Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Questions Regards How Malware Hides And Is Installed As A Service On Windows


  • Please log in to reply
4 replies to this topic

#1 Storm123

Storm123

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 13 May 2008 - 08:20 PM

After I've read the tutorial on "How Malware hides and is installed as a service on Windows NT/XP/2000/2003", I've learned alot of things about services! However, I still have some questions regarding to it. I know that a service is launched by its corresponding value of ServiceDLL, or the actual service file used to start the service in the registry. My questions are:
1)If the service for a certain program had stopped, such as Windefend service had stopped. Will I still be able to run Window defender?
2)If the value of ServiceDLL for a particular service is missing, changed or corrupted, will the service still able to run? Will it ever happen?
3)If a service does not have a group name specified, does that mean it is lanunched by Window?
4)My last question is what confuse me the most, I want to want what's the difference between processes and services?

I will be really really appreciative if someone can answer these question, and thanks to Bleeping computer for writing such helpful tutorial, benefit me alot :thumbsup:

BC AdBot (Login to Remove)

 


m

#2 rigel

rigel

    FD-BC


  • BC Advisor
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:06:09 AM

Posted 15 May 2008 - 11:28 AM

Hi Storm123,

I moved this topic out of the tutorials section. One of our malware members should be along shortly to answer your questions.

Thanks,
rigel

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith


#3 Storm123

Storm123
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 15 May 2008 - 05:07 PM

Can you tell me what section you move this topic to? thanks

#4 rigel

rigel

    FD-BC


  • BC Advisor
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA
  • Local time:06:09 AM

Posted 16 May 2008 - 08:07 PM

Antivirus,Firewall and Privacy Products and Protection Methods

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith


#5 Storm123

Storm123
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:09 AM

Posted 17 May 2008 - 06:51 PM

Can someone anwser my questions? thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users