Computer Repair Knowledge Base: Recently encountered a Poweliks Virus Removal issue; symptoms included many dllhost.exe Com Surrogate processes in task manager, and, when booting, a Powershell has Stopped Working error message.
Poweliks Virus – About
This hidden virus on computer resides, not in the Windows file system, no, it’s a Windows registry virus, so it conceals itself completely in the registry. Actually, it’s not a virus per-say, it’s actually a trojan horse virus, which is especially dangerous because it can give a hacker remote access to your computer. Because it is not a file, regular full file based antivirus protection or active virus scan do not yet find this particular variant. Ironically, Norton 360 was running on this system. Also, in the virus removal tools listed below, neither Norton, nor the Norton power eraser are listed. I’ve tested these antivirus ineffective against this.
On to the symptoms, what might indicate you have this?
Poweliks Virus Symptoms: dllhost.exe Com Surrogate & Powershell has Stopped Working
In addition, the Windows 7 computer running extremely slow and low on memory, and the user experienced frequent Internet Explorer freezes where there would just be an internet explorer white screen for minutes then everything would load normally. Finally, found the windows temp directory full of thousands of temp files. Interestingly enough, some folders in the Windows temp directory had a Windows temp directory structure like appdata local folder or appdata roaming folder. Unsure if this last is part of the poweliks virus or just normal behavior for the installed software, but it was unusual and I haden’t noticed it before. When I attempted to clean temp files Windows 7, ccleaner stuck on temporary internet files.
Poweliks Virus Removal when dllhost.exe Com Surrogate & Powershell has Stopped Working
For my Computer Repair Knowledgebase, here are the steps that successfully cleaned this system:
- Process Explorer (to kill dllhost.exe Com Surrogate processes)
- ComboFIX (to begin cleanup of registry)
- RogueKiller (to complete registry cleanup)
- Tweaking.com AIO Windows Repair (to fix permissions, registry issues post-removal, etc.)
Computer Repair – Summary
Granted, the above procedure is a high level explanation of how complex virus removal tools were used to remove poweliks malware. If you suspect a virus or spyware infection, I recommend contacting a computer repair professional.
If you want help removing the Poweliks Virus Removal issue; symptoms included many dllhost.exe Com Surrogate processes in task manager, and, when booting, a Powershell has Stopped Working error message, please contact Jonathan Warner Computer Repair.
to schedule a service call today!