Malware on Windows system

Jump to latest Follow Reply
Trevor Chandler

Trevor Chandler

Well-known member
Jul 4, 2020
62
73
  • #1
    Question:
    Why is malware that runs as a Windows service more difficult for the average end user to detect?

    Choices:
    A. Because services run in the User mode

    B. Because services run in the background and do not interact with the users

    C. Because all services run automatically when the system boots up

    D. Because services run in the Kernel mode


    Your Answer:

    Note: 1 week detention if your response is incorrect!!!!
     
    • Like
    Reactions: Fanuel, Mohamed MS and MOHAMMAD SOAEB
    Michael Schmitz

    Michael Schmitz

    Well-known member
    Aug 9, 2021
    320
    300
    Germany
    www.linkedin.com
  • #5
    Trevor Chandler said:
    Question:
    Why is malware that runs as a Windows service more difficult for the average end user to detect?

    Choices:
    A. Because services run in the User mode

    B. Because services run in the background and do not interact with the users

    C. Because all services run automatically when the system boots up

    D. Because services run in the Kernel mode


    Your Answer:

    Note: 1 week detention if your response is incorrect!!!!
    Click to expand...
    C & D are Plain wrong..
    A: it does not matter where they run for the Enduser when looking for Malware..
    B is the only Answer that makes sense.
     
    • Like
    Reactions: Tess Sluijter
    Rick Butler

    Rick Butler

    Well-known member
    • Aug 8, 2019
    1,874
    7
    3,388
    Colorado Springs, CO
    www.intellitec.edu
  • #6
    Gregory Childers said:
    Answer: Because the end user is non-technical. That's what they pay tech people to do.
    Click to expand...
    While B is right, Greg's answer is very much correct, because this is what's being leveraged - user ignorance.

    Thinking like a bad guy - if I'm going to put persistent malware on a system in a way that is not readily detected by the user, disguising it as a service is a common thing to happen.

    /r
     
    • Like
    Reactions: Kwabena Fred and Michael Schmitz
    Trevor Chandler

    Trevor Chandler

    Well-known member
    Jul 4, 2020
    62
    73
  • #7
    Gregory Childers said:
    Answer: Because the end user is non-technical. That's what they pay tech people to do.
    Click to expand...
    Gregory Childers said:
    Answer: Because the end user is non-technical. That's what they pay tech people to do.
    Click to expand...
    Greg, you must be a disciple of Mr. Rick Butler! Providing a response, outside of choices that were listed is definitely something that Mr. Butler would do. Anyway, in addition to your response being incorrect, you've earned an additional week of detention for coloring outside the lines :)
     
    Rick Butler

    Rick Butler

    Well-known member
    • Aug 8, 2019
    1,874
    7
    3,388
    Colorado Springs, CO
    www.intellitec.edu
  • #9
    Trevor Chandler said:
    Greg, you must be a disciple of Mr. Rick Butler! Providing a response, outside of choices that were listed is definitely something that Mr. Butler would do. Anyway, in addition to your response being incorrect, you've earned an additional week of detention for coloring outside the lines :)
    Click to expand...
    Greg's not my disciple, Trevor; he's his own brand. We just happen to think a lot alike on things - which means, since you're basically outnumbered on it, we'll be remanding you to the CIN detention hall with your box of crayons for 2 hours of practice on network drawings.

    And yes, the best way to defend against bad guys is to think like them - to crawl in their sandbox and down that hole to learn the dark arts, re-emerging dirty yet wiser...

    Or, in the words of Mr. Raymond Reddington...

    1703721960940.png
     
    • Like
    • Wow
    Reactions: MOHAMMAD SOAEB, BrianFord and Trevor Chandler
    Gregory Childers

    Gregory Childers

    Well-known member
    • Oct 22, 2019
    403
    715
    Safety Harbor, FL
    www.linkedin.com
  • #10
    Trevor Chandler said:
    Greg, you must be a disciple of Mr. Rick Butler! Providing a response, outside of choices that were listed is definitely something that Mr. Butler would do. Anyway, in addition to your response being incorrect, you've earned an additional week of detention for coloring outside the lines :)
    Click to expand...
    Troublemakers tend to hang out together.....
     
    • Like
    Reactions: Hod Berman and Michael Schmitz
    Trevor Chandler

    Trevor Chandler

    Well-known member
    Jul 4, 2020
    62
    73
  • #12
    Rick Butler said:
    Greg's not my disciple, Trevor; he's his own brand. We just happen to think a lot alike on things - which means, since you're basically outnumbered on it, we'll be remanding you to the CIN detention hall with your box of crayons for 2 hours of practice on network drawings.

    And yes, the best way to defend against bad guys is to think like them - to crawl in their sandbox and down that hole to learn the dark arts, re-emerging dirty yet wiser...

    Or, in the words of Mr. Raymond Reddington...

    View attachment 1545
    Click to expand...
    Mr. Butler, you're attempt to drop a lump of coal in my Christmas stocking will not succeed. You're too late - Santa was extremely kind to me :) Now, because we're in the season of "Peace on Earth", I'm going to leave my lightsaber powered off. However, as sooooooooooon as the season is done, you'd better lookout!!! Oh, by the way, Happy Holidays :)
     
    Fanuel

    Fanuel

    Well-known member
    • Nov 17, 2020
    594
    541
    35
    Lilongwe, Malawi, Central Africa
    www.dbc-malawi.org
  • #14
    Rick Butler said:
    Well, Mr. Kringle has always had a soft spot for hard luck cases. But that's okay. It's January 2 and it's time to get back to work. The coffee's brewed and I found a delightful toy under my tree...

    View attachment 1551

    Hopefully you didn't indulge too much on cookies and egg nog.
    Click to expand...
    Happy new Year
     
    You must log in or register to reply here.
    Top Bottom
    Jump to latest Follow Reply
    Jump to latest Follow Reply
    Home
    Media
    Resources
    Menu