SoylentNews

How the Poweliks Malware Hides its Registry Keys and How to Remove it

posted by LaminatorX on Thursday December 18 2014, @08:27AM   
from the key-without-a-lock dept.

bootsy writes:

The linked article, posted just over a week ago, has a nice walk through of how the Poweliks malware makes itself hard to detect and remove on Windows along with details of how you can actually get rid of it.

http://www.kahusecurity.com/2014/registry-dumper-find-and-dump-hidden-registry-keys/

The key point is using the old hack of non-ASCII character in the keys.

It also comes with a link to download the tools used in the Article.

• How to Remove Poweliks (and every other malware) How to Remove Poweliks (and every other malware) (Score: -1, Flamebait) by Anonymous Coward on Thursday December 18 2014, @09:47AM

  by Anonymous Coward on Thursday December 18 2014, @09:47AM (#127111)

  1. Install a GNU/Linux system [gnu.org]

  Starting Score:	0		points
  Moderation		-1
  Flamebait=1, Total=1
  Extra 'Flamebait' Modifier		0
  Total Score:		-1

• Re:How to Remove Poweliks (and every other malware Re:How to Remove Poweliks (and every other malware (Score: 0, Troll) by c0lo on Thursday December 18 2014, @11:24AM

  by c0lo (156) on Thursday December 18 2014, @11:24AM (#127120) Journal

  1. Install a GNU/Linux system

  Ok, done. Now, would you be so kind to get us through step 2:

  "2. How to Remove systemd (and every other malware)"

  ??

  --
  https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford

  Parent

  • Re:How to Remove Poweliks (and every other malware (Score: 2) by Arik on Thursday December 18 2014, @06:21PM

    by Arik (4543) on Thursday December 18 2014, @06:21PM (#127214) Journal

    Dont install it in the first place.
    
    Use Slackware/libre (no systemd not even an option) or Gentoo (optional, not needed.)

    --
    If laughter is the best medicine, who are the best doctors?

    Parent