Dark Reading - Evil Bytes: Detecting Viral Persistence

/Home/Internet Security: Blogs/Internet Security: Dark Reading blog/Dark Reading: Evil Bytes

Persistence is something that malware strives to achieve. If malware cannot survive the monthly reboot due to the Microsoft patch cycle or the usual Windows troubleshooting process (reboot first!), then it's going to have a short lifetime and little effectiveness. There are a few exceptions to the rule in terms of persistence.

by John Sawyer
Dec 9, 2009

Things like "downloaders," whose sole function is to grab additional pieces of malware and run them, don't need to stay resident after they've done their job. However, the malware retrieved by the downloader almost always includes functionality for itself to stay resident on a system. A recent experience with a very persistent malware that I'd read about reminded me of a recent blog that listed startup locations in Windows.

Click the URL above to read the full article