Showing results for 
Search instead for 
Did you mean: 

Poweliks" Malware Uses Windows Registry to Avoid Detection

Community Leader

Poweliks" Malware Uses Windows Registry to Avoid Detection

Commnet: New Trojan that uses Windows registry to hide.


By Eduard Kovacs on August 04, 2014


Researchers at Trend Micro have analyzed a new Trojan that uses the Windows registry to hide all its malicious code, the security company reported on Friday.

The threat, detected by Trend Micro as TROJ_POWELIKS.A or "Poweliks", is designed to provide attackers with system information which they can use for other operations, but is also capable of downloading additional pieces of malware onto infected computers.

Once it infects a system, Poweliks checks if the Windows PowerShell tool is present. If it's not, the program is downloaded by the malware and installed. PowerShell is used to run an encoded script file containing the Trojan's executable code. Because the code is not executed by Windows or any other application directly, it helps the threat avoid detection, the security company explained.


SecurityWeek/ Full Article Here/

Community Leader

Community Leader

Re: Poweliks" Malware Uses Windows Registry to Avoid Detection

This pattern of malware and trojans attacking the registry has been around, the names change but businesses need to change as well by allocating resources to security. 




Experience Shared is Knowledge Shared, Share Yours! I'm a volunteer – my reward is your SMILE!Smiley Very Happy

Helpful Webroot Links:

                         Submit Trouble Ticket • User Guides • BrightCloud URL lookup • Account Console 

Download (PC) • Download (Best Buy/Geek Squad Subscription) • Download (Walmart and Target) • Download (MSN Subscription) 

                                         Register and Introduce yourself to The Community!