{"id":76232,"date":"2014-11-05T14:13:56","date_gmt":"2014-11-05T12:13:56","guid":{"rendered":"http:\/\/onsoftware.en.softonic.com\/?p=76232"},"modified":"2025-07-02T00:22:35","modified_gmt":"2025-07-02T07:22:35","slug":"windows-malware-threat-poweliks-lives-in-windows-registry","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/windows-malware-threat-poweliks-lives-in-windows-registry\/","title":{"rendered":"Windows malware threat Poweliks lives in Windows Registry"},"content":{"rendered":"<p>A <strong>new trojan<\/strong> for <a href=\"http:\/\/news.en.softonic.com\/b\/windows\" target=\"_self\" rel=\"noopener noreferrer\">Windows<\/a> has been discovered that&#8217;s particularly hard to detect. Called <strong>Poweliks<\/strong>, instead of being a malicious file, it&#8217;s located in a subkey in a registry of Windows, very unusual for malware. Poweliks is distributed by more traditional  methods like email attachments and through &#8216;angler&#8217; exploits via Adobe Flash and Java.<\/p>\n<p>Once installed in the registry, Poweliks can <strong>receive commands<\/strong> from remote attackers, as with many trojans. One function of Powelik is  click fraud. This is &#8216;invisible&#8217; clicks on Internet adverts to create revenue for sites, as internet advertisers have to pay for every click on their ads.<\/p>\n<p>Symantec say Powelik can be found by <a href=\"http:\/\/norton-antivirus.en.softonic.com\/\" target=\"_self\" rel=\"noopener noreferrer\">Norton Antivirus<\/a>, running a full system scan, but removal may require replacing the infected Windows system file with a Windows installation CD.<\/p>\n<p>It&#8217;s also been known to attack using Flash and Java security exploits, so it&#8217;s very important that you keep these up to date, as older versions are easy prey for malware (this is good advice any time). The other main way of distribution, email attachments, is easier for you to control &#8211; never click on attachments from sources you don&#8217;t trust, whatever the subject or content of the email.<\/p>\n<p>According to Symantec, Poweliks threatens all versions of Windows up to Windows 7, so <strong>Windows 8\/8.1 users need not worry<\/strong>. Nevertheless, keeping all of your apps and software up to date while being vigilant about malicious email is still a necessity.<\/p>\n<p><em>Source: <a href=\"http:\/\/www.symantec.com\/connect\/blogs\/trojanpoweliks-threat-inside-system-registry\" target=\"_blank\" rel=\"noopener noreferrer\">Symantec<\/a>, <a href=\"http:\/\/www.heise.de\/newsticker\/meldung\/Perfider-Schaedling-haust-in-der-Registry-2442082.html\" target=\"_blank\" rel=\"noopener noreferrer\">Heise.de<\/a><\/em><\/p>\n<h3>Related Stories<\/h3>\n<p><a title=\"Best free antivirus\" href=\"http:\/\/features.en.softonic.com\/best-free-antivirus\" target=\"_self\" rel=\"noopener noreferrer\">Best free antivirus<\/a><\/p>\n<p><a title=\"Mozilla bringing DuckDuckGo to Firefox 34\" href=\"http:\/\/news.en.softonic.com\/mozilla-bringing-duckduckgo-to-firefox-34\" target=\"_self\" rel=\"noopener noreferrer\">Mozilla bringing DuckDuckGo to Firefox 34<\/a><\/p>\n<p><a title=\"The 7 scariest cyber security breaches of 2014\" href=\"http:\/\/features.en.softonic.com\/the-7-scariest-cyber-security-breaches-of-2014\" target=\"_self\" rel=\"noopener noreferrer\">The 7 scariest cyber security breaches of 2014<\/a><\/p>\n<p style=\"text-align: right\"><em>Follow Jonathan on Twitter: <a href=\"https:\/\/twitter.com\/jonathanriggall\" target=\"_blank\" rel=\"noopener noreferrer\">@jonathanriggall<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A new trojan for Windows has been discovered that&#8217;s particularly hard to detect. Called Poweliks, instead of being a malicious file, it&#8217;s located in a subkey in a registry of Windows, very unusual for malware. Poweliks is distributed by more traditional methods like email attachments and through &#8216;angler&#8217; exploits via Adobe Flash and Java. Once &hellip; <a href=\"https:\/\/cms-articles.softonic.io\/en\/windows-malware-threat-poweliks-lives-in-windows-registry\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Windows malware threat Poweliks lives in Windows Registry&#8221;<\/span><\/a><\/p>\n","protected":false},"author":2019,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":0},"categories":[],"tags":[],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-76232","post","type-post","status-publish","format-standard","hentry"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/76232","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/2019"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=76232"}],"version-history":[{"count":1,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/76232\/revisions"}],"predecessor-version":[{"id":329881,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/76232\/revisions\/329881"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=76232"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=76232"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=76232"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=76232"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=76232"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=76232"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}