In the embodiments described herein, a malicious code detection module identifies potentially malicious instructions in volatile memory of a computing device before the instructions are executed. The malicious code detection module identifies an executable file, such as an .exe file, in memory, validates one or more components of the executable file against the same file stored in non-volatile storage, and issues an alert if the validation fails.
展开▼