?
Solved

Searching for suggestions - POWELIKS: Malware Hides In Windows Registry keeps coming back

Posted on 2014-11-05
1
Medium Priority
?
465 Views
Last Modified: 2014-11-08
Removed using all malware and virus tools for win7 but no luck.  I have a couple of friends that are saying they have done everything they know of but when they open task manager they see multiple com surrogate files.

Thanks
0
Comment
Question by:cesemj
1 Comment
 
LVL 32

Accepted Solution

by:
Predrag Jovic earned 2000 total points
ID: 40425689
According to some reports RogueKiller and Norton Power eraser can clean this one
Download the RogueKiller executable, run it once. You won’t be able to fix anything but it needs to register itself. Then, reboot in safe mode, run the executable again. After the pre-scan is done, hit scan and wait. Get Task Manager running. After the scan is done, check the boxes for everything that is red or orange under the registry tab. After you’ve check the boxes, marking the items for deletion, use task manager to “end process” on every instance of dllhost.exe and then QUICKLY hit “DELETE” on RogueKiller (dllhost.exe processes will start running again if you wait too long, and you want to hit “DELETE” while none of them are running). Re-boot. You’re done and everything is back to normal.
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
Spectre and Meltdown, how it affects me and my clients?
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Get the source code for a fully functional Access application shell with several popular security features that Access VBA application developers desire, but find difficult or impossible to figure out how to code. You get the source code for managi…

592 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question