http://betanews.com/wp-content/uploads/2015/08/malware.jpg
Removing malware is often a complex and time-consuming task, even for security experts. But as Bitdefender has reported, sometimes, just occasionally, the most effective technique can be extremely simple.
Like, turn your PC off, and on again.
The surprising news is based on a detailed study of the banking Trojan Dridex, and the considerable efforts it makes to avoid detection.
In particular, the malware doesn’t have a permanent Registry key to launch itself when your PC starts. Instead, it waits for a system shutdown or restart, saves its code to a file and only then creates its "startup" Registry key. On launch it removes the Registry entry and there’s nothing to see.
It’s a clever technique, and worth remembering when you’re using Autoruns -- or anything else -- to examine your startup programs. You may not be seeing as much as you thought.
But this also means that if you simply pull the plug rather than shutting down/ restarting/ sleeping your system, Dridex doesn’t get a chance to save itself, and won’t launch when your PC next restarts.
full article
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.