Monday, December 1, 2014

Trojan.powerliks!gm Removal Guide

I found an infection called Trojan.powerliks!gm in my computer yesterday. This virus was found by my security tool yesterday and I could not delete it myself. I feel tired as it can come back again and again on my PC after deletion. Then I used another antivirus program, but still couldn’t clean it off. The Trojan keeps coming back over and over again. I hate to see the warning alerts about this infection from my security software every time I boot up PC!!! Any help would be appreciated!


Trojan.powerliks!gm Description:

Just as its name implies, Trojan.powerliks!gm is classified as a Trojan horse. It usually arrives on the machine along with third-party freeware. It should be noted that many Trojan horses are imbedded into the installation folders of free software, and usually they have a file name which looks legitimate, such as JPG.EXE and TXT.EXE, so that they can mislead users into running the malicious files. This Trojan is able to confuse its real file attributes by utilizing the characteristics of Windows operating systems. A majority of users may treat those Trojan files as an normal picture or document and then tempt to click to open or run them. Once infected, it comes bundled with spyware, adware and malware on your computer. It may drops harmful codes to your registry to corrupt your system severely. So, the hacker will try every way to achieve his aim of implanting the Trojan horse into the targeted computer system. Besides, Trojan.powerliks!gm can use the latest programming language and programming technology to convince users to think that their PCs are in danger. Since antivirus detection depends on the feature code in a program, hackers will inject legal code into the Trojan horse in order to escape from detection and removal by common antivirus program.

Like other malicious Trojan horses, this threat is not only responsible for destroying computer system, but also monitoring activities on the infected computer for the purpose of stealing sensitive information which may include IP address, usernames and passwords of different sites, online banking account details, etc. In the old days, Trojan horses were just written and spread to play tricks on users or pry into their privacy. Recently, they are utilized to infect PCs via networks and steal victims’ confidential information to make illegal profits. When you surf the Internet, it pops up numerous advertisements, error messages and fake alters on your screen out of nowhere. Worse still, it can steal your credit card numbers, bank accounts, logon names, passwords, identity information and other valuable information by using keyloggers for illegal purposes.

However, take immediate and thorough action to remove Trojan.powerliks!gm completely from your computer before further damage and data loss. If you are not good at computer and worry that you would make any serious mistake during the removal process, then we suggest that you use an automatic removal tool instead.


Effects of Trojan.powerliks!gm:

1. It can help remote criminal to take over control the entire system without notice.
2. It can cause program damage as well as system crash.
3. It disables your executable programs and blocks you to access the Internet.
4. It can record sensitive information stored on the affected machine.


Manual Removal Tips

Trojan.powerliks!gm has been known as a highly risky Trojan horse that stealthily installs in your computer. To completely delete Trojan.powerliks!gm, manual removal will be a good option if you have sufficient skills of the computer. What’s more, this Trojan horse collects personal information without your knowledge. It is strongly suggested this Trojan horse be removed as early as possible. You can follow the manual removal guides listed below to get rid of it.

Step 1: Restart your computer in Safe Mode with Networking.
Turn off your infected computer and then select Restart to boot it up.
Hit F8 key multiple times until Windows Advanced Options Menu shows up.

Use the up and down arrow keys to select “Safe Mode with Networking” option when the Windows launches, and then hit Enter key to proceed.

Step 2: Open Windows Task Manager and end its running processes.
Press Ctrl + Alt + Del or Ctrl + Shift + Esc keys simultaneously to start Windows Task Manager.
Go to the processes, scroll down the list to find out its running processes related to the Trojan. And then end them all by right-clicking on “End Process” button.

Step 3: Delete all the files associated with the Trojan from your PC.

%AllUsersProfile%\[random]
%AppData%\Roaming\Microsoft\Windows\Templates\[random]
%AppData%\Local\[random].exe

Step 4: Get rid of the registry entries of the Trojan from Registry Editor.
Press Windows + R keys and type regedit into the Run box, and then click on OK to open Registry Editor.

Search for and get rid of the registry entries relevant to the Trojan as listed below. It is important to back up your Windows in case of data loss before any file changes.

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Random
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “CertificateRevocation” =Random
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run\Random.exe

Step 5: After all the steps above are done, please restart your computer normally to apply these changes.


Conclusion

Trojan.powerliks!gm can badly threaten your computer. As it is mentioned that though many Trojan horses always pretend to be harmless, they do perform unwanted and malicious activities in the infected computers. Manual removal is as risky as it sounds, especially for a regular PC user. Once it settles down, this Trojan horse will start its payloads. This Trojan threat will change system settings and help display commercial pup up to mess up the system. This Trojan horse is very difficult to remove since it has rootkit technique and can hide deep in the system. Using a powerful automatic removal tool will be the wise choice to get rid of the vicious Trojan horse.



No comments:

Post a Comment