Skip main navigation

Persistence mechanisms

Article detailing the mechanisms of malware persistence.

Malware can be persistent or non-persistent. Malware persistence simply refers to the ability to survive a program closing down (such as a browser for example) or a computer being rebooted. Non-persistence simply means the opposite. Malware will not run following the restart of a program or the rebooting of a computer.

Persistence will require a mechanism to restart the malware. The following are the methods used to enable this:

• Windows Registry

• Start-up scripts & related

• Start-up folders

• Task scheduler

• System processes/services

• Infected files

• Other Triggers

We will take a closer look at these persistent mechanisms in this section.

© PA Knowledge Ltd | 7Safe Training
This article is from the free online

Introduction to Digital Forensics: Malware Analysis and Investigations

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now