TIP: Click on subject to list as thread! ANSI
echo: alt-comp-anti-virus
to: ALL
from: DUSTIN
date: 2014-10-30 10:48:00
subject: Re: Who has caught a viru
B00ze/Empire  wrote in
news:m2s0ot$6l6$1@dont-email.me: 

> On 2014-10-27 21:21, Dustin  wrote:
> 
>> RayLopez99  wrote in
>> news:bb7eac56-c205-4cb4-b03f-20cd457eeca4@googlegroups.com:
>>
>>> I've not. I surf porn sites that supposedly have viruses/malware
>>> on them, and last I caught even some PUP was years ago.
> 
> Depends on what you use to browse, and how up to date you are with
> Flash etc. If you block javascript for instance, you're not going
> to be infected that way...
> 
>> I'm sure I can find you some websites that wouldn't be safe to
>> surf on. Virus guy posts alot of interesting urls....
> 
> Indeed.
> 
>>> Some of you are technicians, so have you seen any
>>> malware/viruses on systems that employ a quality AV like
>>> Microsoft Security Essentials or Windows Defender?  Nope. Didn't
>>> think so. 
> 
> I see crap like "Conduit" every week where I work; amazing how
> people will just click "Next" to anything...
> 
>> Actually, I have, yes. I recently (three days ago actually)
>> removed the first Poweliks.A that I've seen ITW from a clients
>> machine. This wouldn't technically be a virus though; but it's
>> certainly malware. 
>>
>> Are you familiar with it? It lives in the registry and has no
>> actual file presence on the machine otherwise. Do you know how to
>> remove it? 
>> :)
> 
> So HOW do you remove it? If I recall, RegEdit will not let you
> delete the key, so what's the trick? Please tell :-)

Hehehehe.. It's piss easy. First, stop explorer.exe, then terminate 
all dllhost processes. Make sure you leave yourself a console prompt 
and have sysinternals regdelnull utility. :)

Remove the registry keys that you can with regedit, finish up by 
running the utility I mentioned above on ALL the system hives.

Restart the computer. confirm the new registry entries aren't being 
written; if they are, you didn't follow my directions, re-read and 
redo. They are fixed location entries.


 


-- 
If you can read this, Thank a teacher.
If you're reading it in english, Thank a soldier!


--- NewsGate v1.0 gamma 2
* Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.