Known and unknown Win Autostart Methods

Hi malware fighters,

It is good for us what are methods for Windows autostart, lot of trojans etc. use these, here they are presented:
http://newdata.box.sk/2001/may/auto.txt

Greets,

polonus

nice info ;D

i love this stuff,for years i would look at the multitude of system folders and wonder at what they did ??

im pasting it now 8)
regards

im pasting it now
Why past when it's esier to download. Rightclick on the link and then select [b]Save Target as[/b] that will allow you to download the file.

Just keep in mind that this list is far from complete.
Windows are very complicated system, and people keep finding new ways to make it run a (malicious) piece of code automatically.

Hi Igor,

I am not stating there that the list is complete, it is just to let people think about what can take place.
How does malware get onto a computer? Well with everything that can be used to transmit data. All that can transport data, can transport malicious nodes (mail, CD, DVD, diskette, active modem, ISDN, Network Cable, remote drives etc. etc.)
However malware must be run to turn into malicious, ergo the recipe must be prepared to be poisonous, this is done through vulnerabilities in an OS or by trick, (buffer-overflow - cross-site scripting-SQL injection, SQL manipulation) but the biggest vulnerability always sits in front of the keyboard, and also developers of software make errors. This is the human factor.

How you can be protected against this?
preventing programs from executing malware automatically. Browser pop-ups and messages should be critically met and addressed by the user, and not just clicked away, never execute or run things that you cannot trust or could know that it cannot be trusted. Never use any programs you do not really need. Check all software that could run or execute non-trusted data (mail, office programs like Word etc.). Do not use software with bad security policy and do not use programs with full user rights if you do not absolutely need to use Admin Rights.

These are some of the things users can do the prevent being infested,at least to minimize the risk of being infested.

polonus

This list is very old and misses many of the new ways malware is launched, you are much better off using a utility like Autoruns to see what is starting where. It is much more comprehensive and very easy to use. This utility also lets you look per user.


Another useful utility program to see what starts up at the beginning is What’s Running which can be found at … www.whatsrunning.net/ … and it is free for personal use. Click on the Startup tab at the top. Should you find something running that should not be, right clicking a listing brings up a menu for controlling the item. Be careful, though, you do not want to stop the program(s) you really need!


There is also Online Process checker which might come in handy.
More info can be found in HERE