+

Malware using Windows Task Scheduler

November 4, 2011


Windows Task Scheduler (AT.exe) is well known to us all, but the Stuxnet worm has introduced the Zlob variants and click-fraud Trojan Bamital which researchers have found are continuing to make use of the Windows Task Scheduler. Some of this malware and new malware variants (including APT-attacks) are injecting malicious code into the Windows Task Scheduler which then uses the tasks to remain in memory. A high number of malware will be found in the Task scheduler and a quick glance at Task Manager should help identify malicious use of your system memory. Quick tip: Use Sysinternals Autoruns which lets you see the scheduled tasks (including the hidden tasks).Comments

Tagged with:

Leave a Comment

Please keep in mind that comments are moderated and rel="nofollow" is in use. So, please do not use a spammy keyword or a domain as your name, or it will be deleted. Let us have a personal and meaningful conversation instead.

You must be logged in to post a comment.


IT MAGAZINES: Hakin9 Magazine | Pentest Magazine | eForensics Magazine | Software Developer's Journal | Hadoop Magazine | Java Magazine
IT Blogs: Hakin9 Magazine Blog | Pentest Magazine Blog | eForensics Magazine Blog | Software Developer's Journal Blog | Hadoop Magazine Blog | Java Magazine Blog
IT ONLINE COURSES: Pentest Laboratory
JOB OFFERS FOR IT SPECIALIST: Jobs on Hakin9 Magazine | Jobs on Pentest Magazine | Jobs on eForensics Magazine | Jobs on Software Developer's Journal | Jobs on Java Magazine | Jobs on Hadoop Magazine
Hakin9 Media Sp. z o.o. Sp. komandytowa ul. Postępu 17D, 02-676 Warszawa