CIS 442: Chapter 2 Viruses
Jan 02, 2016
Malewares
• Maleware classifications and types• Viruses• Logical and time bombs• Trojan horses and backdoors• Worms• Spam• Spyware
Operating systems tasks
• Booting and resetting• Managing volumes and files• Managing executable programs and processes• Managing memory• Handling interrupts
Viruses
• Definition and history• Viruses for mainframe and PCs• Propagation or infection• Payload or damage• Trigger• Replication• Virus polymorphism
Virus propagation
• From file to file and from computer to another.
• Looking for executable, and similar files• Memory resident viruses• Infected software, email attachement
Classification
• File infector viruses• Shell viruses• Non-overwriting viruses• Overwriting viruses• Intrusive viruses• Boot sector viruses• Multipartitie viruses
• Memory resident viruses• BSI Boot sector viruses• Differences between BSI and file infectors• Bootstrap loader and virus hiding methods
File infector viruses infection methods
• Shell viruses• Overwriting• Non-overwriting• Intrusive• File attributes: Size, CRC(hash), MAC, code
inside, access permissions
Companion-multipartitie Viruses
• File association• DOS execution sequence (com, bat, exe).• Multi-File infector and BSI viruses: advantages
and challenges
Macro and Script Viruses• Macros programs, examples• Examples and characteristics of Macro Viruses• Protection against Macro viruses.