Skip main navigation

New offer! Get 30% off one whole year of Unlimited learning. Subscribe for just £249.99 £174.99. New subscribers only. T&Cs apply

Find out more

System processes/services

Article detailing the mechanisms of malware persistence by use of running processes or services.
System processes/services

Running processes or services can also execute programs or load files as part of their function. This can therefore load files containing malicious code.

Additional information…

Complex malware may well have a minder program or service running monitoring it. Should the malware process be terminated, the minder process or service will restart the malware to maintain the infection.

One example is the Dark Comet remote access Trojan (RAT). This malware has a minder program running which will restart the malware in the event it’s process is unexpectedly terminated whilst the computer is running. Information about Dark Comet is readily available on the World Wide Web.

Dark Comet Graphic

© PA Knowledge Ltd | 7Safe Training
This article is from the free online

Introduction to Digital Forensics: Malware Analysis and Investigations

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now