Heavily Infected by svchost.exe and Poweliks.

Page 1 of 3 123 LastLast

  1. Posts : 94
    Microsoft Windows 10 Home 64-bit
       #1

    Heavily Infected by svchost.exe and Poweliks.


    Hello

    I recently allowed my cousin to do some work on my personal computer and when I received it back Chrome suddenly closed on the aspect of anything incriminating of a virus removal. Also, looking at task manager shows a unnamed task that is under Windows Processes, that is taking around 60% of the CPU of my computer.

    It claims to be Service Host, or svchost.exe however its not located in system32 so I'm pretty sure it's a virus in disguise.

    I ran multiple anti-virus programs, Malwarebytes detected over 500 threats. They were mostly cleaned, however it does not detect Poweliks. I have tried using ESETPoweliks cleaner which just closes on opening, I have also tried symantic's program which just results in Poweliks not being found.

    Also, my computer cannot reboot, it crashes when it restarts, with a critcal error/BSOD, I have attached the files as well.MSI-13_04_2018_234402_70.zip

    So, I am truly stumped. I don't know what else to do. If this is a different virus or anything. Also, I hope I posted this in the right place. :)

    Thanks for any help.
      My Computer


  2. Posts : 503
    Windows 11 Pro 22543.1000 rs_prerelease
       #2
      My Computers


  3. Posts : 16,325
    W10Prox64
       #3

    youngtomlin said:
    Hello

    I recently allowed my cousin to do some work on my personal computer and when I received it back Chrome suddenly closed on the aspect of anything incriminating of a virus removal. Also, looking at task manager shows a unnamed task that is under Windows Processes, that is taking around 60% of the CPU of my computer.

    It claims to be Service Host, or svchost.exe however its not located in system32 so I'm pretty sure it's a virus in disguise.

    I ran multiple anti-virus programs, Malwarebytes detected over 500 threats. They were mostly cleaned, however it does not detect Poweliks. I have tried using ESETPoweliks cleaner which just closes on opening, I have also tried symantic's program which just results in Poweliks not being found.

    Also, my computer cannot reboot, it crashes when it restarts, with a critcal error/BSOD, I have attached the files as well.MSI-13_04_2018_234402_70.zip

    So, I am truly stumped. I don't know what else to do. If this is a different virus or anything. Also, I hope I posted this in the right place. :)

    Thanks for any help.
    Hi.
    You are correct, it is not a legit svchost.
    Have you tried running some offline scans?

    - Defender has an option for offline scan
    - Kyhi's recovery media has Malwarebytes built-in. You can boot the system to it and scan the system drive while the infection is not active - much easier to clean that way.
    - Eset bootable media "ESET SysRescue Live"
    Download Tools and Utilities ESET

    You could even try running these while in the operating system:

    RKILL
    Download RKill
    ADWCleaner
    Downloads - AdwCleaner - ToolsLib
    (reboot)
    RKILL (again)
    Malwarebytes (with rootkit box checked)
    Then run the Eset Poweliks removal tool
      My Computer


  4. Posts : 94
    Microsoft Windows 10 Home 64-bit
    Thread Starter
       #4

    Hello again, thanks for the quick replies.

    The AVG results didn't find anything and nor did the offline Defender scan. The other options close my Chrome so I can't check those out. During the restarting of my computer it crashed again and the logs are in the original post.

    Thanks again for all your help. Brief because I don't want it to crash again.
    Thanks.
      My Computer


  5. Posts : 16,325
    W10Prox64
       #5

    youngtomlin said:
    Hello again, thanks for the quick replies.

    The AVG results didn't find anything and nor did the offline Defender scan. The other options close my Chrome so I can't check those out. During the restarting of my computer it crashed again and the logs are in the original post.

    Thanks again for all your help. Brief because I don't want it to crash again.
    Thanks.
    If you can't get any of your browsers to work, (even after resetting them - including Internet Explorer), you'll need to get to a clean system to do the downloads. The offline/bootable media methods are best for clearing out this stuff.
      My Computer


  6. Posts : 94
    Microsoft Windows 10 Home 64-bit
    Thread Starter
       #6

    Ok. I'll grab my usb now and try those out. Lets hope malwarebytes does something this time. Thanks in advance

    Typing on my phone now. My computer keeps crashing but I'm guessing that's because of the virus . I'll take that to bsod support afterwards if it's still happening.

    Again. Thank you for your help
      My Computer


  7. Posts : 503
    Windows 11 Pro 22543.1000 rs_prerelease
       #7

    youngtomlin said:
    Ok. I'll grab my usb now and try those out. Lets hope malwarebytes does something this time. Thanks in advance

    Typing on my phone now. My computer keeps crashing but I'm guessing that's because of the virus . I'll take that to bsod support afterwards if it's still happening.

    Again. Thank you for your help
    Good luck.
      My Computers


  8. Posts : 16,325
    W10Prox64
       #8

    youngtomlin said:
    Ok. I'll grab my usb now and try those out. Lets hope malwarebytes does something this time. Thanks in advance

    Typing on my phone now. My computer keeps crashing but I'm guessing that's because of the virus . I'll take that to bsod support afterwards if it's still happening.

    Again. Thank you for your help
    Okay, let us know how it goes. Good luck.
      My Computer


  9. Posts : 4,802
    Windows 10 ProWorkstation -- Whichever is highest build number.
       #9

    By the time you go through all this you would be better off taking 20 minutes to install Windows 10 again.
      My Computer


  10. Posts : 16,783
    Windows 10 Home x64 Version 22H2 Build 19045.4170
       #10

    tomlin,

    • I agree that svchost being outside system32 warrants investigation.
    • I have no idea why you mention Powerliks. [I once had one of the many Powerliks variants & Malwarebytes successfully detected it]
    • If some scans fail to find anything but other scanners crash / the computer crashes / the computer cannot boot, I think that you are going to end up rescuing your personal files and then reinstalling Windows 10.


    Denis
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 12:19.
Find Us




Windows 10 Forums