Windows 10: Heavily Infected by svchost.exe and Poweliks. Solved

Page 1 of 3 123 LastLast

  1. Posts : 59
    Microsoft Windows 10 Home 64-bit
       5 Days Ago #1

    Heavily Infected by svchost.exe and Poweliks.


    Hello

    I recently allowed my cousin to do some work on my personal computer and when I received it back Chrome suddenly closed on the aspect of anything incriminating of a virus removal. Also, looking at task manager shows a unnamed task that is under Windows Processes, that is taking around 60% of the CPU of my computer.

    It claims to be Service Host, or svchost.exe however its not located in system32 so I'm pretty sure it's a virus in disguise.

    I ran multiple anti-virus programs, Malwarebytes detected over 500 threats. They were mostly cleaned, however it does not detect Poweliks. I have tried using ESETPoweliks cleaner which just closes on opening, I have also tried symantic's program which just results in Poweliks not being found.

    Also, my computer cannot reboot, it crashes when it restarts, with a critcal error/BSOD, I have attached the files as well.MSI-13_04_2018_234402_70.zip

    So, I am truly stumped. I don't know what else to do. If this is a different virus or anything. Also, I hope I posted this in the right place.

    Thanks for any help.
      My ComputerSystem Spec


  2. Posts : 42
    Windows 10 Home 1803 (17134.1) (Insider)
       5 Days Ago #2
      My ComputerSystem Spec

  3.    5 Days Ago #3

    youngtomlin said: View Post
    Hello

    I recently allowed my cousin to do some work on my personal computer and when I received it back Chrome suddenly closed on the aspect of anything incriminating of a virus removal. Also, looking at task manager shows a unnamed task that is under Windows Processes, that is taking around 60% of the CPU of my computer.

    It claims to be Service Host, or svchost.exe however its not located in system32 so I'm pretty sure it's a virus in disguise.

    I ran multiple anti-virus programs, Malwarebytes detected over 500 threats. They were mostly cleaned, however it does not detect Poweliks. I have tried using ESETPoweliks cleaner which just closes on opening, I have also tried symantic's program which just results in Poweliks not being found.

    Also, my computer cannot reboot, it crashes when it restarts, with a critcal error/BSOD, I have attached the files as well.MSI-13_04_2018_234402_70.zip

    So, I am truly stumped. I don't know what else to do. If this is a different virus or anything. Also, I hope I posted this in the right place.

    Thanks for any help.
    Hi.
    You are correct, it is not a legit svchost.
    Have you tried running some offline scans?

    - Defender has an option for offline scan
    - Kyhi's recovery media has Malwarebytes built-in. You can boot the system to it and scan the system drive while the infection is not active - much easier to clean that way.
    - Eset bootable media "ESET SysRescue Live"
    Download Tools and Utilities ESET

    You could even try running these while in the operating system:

    RKILL
    Download RKill
    ADWCleaner
    Downloads - AdwCleaner - ToolsLib
    (reboot)
    RKILL (again)
    Malwarebytes (with rootkit box checked)
    Then run the Eset Poweliks removal tool
      My ComputerSystem Spec


  4. Posts : 59
    Microsoft Windows 10 Home 64-bit
    Thread Starter
       5 Days Ago #4

    Hello again, thanks for the quick replies.

    The AVG results didn't find anything and nor did the offline Defender scan. The other options close my Chrome so I can't check those out. During the restarting of my computer it crashed again and the logs are in the original post.

    Thanks again for all your help. Brief because I don't want it to crash again.
    Thanks.
      My ComputerSystem Spec

  5.    5 Days Ago #5

    youngtomlin said: View Post
    Hello again, thanks for the quick replies.

    The AVG results didn't find anything and nor did the offline Defender scan. The other options close my Chrome so I can't check those out. During the restarting of my computer it crashed again and the logs are in the original post.

    Thanks again for all your help. Brief because I don't want it to crash again.
    Thanks.
    If you can't get any of your browsers to work, (even after resetting them - including Internet Explorer), you'll need to get to a clean system to do the downloads. The offline/bootable media methods are best for clearing out this stuff.
      My ComputerSystem Spec


  6. Posts : 59
    Microsoft Windows 10 Home 64-bit
    Thread Starter
       5 Days Ago #6

    Ok. I'll grab my usb now and try those out. Lets hope malwarebytes does something this time. Thanks in advance

    Typing on my phone now. My computer keeps crashing but I'm guessing that's because of the virus . I'll take that to bsod support afterwards if it's still happening.

    Again. Thank you for your help
      My ComputerSystem Spec


  7. Posts : 42
    Windows 10 Home 1803 (17134.1) (Insider)
       5 Days Ago #7

    youngtomlin said: View Post
    Ok. I'll grab my usb now and try those out. Lets hope malwarebytes does something this time. Thanks in advance

    Typing on my phone now. My computer keeps crashing but I'm guessing that's because of the virus . I'll take that to bsod support afterwards if it's still happening.

    Again. Thank you for your help
    Good luck.
      My ComputerSystem Spec

  •    5 Days Ago #8

    youngtomlin said: View Post
    Ok. I'll grab my usb now and try those out. Lets hope malwarebytes does something this time. Thanks in advance

    Typing on my phone now. My computer keeps crashing but I'm guessing that's because of the virus . I'll take that to bsod support afterwards if it's still happening.

    Again. Thank you for your help
    Okay, let us know how it goes. Good luck.
      My ComputerSystem Spec

  •    5 Days Ago #9

    By the time you go through all this you would be better off taking 20 minutes to install Windows 10 again.
      My ComputerSystem Spec


  • Posts : 440
    Windows 10 Home x64 and Pro x86
       5 Days Ago #10

    tomlin,

    • I agree that svchost being outside system32 warrants investigation.
    • I have no idea why you mention Powerliks. [I once had one of the many Powerliks variants & Malwarebytes successfully detected it]
    • If some scans fail to find anything but other scanners crash / the computer crashes / the computer cannot boot, I think that you are going to end up rescuing your personal files and then reinstalling Windows 10.


    Denis
      My ComputerSystem Spec


  •  
    Page 1 of 3 123 LastLast

    Related Threads
    I have lately had few major windows updates on my laptop that is dual graphics and have a gtx 1050 ti card then I realized that all games I have started tearing heavily , so i started playing with Nvidia drivers switching between them back and forth...
    PC infected with malware in AntiVirus, Firewalls and System Security
    I recently ran kmspico.exe and couple other unverified programs(of course by mistake) and now my pc's loaded with malware and virus. I reset my pc completely but I still think there are virus files saved which weren't deleted as I had opted to kept...
    HELP: Is my network infected? in AntiVirus, Firewalls and System Security
    This is creepy... So, I decided I would visit HURR-DURR (basically like the original YouAreAnIdiot) on my Windows XP virtual machine (I use virtualbox). The machine was connected to the same WiFi as the host. I went to the page but instead of seeing...
    steps taken for infected Pc's. in AntiVirus, Firewalls and System Security
    I was hoping someone could give me a list of step by step instructions you use as a guide to clean virus, malware...etc. so I can keep my PC clean if it gets infected. thx
    Hi, I recently upgraded from 8.1 to 10. Performance seems great in general, but Visual Studio 2013 really slows down the system, both when parsing the project directory and during compiling. Chrome for example takes up to a minute to load a...
    Our Sites
    Site Links
    About Us
    Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

    Designer Media Ltd
    All times are GMT -5. The time now is 07:03.
    Find Us