Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.3.9600.16384 (winblue_rtm.130821-1623) 4.76%
6.3.9600.16384 (winblue_rtm.130821-1623) 0.11%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.30%
6.3.9431.0 (winmain_bluemp.130615-1214) 0.03%
6.2.9200.16384 (win8_rtm.120725-1247) 2.67%
6.2.9200.16384 (win8_rtm.120725-1247) 12.52%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.05%
6.2.8400.0 (winmain_win8rc.120518-1423) 0.05%
6.2.8250.0 (winmain_win8beta.120217-1520) 0.03%
6.2.8102.0 (winmain_win8m3.110823-1455) 0.05%
6.1.7600.16385 (win7_rtm.090713-1255) 18.39%
6.1.7600.16385 (win7_rtm.090713-1255) 32.98%
6.1.7600.16385 (win7_rtm.090713-1255) 0.03%
6.1.7600.16384 (win7_rtm.090710-1945) 0.03%
6.0.6000.16386 (vista_rtm.061101-2205) 5.71%
6.0.6000.16386 (vista_rtm.061101-2205) 0.84%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.03%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.05%
5.1.2600.5512 (xpsp.080413-2108) 14.12%
5.1.2600.5512 (xpsp.080413-2108) 0.95%
5.1.2600.5512 (xpsp.080413-2108) 0.68%
5.1.2600.5512 (xpsp.080413-2108) 0.08%
5.1.2600.5512 (xpsp.080413-2108) 0.65%
5.1.2600.5512 (xpsp.080413-2108) 0.03%
5.1.2600.5512 (xpsp.080413-2108) 0.03%
View more

Relationships

Parent process
Related files

dllhost.exe

COM Surrogate by Microsoft Corporation (Signed)

Remove dllhost.exe
Version:   6.3.9431.0 (winmain_bluemp.130615-1214)
MD5:   cf48adb5e601310a577f0d1badd28acb
SHA1:   d7370ccfcfe2c28421ad4cce7972e99a3b9d0a74
SHA256:   2b2ffdb1b6e30a13a924072a12d36c265be5eff567e134741ba892d54a9c9964
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is dllhost.exe?

The COM Surrogate is a fancy name for Sacrificial process for a COM object that is run outside of the process that requested it. Explorer uses the COM Surrogate when extracting thumbnails, for example. If you go to a folder with thumbnails enabled, Explorer will fire off a COM Surrogate and use it to compute the thumbnails for the documents in the folder. It does this because Explorer has learned not to trust thumbnail extractors; they have a poor track record for stability.

Overview

dllhost.exe runs as a service under the name Aplikacja systemowa modelu COM+ (COMSysApp) with extensive SYSTEM privileges (full administrator access) within the context of the Service Host (SvcHost). The file is digitally signed by Microsoft Corporation. and is compiled as a 32 bit program.

DetailsDetails

File name:dllhost.exe
Publisher:Microsoft Corporation
Product name:COM Surrogate
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\dllhost.exe
File version:6.3.9431.0 (winmain_bluemp.130615-1214)
Product version:6.3.9431.0
Size:17.26 KB (17,672 bytes)
Build date:6/15/2013 3:07 PM
Certificate
Issued to:Microsoft Corporation
Authority (CA):Microsoft Corporation
Expiration date:Tuesday, July 9, 2013
Digital DNA
PE subsystem:Windows GUI
Entropy:4.980855
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Services
Runs under 'SYSTEM\CurrentControlSet\Services' by the Service Controller (services.exe)
  • 'COMSysApp' (Aplikacja systemowa modelu COM+)
  • 'PrlVssProvider'
  • Symantec SymSnap VSS Provider
  • 'COMSysApp'

ResourcesResource utilization

(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
 
CPU
Total CPU:0.00000285%
0.028634%
Kernel CPU:0.00000046%
0.013761%
User CPU:0.00000239%
0.014873%
Kernel CPU time:16 ms/min
100,923,805ms/min
CPU cycles:1,022/sec
17,470,203/sec
Memory
Private memory:1.11 MB
21.59 MB
Private (maximum):2.41 MB
Private (minimum):2.36 MB
Non-paged memory:1.11 MB
21.59 MB
Virtual memory:40.47 MB
140.96 MB
Virtual memory (peak):41.69 MB
169.69 MB
Working set:2.39 MB
18.61 MB
Working set (peak):4.98 MB
37.95 MB
Page faults:2,515/min
2,039/min
I/O
I/O other transfer:0 Bytes/sec
448.09 KB/min
I/O other operations:1/sec
1,671/min
Resource allocations
Threads:3
12
Handles:118
600

BehaviorsProcess properties

Integrety level:System
Platform:32-bit
Command line:C:\Windows\System32\dllhost.exe /processiC:{30d49246-d217-465f-b00b-ac9ddd652eb7}
Owner:SYSTEM
Windows Service
Service name:COMSysApp
Display name:Aplikacja systemowa modelu COM+
Description:“Administra la configuración y el seguimiento de los componentes del Modelo de objetos componentes (COM+). Si se detiene el servicio, la mayoría de los componentes COM+ no funcionarán correctamente. Si se deshabilita este servicio, no se podrá iniciar ningún servicio que dependa específicamente de él.”
Type:Win32OwnProcess
Parent process:svchost.exe (Host Process for Windows Services by Microsoft Corporation)

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Windows 7 Home Premium 34.00%
Windows 8.1 19.00%
Windows 8.1 Pro 10.00%
Windows 7 Ultimate 9.50%
Windows 8.1 Single Language 7.00%
Windows 7 Professional 5.00%
Windows 8 Single Language 3.50%
Windows 8 3.00%
Windows 8 Pro 3.00%
Windows 8.1 Pro with Media Center 2.00%
Windows Seven Black Edition 1.00%
Windows Vista Home Premium 1.00%
Windows 8.1 N 0.50%
Windows 8 Enterprise N 0.50%
Windows 7 Home Basic 0.50%
Windows 8.1 Enterprise Evaluation 0.50%

Distribution by countryDistribution by country

United States installs about 50.51% of COM Surrogate.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 23.17%
Hewlett-Packard 17.37%
ASUS 13.90%
Acer 11.20%
Toshiba 10.04%
Lenovo 10.04%
Sony 7.72%
Alienware 2.70%
Intel 1.54%
Samsung 1.16%
GIGABYTE 1.16%
Back to top
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE