A brief yet very important disclaimer from the start: dllhost.exe *32 COM Surrogate is absolutely not a virus. In fact, the name denotes an essential Windows process used to host other operating system processes. The OS relies on this service for executing some untrusted code, so it’s often referred to as a “sacrificial” entity. Normally, users don’t even notice COM Surrogate unless and until an alert pops up to state that it has stopped working. This may happen, for instance, as a result of a thumbnail extractor crash. The helpful role of the process under consideration in this case consists in preventing more serious crashes – dllhost.exe basically performs the “lesser of two evils” function in terms of the consequences, taking the blunt of arbitrary impact. That’s a fairly normal Windows operating workflow.
What this article is primarily intended to highlight, though, is the scenario where dllhost.exe *32 COM Surrogate is exploited by a malicious process. The malware sample called Trojan.Poweliks is known to indulge in such activity. Spreading through a social engineering trick based on unsafe spam, this infection is unique in several ways. First off, it resides in system registry as a sub-key, whereas the regular viruses are impersonated as files most of the time. Secondly, Trojan.Poweliks affects the compromised system in a really nasty way.
The easiest way to identify this infection is turn on the computer and see if its performance goes down after a couple of minutes. In other words, the malware slows the system down literally to a crawl. Since this is a very verbose symptom, users open the Task Manager to figure out what’s consuming the resources – and that’s where the final diagnostic stage usually ends, because most of the CPU will appear to be eaten up by multiple entries for dllhost.exe *32 (Image Name) COM Surrogate (Description). It doesn’t take a scientist to realize that this Trojan can therefore cause damage to the system or substantially affect user experience in the best case scenario.
The disruptive capacity of Trojan.Poweliks taken into account, it must be immediately removed from the PC otherwise the COM Surrogate processes flooding will keep playing havoc with your system. Obviously, terminating these process instances in Task Manager all the time isn’t worthwhile, so review the workaround below to learn how this issue can be addressed for good.
Automatic removal of the virus exploiting COM Surrogate process
The benefits of using the automatic security suite to get rid of this infection are obvious: it scans the entire system and detects all potential fragments of the virus, so you are a few mouse clicks away from a complete fix.
- Download and install recommended malware security suite
- Select Start Computer Scan feature and wait until the utility comes up with the scan report. Proceed by clicking on the Fix Threats button, which will trigger a thorough removal process to address all the malware issues compromising your computer and your privacy.
- It’s recommended to restart the machine after system remediation has been completed.