Don't miss an insight. Subscribe to Techopedia for free.


Memory-Resident Malware

What Does Memory-Resident Malware Mean?

Memory-resident malware is a type of malware that inserts itself into a computer or device in a particular way, loading its own program into permanent memory. This causes unique problems for security systems and professionals trying to maintain the integrity of a system and its security tools.


Memory-resident malware is also known as an ephemeral infection.

Techopedia Explains Memory-Resident Malware

One problem is that memory-resident malware typically does not leave traces on a disk in the way that non-resident programs do. The data transfers related to non-resident malware attacks are clearer and easier to detect, because of the forensic data left behind during operations. Because memory-resident malware do not leave these telltale signs, they are harder to clean.

Additionally, memory-resident malware does not have to be executed, meaning that it can run continually in the background and infect parts of a system based on user events. Tactics like disk imaging and on-access scanning can be effective in removing memory-resident malware. In some cases, rebooting a system can help. Some antivirus programs are also made to be effective against memory-resident malware.

Another feature of memory-resident malware programs is that they tend to block their own removal. Programs resident in RAM enjoy some protections that make it more difficult to remove these types of malware. In general, memory-resident malware is a big concern to security professionals and an issue for modern anti-virus and anti-malware programs.


Related Terms