE\View in Firefox.htm
O8 - Extra context menu item: View This Page in Firefox - file://F:\Firefox\Profiles\sqd\extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975}\firefoxviewpage.html
O9 - Extra button: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - F:\IE_AddOns\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - F:\IE_AddOns\IE7Pro\IE7Pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\JavaVista\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\JavaVista\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - G:\AVG\avgupsvc.exe
O23 - Service: Windows Media Center Service Launcher (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: VistaFirewallService - Sphinx Software - G:\VistaFirewallControl\VistaFirewallService.exe

 

Is that file your custom page? If not, I'd suggest you upload and scan it with jotti if the file exists. If you don't mind, I'd like you to zip a copy and shoot it to me here as well. Put WindowsBBS in the subject line.

When you run Goodsync, does it also invoke 2 instances of dllhost.exe, or does it just create the odd behavior?

 

Yes it is.

It is on the way.

No it does not. Taskmanager does. I am not sure what else does.

I am not at all sure dllhost has anything to do with this. I am leaning more to a Microsoft update.

 

Am I interpreting that correctly? Task Manager invokes two dllhost.exe processes??

Lets take a look using Process Explorer

When you first open it, it will list all processes, showing which ones are loaded as sub-routines of other processes. If you were to click File>Save As at this point, you can save that info to a text file. Using Process Explorer, see what loads dllhost.exe and save the log, then post it please.

Is there a particular reason for that thinking?

 

Yes.

I already had this installed.

This is when I start Taskmanager.
Process PID CPU Description Company Name
System Idle Process 0
Interrupts n/a Hardware Interrupts
DPCs n/a Deferred Procedure Calls
System 4
smss.exe 592 Windows Session Manager Microsoft Corporation
csrss.exe 688 Client Server Runtime Process Microsoft Corporation
csrss.exe 764 Client Server Runtime Process Microsoft Corporation
wininit.exe 776 Windows Start-Up Application Microsoft Corporation
services.exe 848 Services and Controller app Microsoft Corporation
svchost.exe 1028 Host Process for Windows Services Microsoft Corporation
dllhost.exe 4892 COM Surrogate Microsoft Corporation
dllhost.exe 5572 COM Surrogate Microsoft Corporation
svchost.exe 1088 Host Process for Windows Services Microsoft Corporation
svchost.exe 1116 Host Process for Windows Services Microsoft Corporation
svchost.exe 1248 Host Process for Windows Services Microsoft Corporation
audiodg.exe 1364 Windows Audio Device Graph Isolation Microsoft Corporation
svchost.exe 1272 Host Process for Windows Services Microsoft Corporation
WUDFHost.exe 2372 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation
dwm.exe 2908 1.49 Desktop Window Manager Microsoft Corporation
svchost.exe 1288 Host Process for Windows Services Microsoft Corporation
taskeng.exe 2504 Task Scheduler Engine Microsoft Corporation
taskeng.exe 2840 Task Scheduler Engine Microsoft Corporation
taskeng.exe 2656 Task Scheduler Engine Microsoft Corporation
SLsvc.exe 1404 Microsoft Software Licensing Service Microsoft Corporation
svchost.exe 1440 Host Process for Windows Services Microsoft Corporation
svchost.exe 1584 Host Process for Windows Services Microsoft Corporation
spoolsv.exe 1796 Spooler SubSystem App Microsoft Corporation
svchost.exe 1820 Host Process for Windows Services Microsoft Corporation
svchost.exe 972 Host Process for Windows Services Microsoft Corporation
svchost.exe 1732 Host Process for Windows Services Microsoft Corporation
svchost.exe 644 Host Process for Windows Services Microsoft Corporation
svchost.exe 1632 Host Process for Windows Services Microsoft Corporation
svchost.exe 2224 Host Process for Windows Services Microsoft Corporation
SearchIndexer.exe 3572 Microsoft Windows Search Indexer Microsoft Corporation
SearchProtocolHost.exe 5984 Microsoft Windows Search Protocol Host Microsoft Corporation
SearchFilterHost.exe 6028 Microsoft Windows Search Filter Host Microsoft Corporation
VistaFirewallService.exe 3988 1.49 Vista Firewall Control Sphinx Software
lsass.exe 864 1.49 Local Security Authority Process Microsoft Corporation
lsm.exe 872 Local Session Manager Service Microsoft Corporation
winlogon.exe 820 Windows Logon Application Microsoft Corporation
explorer.exe 2960 Windows Explorer Microsoft Corporation
ipoint.exe 3596 IPoint.exe Microsoft Corporation
VistaFirewallControl.exe 3608 Vista Firewall Control Sphinx Software
sidebar.exe 3648 2.99 Windows Sidebar Microsoft Corporation
wweb32.exe 3656 WordWeb thesaurus/dictionary Antony Lewis
winpm-32.exe 1500 80.60 Pegasus Mail for Windows David Harris
procexp.exe 4748 7.46 Sysinternals Process Explorer Sysinternals
firefox.exe 3100 Firefox Mozilla Corporation
taskmgr.exe 3480 4.48 Windows Task Manager Microsoft Corporation

-------
This is when I start Process Explorer. Note the two instances of dllhost are started then as well. It either case they are only loaded for about 5 to 10 seconds.

Process PID CPU Description Company Name
System Idle Process 0
Interrupts n/a Hardware Interrupts
DPCs n/a 2.90 Deferred Procedure Calls
System 4
smss.exe 592 Windows Session Manager Microsoft Corporation
csrss.exe 688 Client Server Runtime Process Microsoft Corporation
csrss.exe 764 Client Server Runtime Process Microsoft Corporation
wininit.exe 776 Windows Start-Up Application Microsoft Corporation
services.exe 848 1.45 Services and Controller app Microsoft Corporation
svchost.exe 1028 Host Process for Windows Services Microsoft Corporation
dllhost.exe 5080 COM Surrogate Microsoft Corporation
dllhost.exe 5672 COM Surrogate Microsoft Corporation
svchost.exe 1088 Host Process for Windows Services Microsoft Corporation
svchost.exe 1116 5.80 Host Process for Windows Services Microsoft Corporation
svchost.exe 1248 Host Process for Windows Services Microsoft Corporation
audiodg.exe 1364 Windows Audio Device Graph Isolation Microsoft Corporation
svchost.exe 1272 Host Process for Windows Services Microsoft Corporation
WUDFHost.exe 2372 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation
dwm.exe 2908 Desktop Window Manager Microsoft Corporation
svchost.exe 1288 Host Process for Windows Services Microsoft Corporation
taskeng.exe 2504 Task Scheduler Engine Microsoft Corporation
taskeng.exe 2840 Task Scheduler Engine Microsoft Corporation
taskeng.exe 2656 Task Scheduler Engine Microsoft Corporation
SLsvc.exe 1404 Microsoft Software Licensing Service Microsoft Corporation
svchost.exe 1440 Host Process for Windows Services Microsoft Corporation
svchost.exe 1584 Host Process for Windows Services Microsoft Corporation
spoolsv.exe 1796 Spooler SubSystem App Microsoft Corporation
svchost.exe 1820 Host Process for Windows Services Microsoft Corporation
svchost.exe 972 Host Process for Windows Services Microsoft Corporation
svchost.exe 1732 Host Process for Windows Services Microsoft Corporation
svchost.exe 644 Host Process for Windows Services Microsoft Corporation
svchost.exe 1632 Host Process for Windows Services Microsoft Corporation
svchost.exe 2224 Host Process for Windows Services Microsoft Corporation
SearchIndexer.exe 3572 Microsoft Windows Search Indexer Microsoft Corporation
VistaFirewallService.exe 3988 Vista Firewall Control Sphinx Software
lsass.exe 864 Local Security Authority Process Microsoft Corporation
lsm.exe 872 Local Session Manager Service Microsoft Corporation
winlogon.exe 820 Windows Logon Application Microsoft Corporation
explorer.exe 2960 Windows Explorer Microsoft Corporation
ipoint.exe 3596 IPoint.exe Microsoft Corporation
VistaFirewallControl.exe 3608 1.45 Vista Firewall Control Sphinx Software
sidebar.exe 3648 2.90 Windows Sidebar Microsoft Corporation
wweb32.exe 3656 WordWeb thesaurus/dictionary Antony Lewis
winpm-32.exe 1500 79.71 Pegasus Mail for Windows David Harris
NotePro.exe 5792 NoteTab Pro Fookes Software
procexp.exe 4748 5.80 Sysinternals Process Explorer Sysinternals
firefox.exe 3100 Firefox Mozilla Corporation

------

Not really other than I do not remember this happening untill after an update.