How to remove "Trojan.Win32.Poweliks.jrx"?

The Trojan.Win32.Poweliks.jrx is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Win32.Poweliks.jrx virus can do?

Executable code extraction
Creates RWX memory
A process created a hidden window
Drops a binary and executes it
The binary likely contains encrypted or compressed data.
Executed a very long command line or script command which may be indicative of chained commands or obfuscation
A scripting utility was executed
Installs itself for autorun at Windows startup
Network activity detected but not expressed in API logs
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Trojan.Win32.Poweliks.jrx?


File Info:
crc32: 06459466
md5: ad042e3cd1ff726d81f63172e55e9347
name: AD042E3CD1FF726D81F63172E55E9347.mlw
sha1: 398a362b9c6482f75a4f18cc2fb9f362ed7eb2b8
sha256: bc967c8b9180b371632af964a0fe74b403546abf6dd3299030e7cef38758b7aa
sha512: b4d603a7f7760157edfd1e85e9a41fcef954d41909693b6bf6ca879b52da1324c6ff2a058b4939253788ef2d89c675ee1488be02c8dc8df839321dc6466ad2e7
ssdeep: 3072:zzW+DiC9iLo+GnHT5ET7Np3cKAArDZz4N9GhbkrNEk1V19drXzIuYB:WKwLo7cLxyN90QEk9drXDY
type: PE32 executable (GUI) Intel 80386, for MS Windows, MS CAB-Installer self-extracting archive

Version Info:
LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: Wextract                
FileVersion: 8.00.7600.16385 (win7_rtm.090713-1255)
CompanyName: Microsoft Corporation
ProductName: Windowsxae Internet Explorer
ProductVersion: 8.00.7600.16385
FileDescription: Win32 Cabinet Self-Extractor                                           
OriginalFilename: WEXTRACT.EXE            .MUI
Translation: 0x0409 0x04b0

Trojan.Win32.Poweliks.jrx also known as:

K7AntiVirus	Trojan ( 00575a1a1 )
Elastic	malicious (high confidence)
DrWeb	Trojan.MulDrop7.12769
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.CrypmFC.S18890429
ALYac	Trojan.GenericKD.4111654
Cylance	Unsafe
Zillya	Trojan.GenericKD.Win32.31248
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_70% (D)
K7GW	Trojan ( 00575a1a1 )
Cybereason	malicious.cd1ff7
ESET-NOD32	multiple detections
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Ransomware.Poweliks-9843136-0
Kaspersky	Trojan.Win32.Poweliks.jrx
BitDefender	Trojan.GenericKD.4111654
NANO-Antivirus	Trojan.Win32.Poweliks.fhyhyg
MicroWorld-eScan	Trojan.GenericKD.4111654
Tencent	Malware.Win32.Gencirc.114b4bf9
Ad-Aware	Trojan.GenericKD.4111654
Sophos	Mal/Generic-S
Comodo	Malware@#3pwj32u7rnhx5
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Ransom_CRYPCUTE.SMXF
McAfee-GW-Edition	GenericRXGE-QZ!4461F37808C3
FireEye	Trojan.GenericKD.4111654
Emsisoft	Trojan.GenericKD.4111654 (B)
SentinelOne	Static AI – Malicious SFX
Jiangmin	Trojan.Crypmodadv.ep
Avira	TR/Poweliks.thnot
Kingsoft	Win32.Troj.Generic_a.a.(kcloud)
Microsoft	Ransom:Win32/Genasom
Arcabit	Trojan.Generic.D3EBD26
ZoneAlarm	Trojan.Win32.Poweliks.jrx
GData	MSIL.Trojan-Ransom.Cryptear.O
McAfee	Artemis!AD042E3CD1FF
MAX	malware (ai score=88)
Malwarebytes	Ransom.FileCryptor
Panda	Trj/CI.A
TrendMicro-HouseCall	Ransom_CRYPCUTE.SMXF
Yandex	Trojan.Filecoder!Zx46lqqHN/4
Fortinet	MSIL/Filecoder.BQ!tr.ransom
AVG	Win32:Malware-gen
Paloalto	generic.ml

How to remove Trojan.Win32.Poweliks.jrx?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

How to remove “Trojan.Win32.Poweliks.jrx”?