How to Remove the Powercfg.exe virus from PC

What is Powercfg.exe?

Powercfg.exe is a legitimate file. It is also called Power Settings Command-Line Tool. It is used to control all configurable power system settings and it is associated with Mircorosft Windows Operating Systems and it is developed by Microsoft Corporation. It is commonly stored in C:\Windows\System32. The malware programmers or cyber criminals write the different types of malicious program and name it as powercfg.exe to damage the software and hardware.

Affected Platform: Windows OS

How to check if your computer is infected with powercfg.exe malware?

The type of malware programs varies and the mode of infection also varies. Any of the following can alert you if the system is infected.

If the internet connection fluctuation is high
If the powercfg.exe file is taking more of your CPU memory
If the system performance is very low
If the system is redirected to some strange websites
If the system is getting some annoying popup ads

To confirm that go to task manager by pressing the combination of keys ctrl+alt+del and go to the process tab and right click on the Open.exe to check the location, if the location is C:\Windows\System32, then the system is not affected by powercfg.exe, if the location is somewhere else then the system is affected by powercfg.exe malware.

How to remove the Powercfg.exe file from system using Comodo Antivirus?

Step 1: Download the award-winning Free Internet Security.

Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.

Step 3: Select Customize Configuration option and arrange installers, configuration, and file location.

Step 4: Restart your PC.

Step 5: It will take some time for the Comodo Internet Security to update the antivirus.

Step 6: Proceed with a quick scan that automatically begins after the update.

Step 7: If threats are found during the scanning, you will be prompted with an alert screen.

Step 8: Comodo Antivirus will remove the Powercfg.exe virus from your computer including all other malwares!

Malware Entries

Safe Entries

First Seen: 25 October 2011 at 1:17 am

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	N/A	Executable	fa3b14f9c327b042 1abae1140e4fd0e4 4c348618	a5f668d99c70b720 0cea1b32caa1da95	Virus.Win32. Virut.CE	No	N/A	N/A	Pakistan	N/A
2	N/A	Executable	cf12bee758465291 cad639b9f58f2cc3 d88f1ae9	4781479231fe04a6 6317683dc73000cc	Virus.Win32. Virut.CE	No	N/A	N/A	197.211.57.71/32	N/A
3	Microsoft Corporation	Executable	0139b50eb933a15b 8ccac6dd87a95a00 380dccc7	2194454f2255ca81 1c7597a46f56ec36	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Nigeria	N/A
4	Microsoft Corporation	Executable	a3a5de45e4fa2661 4afe0a5e72b8d42b 1bc15c90	532a91af3a7de12a 1e883019a51569a1	Virus.Win32. Parite.gen	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Turkey	N/A
5	N/A	Executable	4f2c8544c94c9281 04e63e935ee25d75 291fe4a1	99c2505b329abbec f17dc884e9cc39fc	Virus.Win32. Virut.CE	No	N/A	N/A	197.156.80.220/32	N/A
6	Microsoft Corporation	Executable	c92bd28618e72d9b 6290f40158f81848 5fe65a0c	2ccbba24bf5fa5c9 02af41f69978baee	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Zimbabwe	N/A
7	N/A	Executable	4d219d515cc1ee2a 08b93d1c2fd80a71 14c2a4c3	894f18979dd2a81a 4dacd35efdd323e2	Virus.Win32. Virut.CE	No	N/A	N/A	103.213.128.79/32	N/A
8	N/A	Executable	bc5c097571316195 c4505e689db8501a f9a494ea	5d5b0514815ce7f4 e3b05c4fcb799e77	TrojWare.Win 32.Banbra.rh	No	N/A	N/A	Russian Federation	N/A
9	Microsoft Corporation	Executable	6b393803045a06df 3f2818b59b53d161 4405144b	8768ea44b44d4f74 885fc35bfc88c894	Virus.Win32. Parite.gen	No	5.1.2600.5 512 (xpsp.0804 13-2108)	5.1.2600.5 512	Bulgaria	N/A
10	N/A	Executable	4932f0781295b627 bce5baffdabb2b3c 6ece3822	38a0c01eda85a828 14b74f52eebba955	Virus.Win32. Virut.CE	No	N/A	N/A	Egypt	N/A
11	Microsoft Corporation	Executable	50f0c0d95afcc9d7 1ec1da8784fe5743 5329d5ae	0d8e2957e7bd088b 2209edde884218cf	Virus.Win32. Parite.gen	No	5.1.2600.5 512 (xpsp.0804 13-2108)	5.1.2600.5 512	Turkey	N/A
12	Microsoft Corporation	Executable	6095f13a90ff136b f96f4372b9394131 717a10a1	a8ddcc89b295cf61 98f70ef287516f61	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2108)	5.1.2600.5 512	Egypt	N/A
13	Microsoft Corporation	Executable	68c71f85967dd52a 078c3983e524935a bfbeb505	4257fee1ac4109c2 3acf2fd83dac7443	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Morocco	N/A
14	Microsoft Corporation	Executable	d579685a517937e2 f106adbd75c77b57 5d0d6a3a	bab715c169733d13 9e66ebea493588b4	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Algeria	N/A
15	N/A	Executable	beb6c99e1cb38925 a2bbc2b955fec77e ef992929	e590aa8b17ff5b04 cd969a15f1c83049	Virus.Win32. Virut.CE	No	N/A	N/A	Australia	N/A
16	Microsoft Corporation	Executable	4c9443f9217b6083 2b750c8d67b80c37 1029e641	c2741b8d9141f4a3 3e46d5bfb19c7ee3	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	197.210.47.180/32	N/A
17	N/A	Executable	76486aa63b4e3264 333f36c77375cbf4 504d89e3	fce888cf097cefd8 1523651fb8346c04	Virus.Win32. Virut.CE	No	N/A	N/A	197.55.254.184/32	N/A
18	Microsoft Corporation	Executable	09f7e6717f2facbf e8b5a717a3a322cf 1f0f790d	982fcab094939b24 169fe4a4cef47314	Virus.Win32. Golem.a0	No	5.1.2600.5 512 (xpsp.0804 13-2108)	5.1.2600.5 512	Russian Federation	N/A
19	N/A	Executable	d0a77749f12ce318 a1ad9c6d1211a62b d9c4e5f1	72a9573109c926d7 ae8496469ebab73d	Virus.Win32. Virut.Ce	No	N/A	N/A	United States	N/A
20	Microsoft Corporation	Executable	6f64899e1ef40b65 315d7547e0d74ef5 ccf3db3f	63e507f534f8298e 1a122942695f3473	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Philippines	N/A
21	Microsoft Corporation	Executable	c9bf98e682af4425 17230fd8b2d589b2 a50e2fa5	26bf579451449fca 7a6f41b53269d805	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2108)	5.1.2600.5 512	156.220.85.161/32	N/A
22	Microsoft Corporation	Executable	7b4c3bcfc933a8dd 66cdec59fe953f1d f11ddd5f	39eed09fac0db7ac 9ab929b741c29b79	Virus.Win32. Virut.CE	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Europe	N/A
23	Microsoft Corporation	Executable	85965574332013ca 0370b32881153e7b ef8498e7	98de70a46a79d0d5 450f47dd1d57ddbf	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	156.205.143.115/32	N/A
24	Microsoft Corporation	Executable	db420a5fd49f6fd5 9ab20f06aaf5f7c4 c79d7852	fb2c297c53f582a5 ac8e7dccb581c561	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	151.236.168.34/32	N/A
25	Microsoft Corporation	Executable	eddcf35181304c53 b44185e930b7ff16 50cd2fa4	19698d675bf84b72 00e4d2ae795f3c02	Virus.Win32. Virut.CE	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	United States	N/A
26	Microsoft Corporation	Executable	eb41806ebaa00f3c 5b3c9a869b10e101 ed282605	4d7a5deaddc74a37 36d568813ea5aa3f	Worm.Win32.M abezat.b7	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	197.251.180.204/32	N/A
27	Microsoft Corporation	Executable	021aa6ca518dfbf6 7da6d4048971af41 4926c415	818660ca6da1e6e1 e1f132503f931bcd	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	197.210.44.78/32	N/A
28	N/A	Executable	2843d38f54418d90 9243d3d30750057e 82aabfed	8e64394fb510240a 79292761d0b89cd6	Virus.Win32. Virut.CE	No	N/A	N/A	Indonesia	N/A
29	N/A	Executable	604c2e462147dbea 97de135b17f324dd 9415908c	b6a598255d687ba9 5d67ec2f3deb4867	Virus.Win32. Virut.CE	No	N/A	N/A	United States	N/A
30	N/A	Executable	1fa49736634d6aa3 bc0761020c6f8929 7f03cc74	4c2cb95252349c54 a2563473bd8777f8	Virus.Win32. Virut.CE	No	N/A	N/A	Iran, Islamic Republic of	N/A
31	Microsoft Corporation	Executable	38a72e9d2d4ff5c6 ef6d1c6adc1e680c 6535c8b5	be2ec0d645bf5a30 26b440b4c9b40b1e	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
32	Microsoft Corporation	Executable	aa854f29bfaac298 b2784849b37feb4a df9bc0b0	2f0e54496108eb36 4c21599a1861f9a5	Virus.Win32. Expiro.SR	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	169.159.118.228/32	N/A
33	Microsoft Corporation	Executable	96a4161f56818235 3f32ffaf7bec776a 9b1c3e1d	44b079dc60d49745 f371c6aabf63e0d6	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
34	Microsoft Corporation	Executable	b7795286cb4bf365 9cecd7a721ec00d4 79ec9b6a	57ae0a287d5f6b68 ac8919ab4c5f30c3	Virus.Win32. Parite.gen	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Greece	N/A
35	Microsoft Corporation	Executable	472966c17284c2c3 0fc0fef7d68a8ae4 fcf5cdc9	8030aaf595b92412 49b937aeac72a094	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
36	Microsoft Corporation	Executable	0f7ae70ef54a4bfa 17d73a1d8fd82d9a 67dbcbbb	56faa7042aae6dd7 d7e25ab6a62087dc	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2108)	5.1.2600.5 512	United States	N/A
37	N/A	Executable	c622f8f7356872ec 36f3e1640b46941f 32664665	5e52eb2ca51e16fe 72733edd6f247fbb	Virus.Win32. Virut.Ce	No	N/A	N/A	Belarus	N/A
38	N/A	Executable	3d58f3a2da88fccd 621c040647c6e543 44963fd5	80bfcdf505cebec5 69165d370998d4dd	Win32.Neshta .A	No	N/A	N/A	181.66.169.99/32	N/A
39	Microsoft Corporation	Executable	c48349a91fdf9759 347b07fe37e2545a 038078d4	cb904cb422efd256 543b48d017aa5aa4	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
40	N/A	Executable	6ae78d6939050131 473c59f440a86585 53d4aff8	ebfa89b4c61a03c7 2ec4e85e8949d44f	Virus.Win32. Virut.CE	No	N/A	N/A	Nigeria	N/A
41	Microsoft Corporation	Executable	bde4a455fccece3c 28c59296aa08f360 89e9bc37	78a0b2b544d60c43 e3a527b94d3a6aae	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	197.32.15.247/32	N/A
42	Microsoft Corporation	Executable	7058d9e3834b81de 08d782177cc4db4c 251aee68	d43f8c1af203e376 08545e2198995a9f	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2108)	5.1.2600.5 512	Russian Federation	N/A
43	Microsoft Corporation	Executable	f3a24c52d5e81d58 8b14c016a931b5e6 0c4553b2	f059d08662fb0915 0058ba47f8433449	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Nigeria	N/A
44	Microsoft Corporation	Executable	6840db3eaba93c81 5df6109f0bc973ce e414e666	aaafe052b9d20d33 8ce54ceb67b49cf5	Virus.Win32. Parite.gen	No	5.2.3790.3 959 (srv03_sp2 _rtm.07021 6-1710)	5.2.3790.3 959	China	N/A
45	N/A	Executable	6e4eff28cfa89fd8 051cb58038117005 3596384b	c114e6b961ced182 b57ee6af8409b7b6	Virus.Win32. Virut.Ce	No	N/A	N/A	United States	N/A
46	Microsoft Corporation	Executable	4fe30d381b817715 642ce5ab4ff48fa5 08f11ed5	f94e3f9d6fb932dc 264f73996e89377f	Virus.Win32. Virut.CE	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	India	N/A
47	Microsoft Corporation	Executable	90134d6a22bf7db5 7b584662a22acafc 1484831a	f949b27d64cbe5f5 65a0420208fb5c43	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Pakistan	N/A
48	Microsoft Corporation	Executable	209b610f4506bcbf aff4a3b0441acd89 4e43a4d7	1e1894c6e83ec87e edee4cdbc2cab800	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	105.230.114.139/32	N/A
49	Microsoft Corporation	Executable	2ce1668c3c9e901d 920053536e72fd61 037e85fa	e31e67775015e134 a8dcbccbea00a34e	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	156.223.81.124/32	N/A
50	N/A	Executable	c96b5035e7a8a39f 99c8fd3d5b772852 46a7073f	4f83cb27b1b360a5 dfc6002ff626770a	Virus.Win32. Virut.CE	No	N/A	N/A	176.88.226.192/32	N/A
51	Microsoft Corporation	Executable	a59c9d237b2c2254 c62412aab553999a f5619f0a	3aaf3ad9e41304a7 b23c6e7d6de65632	Virus.Win32. Expiro.naf	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Russian Federation	N/A
52	N/A	Executable	873a568ed80229b4 59437c25dcbe8c5d e77c8c79	e99b6df22a5d45ba 249a9b4a64bb1ca0	Virus.Win32. Virut.Ce	No	N/A	N/A	129.205.113.134/32	N/A
53	Microsoft Corporation	Executable	fa9c5cc550f88e2f 8b91bbbd000a19e0 29d52d92	5cae56fd4c9e0b39 42abbb9fc733d315	Virus.Win32. Expiro.ew	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	United States	N/A
54	N/A	Executable	a6e7ee3cad39493d 75fd35f6af0778bc b90bf785	4b5c575626e6eb38 5886615cf045af5a	Virus.Win32. Virut.CE	No	N/A	N/A	Nigeria	N/A
55	Microsoft Corporation	Executable	65e001519f6a7021 cfcde87f5e571247 959d21cd	7c10f573c55a70f7 8884f32c73622fe8	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	United States	N/A
56	N/A	Executable	703efe9bd7cd9e71 2fd0f13bcf75d022 de0b87bd	472b645220361d9c 7d508bd018cd863f	Virus.Win32. Virut.CE	No	N/A	N/A	Indonesia	N/A
57	Microsoft Corporation	Executable	363319b092e61e1f 22cc0ae9a39f3607 39a480f0	e2cc6fc308147d7e 21294c9d1b200b43	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2108)	5.1.2600.5 512	Canada	N/A
58	Microsoft Corporation	Executable	81e81cdc3419265f b177718b21472cf1 a93a6297	fec3b209ac3cf473 c09249b8093da08e	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	197.214.249.165/32	N/A
59	Microsoft Corporation	Executable	2b89456a832bee6d b4c2df4710ddb776 188ba7fd	b00f137d12b04261 3a9d34f23272bacb	Virus.Win32. Expiro.R0	No	5.1.2600.5 512 (xpsp.0804 13-2108)	5.1.2600.5 512	Ukraine	N/A
60	Microsoft Corporation	Executable	76dc91de2882f9a7 e212498a5035b990 6185aa95	38209860172092e0 f961cf462e145830	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Egypt	N/A
61	Microsoft Corporation	Executable	a720da2f39d4eca9 ad767acbe4ad0c12 bbb74b02	e4ddd997ffe37b24 b9313c81a1cb659e	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Italy	N/A
62	Microsoft Corporation	Executable	fb990328e6ad500a e8c755d91187943f 639912a6	5bdb49b7c743bc94 252e97c81120f4f0	Virus.Win32. Virut.Ce	No	5.1.2600.5 512 (xpsp.0804 13-2108)	5.1.2600.5 512	Italy	N/A
63	Microsoft Corporation	Executable	e9e28047d67784e8 9029a4d9aaffa818 60cef57c	bba39881ac1b35bc 2c07517f585d8fda	Virus.Win32. Sality.gen	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Iran, Islamic Republic of	N/A
64	Microsoft Corporation	Executable	e5086bb772097173 6baf02fc5fd339c6 dbc7e613	5265332d0a6acd01 3b16b5b3310264d0	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Egypt	N/A

Prev 1 2 3...16 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Safe Entries

First Seen: 22 October 2011 at 12:24 pm

No.	Company	File Type	SHA1	MD5	Digitally Signed	File Version	Product Version	Submitted From
1	Microsoft Corporation	Executable	c2181a7f6255fe9b c6bf321a7d7d8b7a 98bb87cc	27bce46a76104eed fba24d672fe5bc15	No	5.2.3790.0 (srv03_rtm .030324-20 48)	5.2.3790.0	Internal Submission
2	Microsoft Corporation	Executable	0989525dda5f937a 4895f2a53a4319ff 16890b03	9d71dbdd3ad017ec 69554acf9caadd05	No	10.0.19041 .1 (WinBuild. 160101.080 0)	10.0.19041 .1	United States
3	Microsoft Corporation	Executable	b2e02ff6a78ef9f0 a309fcc86971f3ad fcd2d538	cdb207f785d9f2a2 c3480b0f0b9d7f7c	No	10.0.17074 .1002 (WinBuild. 160101.080 0)	10.0.17074 .1002	United Kingdom
4	Microsoft Corporation	Executable	0047cdc7c0dbe614 4beff071954b694a 9d81406a	a1fa06b12902cdbc e93859dfd94f7d88	No	5.2.3790.0 (srv03_rtm .030324-20 48)	5.2.3790.0	Internal Submission

Prev 1 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Malware Search Engine

How to Remove “Powercfg.exe”

What is Powercfg.exe?

How to check if your computer is infected with powercfg.exe malware?