Where Malware Hides

Previous page
Table of content
Next page

With few exceptions (e.g., notably the SQL Slammer and Code Red worms), almost every malware program programmatically exploits Windows to ensure its continued survival. Table 1-1 contains the most extensive listing of where malware can hide in a Windows system of any publication. In summary, malware tries to use applications, files, folders, registry keys, and other mechanisms that are automatically executed when Windows (or another common program) starts. The forthcoming lessons in the remaining chapters are based upon defending Windows computers against these common malware exploitation techniques.

New exploits methods are added every month. Go to www.wrox.com to get an updated list.

If you felt this comprehensive list was overwhelming, you can find some comfort in the fact that almost all automated malware hides in the HKLM\Software\Microsoft\Windows\CurrentVersion\Runregistry key. If you suspect a malware program, go there first, but Table 1-1 will help you locate malware when that particular registry key does not reveal the rogue program.


Previous page
Table of content
Next page
Professional Windows Desktop and Server Hardening
Professional Windows Desktop and Server Hardening (Programmer to Programmer)
ISBN: 0764599909
EAN: 2147483647
Year: 2004
Pages: 122
Authors: Roger A. Grimes
BUY ON AMAZON
Absolute Beginner[ap]s Guide to Project Management
MySQL Cookbook
An Introduction to Design Patterns in C++ with Qt 4
File System Forensic Analysis
Extending and Embedding PHP
Special Edition Using FileMaker 8
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy