Jump to content
Bobn

Question About Windows Prefetch Files - I Also Asked This On The Clamav Fourm

Recommended Posts

I asked this on the Windows ClamAV forum but I think this forum and that one are different enough, as regards readership, that it might help to ask the question here. Let me know if this is inappropriate and that readers of either forum would see it posted in just one of  them.

****************************************************************************

If I were to explain why I'm asking this question, you would have a lot to read - it is rather involved and twisted.

 

Let me ask the question and see what happens. If more information is needed, I'll explain where I'm coming from on this.

 

Can a Windows prefetch file be a vehicle for malware?

 

That is, can malware be inserted into a prefetch file so that that malware could then be "used" to damage, etc a system?

 

My reading says No. Prefetch files contain data,not code, and are never "executed."

 

And I've also seen entries on the immunet.com forum - such as: http://support.immunet.com/index.php?/topic/242-default-exclusions/?hl=prefetch which seem to say that prefetch files cannot be dangerous and are actually excluded from their scanning.

 

So - can a prefetch file, or more generally, a file with file name extention .pf be used by a "bad" guy to make an attack?

 

And to add a twist to the question - could such an attack, if possible, be used against web sites on a shared Apache server installation on a system running Linux?

 

Bob

Share this post


Link to post
Share on other sites

The only way the prefetch files, in my view, can be used maliciously if the program that the files are associated with is a malicious or compromised (in some manner) third-party software program. I think that's where I would look first (installed software) if I suspected that was the case.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×