Windows Security Tutorials - Herong's Tutorial Examples - Version 3.00, by Dr. Herong Yang
Common Ways of Malware Executions
This section provides a quick introduction of some common ways how malware (Malicious Software) get executed again after installation on Windows systems.
In order for malware to infect your Windows system, it needs to be executed at least once. In most cases, the malware only tries to install itself to your system during this initial execution.
Once a malware is installed on Windows system, it needs to be executed again to perform malicious activities. Here are some common techniques used by malware to get executed after its installation.
As a Web Browser Add-on - A larger number of malware will be installed as an add-on to a Web browser, so that the malware will executed whenever you run the browser.
As a System Service - A larger number of malware will be installed as a system service on Windows systems, so that the malware will be executed whenever you restart your system.
As a Startup Program - A larger number of malware will be installed as a startup program on Windows systems, so that the malware will be executed whenever you restart your system.
As a Scheduled Task - Some malware will be installed as a scheduled task on Windows systems, so that the malware will be executed based on the date and time schedule.
As a Hijacked System Program - Some malware will be installed to hijack a commonly used system program. For example, a malware can replace the system program cmd.exe with its own malicious version. So whenever you run cmd.exe, the malicious version gets executed.
As a Bogus Freeware - Some malware will hide inside a bogus freeware. The freeware may perform genuine functionalities. But whenever you run the bogus freeware, the malware will also be executed.
Table of Contents