Remove dllhost.exe *32 COM Surrogate virus from Windows

A brief yet very important disclaimer from the start: dllhost.exe *32 COM Surrogate is absolutely not a virus. In fact, the name denotes an essential Windows process used to host other operating system processes. The OS relies on this service for executing some untrusted code, so it’s often referred to as a “sacrificial” entity. Normally, users don’t even notice COM Surrogate unless and until an alert pops up to state that it has stopped working. This may happen, for instance, as a result of a thumbnail extractor crash. The helpful role of the process under consideration in this case consists in preventing more serious crashes – dllhost.exe basically performs the “lesser of two evils” function in terms of the consequences, taking the blunt of arbitrary impact. That’s a fairly normal Windows operating workflow.

COM Surrogate process crash notification

What this article is primarily intended to highlight, though, is the scenario where dllhost.exe *32 COM Surrogate is exploited by a malicious process. The malware sample called Trojan.Poweliks is known to indulge in such activity. Spreading through a social engineering trick based on unsafe spam, this infection is unique in several ways. First off, it resides in system registry as a sub-key, whereas the regular viruses are impersonated as files most of the time. Secondly, Trojan.Poweliks affects the compromised system in a really nasty way.

The easiest way to identify this infection is turn on the computer and see if its performance goes down after a couple of minutes. In other words, the malware slows the system down literally to a crawl. Since this is a very verbose symptom, users open the Task Manager to figure out what’s consuming the resources – and that’s where the final diagnostic stage usually ends, because most of the CPU will appear to be eaten up by multiple entries for dllhost.exe *32 (Image Name) COM Surrogate (Description). It doesn’t take a scientist to realize that this Trojan can therefore cause damage to the system or substantially affect user experience in the best case scenario.

Numerous COM Surrogate instances consuming system resources

The disruptive capacity of Trojan.Poweliks taken into account, it must be immediately removed from the PC otherwise the COM Surrogate processes flooding will keep playing havoc with your system. Obviously, terminating these process instances in Task Manager all the time isn’t worthwhile, so review the workaround below to learn how this issue can be addressed for good.

Automatic removal of the virus exploiting COM Surrogate process

The benefits of using the automatic security suite to get rid of this infection are obvious: it scans the entire system and detects all potential fragments of the virus, so you are a few mouse clicks away from a complete fix.

  1. Download and install recommended malware security suite
  2. Select Start Computer Scan feature and wait until the utility comes up with the scan report. Proceed by clicking on the Fix Threats button, which will trigger a thorough removal process to address all the malware issues compromising your computer and your privacy.
  3. It’s recommended to restart the machine after system remediation has been completed.
No ratings yet.

Please rate this

Leave a Reply

Follow Us:

Surf Spy

Surf Spy is an invisible tool that monitors the Internet activity on your computer. It captures the link of every visited web site. Read more >>

Bluescreen Screensaver

Bluescreen Screensaver will simulate the Windows Blue Screen of Death for your operating system. Read more >>


Farsighter monitors a remote computer invisibly by streaming real-time video to a viewer on your computer. Read more >>