Jump to content

Search the Community

Showing results for tags 'poweliks'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 24 results

  1. Hello! After a frustrating day trying to create a user here, the system finally sent me a confirmation email!! Anyway, I have a friends PC that MWB rootkit scanner found the Poweliks trojan and I ran the clean function several times, even in safe mode, but everytime I run it to check that it cleaned it, it's still showing up as infected? I ran Hitmanpro, combofix and adwcleaner as well as the regular malwarebytes scanner and it comes up clean, but the rootkit scanner says it's still present. I installed FRST64 and created the log files which i have attached. Any help would
  2. Somehow, I managed to get infected with Poweliks. It's a bit of a nasty variant that runs without executables, but back in 2014 Malwarebytes trumpeted how they could now block and delete etc it. Meanwhile, in 2016, it was completely oblivious to it, and didn't find a thing. At the end of the day, I had to do what was recommended - download Zemana Antimalware, which did see it and allow me to erase it. Where did I find this suggestion? Why, here on the Malwarebytes forum, by a Malwarebytes representative... Could someone tell me why I should pay for Malwarebytes when even Malware
  3. I believe that my explorer.exe has been compromised by a new version of Poweliks, every time I start up my computer after a few moments a large number of comhost and windows presentation processes show up in my process list and cause my CPU usage to skyrocket from 5% to 80%-99%. In my attempts to remove the malware I booted my computer in safe mode and found with some tinkering that the problems only happen when i run explorer.exe and connect to the internet. Ontop of this i have also noticed briefly upon shutting down my computer that advertisements will show up as the computer turns off, lik
  4. Hi..I started seeing a bunch of dllhost.exe processes running with the "COM Surrogate" description a few days ago, so downloaded MWB and ran a full scan. It found 65+ entries - mostly PUPs (PUP.Optional.Sigot.A, PUP.Optional.InfoAtoms, PUP.Optional.OpenCandy and PUP.Optional.YTDToolbar) but one Trojan(Trojan.JobLaunch.ODB). MB cleaned all 65 items and put them in quarantine. Rebooted the PC and no longer had any dllhost.exe COM Surrogates running (Yay!) This lasted a few hours..then, MWB started showing frequent "Malicious Website blocked" messages - mostly with fffsee.com and IP 95.215.
  5. I am going to attempt & remove poweliks from my computer using the guidance posted in Malwarebytes Unpacked - NO more poweliks! My question before I begin - Can this be done with computer in Safe Mode? Computer has high CPU & memory usage issues as are associated with poweliks infection. Computer is much more responsive & CPU & memory loads are much less in Safe Mode.
  6. Looks like a Poweliks issue... My system is running very slow and seems the memory is taken up with multiple dllhost.exe *32 COM Surrogate running. Malwarebytes identifies outbound traffic to fff5ee.com and other IP addresses when a browser is not even open. Norton 360 warns of Trojan.poweliks and Trojan.adclicker. Once the dllhost.exe process does show up in the task manager MalwareBytes constantly pops up blocking websites of various IPs that are all trying to be accessed by C:\WINDOWS\SysWOW64\dllhost.exe. Addition.txt FRST.txt RKreport_SCN_11022014_220453.log mbam-log-2014-11-02(20-47
  7. Need some help getting rid of these... Ran Malwarebytes and then bought upgrade to premium. Found mx infections but can't kill the fff5ee virus. Malwarebytes still gives notice every min or so of blocked fff5ee. Norton is also giving occassional blocks for Poweliks. Have run all the Norton complete virus scans and NPE...no joy. Will be happy to donate to the cause for a little help.... Thanks, Dexter
  8. Hi Mr. Charlie, Sorry - newbie - thanks for guiding me to the right spot. Win 7, Norton IS, had not previously been running Malwarebytes but will be moving forward; your customer service alone, FROM VOLUNTEERS, speaks volumes about the product. I've attached the RogueKiller and Malwarebytes logs. They are from yesterday afternoon - ? - we've probably had the infections for 3 days. Thank you for your time, efforts and patience! Our computers are like our cars; seldom think about them other than basic maintenance, and when they fail - AGH! Can't (voluntarily) live without them. Pleas
  9. Hello - I've been reading about a lot of people with similar problem. About 5 days ago, internet access slowed to a crawl, with lots of "this page cannot be displayed" failures. Opening Windows Task Manager, I noticed many "dllhost.exe *32" processes ("COM Surrogate"), which I could force-quit one by one - but not the "dllhost.exe" (without the "*32"), which it wouldn't let me kill. After force-quitting them all, a few minutes later they would re-appear. No matter how many force-quits, they always pop up. I am running Internet Explorer 11 (version 11.0.13 KB2987107), and in the Internet
  10. Alright, so I just joined and I was having some trouble because I couldn't figure out how to post on the forums, (haha,) but... i read a few of the help guides for removal of poweliks/fff5ee.com, (opens several COM surrogates and jams up the cpu,) and i didn't want to use the fixlogs posted because I wasn't sure if they were system specific or not. I ran combofix already and that didn't seem to help, even though it identified some files. I ran Malwarebytes yesterday and it also i.d. several questionable files as well but now MB wont open to allow me to run another scan even though manager says
  11. I really need some help. After my nephew visited and downloaded some games and other things onto my computer so he could play while he was visiting, I started having problems with a slow computer. My Norton 360 kept saying it was blocking a Poweliks Trojan. I show many processes with dllhost.exe and kqikghfb.exe. If they are deleted/ended, they simply come back. I downloaded Malwarebytes, scanned, and quarantined all that showed up as needing fixed. Now, Malwarebytes is constantly blocking attacks and/or intrusions from the following: honeymods.com dllhost.exe appsruors.com Trojan.Ge
  12. My windows 7 computer has been infected with the poweliks virus. While multitasking I give a quick yes to a fake adobe flash update prompt and then now it barely works. Runs multiple com surrogates and get attack warnings from Norton, I run Norton power eraser, malwarebytes, HitmanPro,TDSSkiller and nothing shows up. Attached txt files from malwarebytes and TDSSkiller. Any help greatly appreciated !
  13. I seem to have picked up a bug, hopefully just the one. Seems to be Poweliks at the very least. Malwarebytes and Norton both give me a clean bill of health. If somebody could get vaccinated, I'd appreciate it. Below are the Farbar results. It wouldn't let me paste the addition too; it said the post was too long. I attached both text files though. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-10-2014Ran by Jonathan (administrator) on MCP on 25-10-2014 12:45:53Running from C:\Users\Jonathan\DesktopLoaded Profile: Jonathan (Available profiles: Jonathan & Amy)Platform
  14. Hi, first of all thanks in advanced for the help you could provide me. I will try to be short but detail. I noticed my laptop Dell Latitude running slow and overheating after a Windows Update and I began to notice pop ups from Norton telling me that COM Surrogate was consuming too much memory. Here began the nightmare. I ran Norton, Viprerescue, Microsoft Scanner, Norton Power eraser, Kaspersky, etc. and all of them no threat found. I contacted Norton support and they performed a remoted session and did something trought de cmd and after all, they told me everything was clear. Great!! But not.
  15. Recently started having problems with IE10 (Downloads blocked), Symantec notifying me of infection Poweliks, and multiple versions of dllhost.exe *32 COM Surrogate running. Seems more pronounced after opening IE10. I ran Malwarebytes several days ago, and it did find some problems and quarantined them. Problems are recurring, so I'm turning to you folks for help. Made another scan tonight with Symantec disabled. Results log posted below. Also ran FRST, results attached. Thanks in advance for your help! Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 10/23/2014Scan Time: 8:45:35
  16. Alright, so I just joined and I was having some trouble because I couldn't figure out how to post on the forums, (haha,) but... i read a few of the help guides for removal of poweliks/fff5ee.com, (opens several COM surrogates and jams up the cpu,) and i didn't want to use the fixlogs posted because I wasn't sure if they were system specific or not. Any help would be greatly appreciated, thank you. (Also, i ran combofix already and that didn't seem to help, even though it identified some files.)
  17. I got the Trojan while browsing the web, the computer started to slow down, it started downloading small files, by the time I noticed it, it downloaded about 2 gigs worth of files. scanned it with roguekiller, it showed the poweliks Trojan, unfortunately I cant get rid of the container , it keeps coming back, I used MSE , malwarebytes, JRT, ESET, ADWcleaner. Thank you for the help! Here are the farbar files: FRST.txt Addition.txt
  18. I am getting the Malicious website warning and need help in removing the root cause. This problem has persisted for a few weeks and has proven stubborn. The result is that is hogging my home network, making it difficult to use. Some history: In summary ran the following and in this rough order: (after removing Trend Micro) Kaspersky TDSSkiller, RKill, MalWaresBytes anti-malware, Hitman Pro (beta version), RogueKiller,AdwCleaner, Junkware removal tool, ESET, EMSISOFT. - result of the above: Malwarebytes did not catch anything in the scan but after I put it on it starting to block several M
  19. Seems to be a very fast spreading malware out there going by poweliks which is what i believe has infected my system. After reading through a couple logs i ran the farbar scan and came up with this,. any help is much appreciated Addition.txt FRST.txt
  20. Infected with poweliks.... Ran sophos removal tool and it finds the infection but will not remove. Ran Roguekiller with same results. It finds the infection but will not remove. Any help would be greatly appreciated. Thank you. Addition.txt FRST.txt mbam-log-2014-10-08 (20-17-17).xml
  21. Please help. My computer has been infected by poweliks. Every time I run Malwarebytes scan I get two registry keys that show up as infected by rootkit.poweliks (detected item rootkit.poweliks -HKLM\SOFTWARE\CLASSES\CLSID\{73E709EA-.......). It identifies this every time, these are deleted and then I reboot; it comes back with the it again. I have attached the scan log. alos attached are the scan logs from Farbar recovery Scan tool. Appreciate any help.8_20.txtFRST.txtAddition.txt
  22. I have ran malwarebytes (free edition) 15/20 times; every time it finds two registry keys (detected item rootkit.poweliks -HKLM\SOFTWARE\CLASSES\CLSID\{73E709EA-.......). It identifies this every time, these are deleted and then I reboot; it comes back with the it again. is there a solution to rootikit.poweliks ? Have been reading online for a solution and no luck. have tried couple of other tools - roguekiller , avg. Appreciate any help
  23. A new attack has arisen and I wondered if your Premium version of Malewarebytes software stops the attack? LINK
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.