Wednesday, January 14, 2015

Poweliks Removal Tools

  The nasty poweliks virus that places a number of dllhost.exe files running on your system, which then slows everything to a crawl is causing lots of problems to all users. There are some different poweliks virus removal tools that have come out. Symantec Poweliks Removal Tool, ESET Poweliks Removal Tool and Rogue Killer combined with Combofix seem to do the best job of getting rid of this nasty pc virus. The steps below are what I usually do to clean up the poweliks virus.
  1. Set your computer to boot into the safemode with networking. To do this Boot to the Safe Mode with Networking. Click start and then in the run window type "msconfig" now click msconfig and select the Boot Tab. Place a check in the safeboot and a dot in Network. Click apply and clock ok. Now you can restart the computer and it will always boot to the safe mode with networking. Remember to perform this at the end, uncheck safeboot, apply, ok and reboot the computer. Now the computer should boot normally.
  2. Download and save Rogue Killer 32bit and 64bit, Symantec Poweliks Removal Tool and ESET Poweliks Removal Tool to a Folder On A Flash Drive. Also save Combofix and Free Malwarebytes.
  3. Once the Computer is in the Safemode Run The Combofix Program. When finished it will give a log file. I save the log file to the Root Drive C: .
  4. Do Not Reboot The Computer again when combofix is done.
  5. Run the Rogue Killer and Select All Found and Delete. Do Not Reboot The Computer.
  6. Run Symantec Poweliks Removal Tool and ESET Poweliks Removal Tools. Save all Log Files.
  7. Run The Combofix program again and verify that Poweliks is no longer found.
  8. Reboot the Computer again stay in the Safe Mode with Networking.
  9. Install Free Malwarbytes, update and run a custom scan. Make sure check for rootkits is selected, check all drive except optical drives and run the scan. It can sometimes run 2 or 3 hours. Choose to delete all quarantined files found.
  10. Reboot the computer 4 or 5 times in a row, press CTRL, ALT and Del Keys at the same time. Check the Processes to make sure there are no more dllhost.exe files running. NOTE: I have seen a few occasions where a dllhost.exe is running and it is not from the virus. I right click and select file location to determine what program it may be associated with.
  11. I generally have not had the Poweliks Virus return.
  Now you can always perform a manual removal of the poweliks virus. Here is a link to a website on manual removal of the poweliks virus http://www.vblaze.com/how-to-remove-trojan-poweliksgm-completely/ and here is another website http://www.symantec.com/security_response/writeup.jsp?docid=2014-080408-5614-99&tabid=3 . There are of course other websites with the manual removal procedure. I would only do this if nothing else works and if you are comfortable with going into the registry. Otherwise have a professional remove the infection.
  Thank You for reading.
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)