Skip main navigation

£199.99 £139.99 for one year of Unlimited learning. Offer ends on 28 February 2023 at 23:59 (UTC). T&Cs apply

Find out more

Persistence mechanisms

Article detailing the mechanisms of malware persistence.
© PA Knowledge Ltd | 7Safe Training


Malware can be persistent or non-persistent. Malware persistence simply refers to the ability to survive a program closing down (such as a browser for example) or a computer being rebooted. Non-persistence simply means the opposite. Malware will not run following the restart of a program or the rebooting of a computer.

Persistence will require a mechanism to restart the malware. The following are the methods used to enable this:

• Windows Registry

• Start-up scripts & related

• Start-up folders

• Task scheduler

• System processes/services

• Infected files

• Other Triggers

We will take a closer look at these persistent mechanisms in this section.

© PA Knowledge Ltd | 7Safe Training
This article is from the free online

Introduction to Digital Forensics: Malware Analysis and Investigations

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education