Index[SYMBOL]
[A]
[B]
[C]
[D]
[E]
[F]
[G]
[H]
[I]
[J]
[K]
[L]
[M]
[N]
[O]
[P]
[Q]
[R]
[S]
[T]
[U]
[V]
[W]
[X]
[Y]
[Z]
IAT page attributes IAT (import address table) 2nd hooking 2nd patches IBM Antivirus mismatches IBM systems REXX viruses 2nd 3rd ICA harvesting e-mail addresses using ICMP (Internet control message protocol) ICSA Labs IDA (disassembler) IDA (interactive disassembler) IDA command script (IDC) files IDA disassemblers 2nd 3rd 4th 5th IDC (IDA command script) files IDEA (virus) nondestructive payload viruses self-protection technique IDEA.6155 (virus) self-protection technique IDT entering kernel mode on Windows 9x 2nd "Igor's problem" IIS Web servers W32/Nimda.A@mm worm 2nd ImageBase field (PE header) images scanning IMP (Core War warrior program) Implant (virus) self-protection technique import address table (IAT) 2nd hooking 2nd patches import table (PE files 2nd 3rd 4th import table-replacing (infection technique) 2nd imports by ordinal 2nd "in the wild" viruses in-memory injectors over networks in-memory residency strategies
[See memory residency strategies] InCtrl tool indirection layers of INETINFO.EXE process INF/Vxer (virus) INF/Zox (virus) 2nd infection propagator of worms 2nd 3rd backdoor-compromised systems 2nd 3rd e-mail attachment inserters e-mail attacks 2nd instant messaging attacks 2nd NNTP attacks peer-to-peer network attacks 2nd SMTP proxy-based attacks 2nd 3rd SMTP-based attacks 2nd 3rd 4th 5th 6th infection techniques Amoeba 2nd appending viruses 2nd 3rd 4th 5th 6th boot viruses 2nd 3rd DBR (DOS BOOT record) 2nd 3rd in Windows 95 2nd MBR (master boot record) 2nd 3rd over networks 2nd cavity viruses 2nd 3rd classic parasitic viruses 2nd 3rd code builders 2nd 3rd companion viruses compressing viruses 2nd 3rd embedded decryptor 2nd 3rd embedded decryptor and virus body 2nd 3rd entry-point obscuring viruses 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th first-generation Windows 95 viruses 2nd 3rd fractionated cavity viruses 2nd 3rd 4th 5th header infection viruses 2nd KERNEL32.DLL infection 2nd lfanew field modification 2nd obfuscated tricky jump 2nd 3rd 4th on PE files 2nd overwriting viruses 2nd 3rd 4th PE (portable executable) file format 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th prepending viruses 2nd 3rd 4th 5th random overwriting viruses 2nd 3rd system loader comparison between Windows 95 and Windows NT 2nd 3rd 4th VxD-based viruses 2nd 3rd 4th W32/Simile virus 2nd W95/Zmist virus 2nd 3rd Win32 viruses, growth of 2nd infections goat files natural testing 2nd Infis (virus) 2nd 3rd 4th information query class 11 INI file viruses 2nd initialization W95/Zmist virus injected code detection shellcode blocking 2nd 3rd 4th 5th 6th 7th 8th injectors definition of 2nd in-memory injectors over networks inoculation 2nd input validation attacks 2nd MIME types 2nd W32/Badtrans.B@mm worm 2nd W32/Nimda.A@mm worm 2nd URL encoding 2nd installation of dedicated virus analysis systems 2nd installation script viruses 2nd installing memory-resident viruses under DOS 2nd 3rd instant messaging attacks worm infections 2nd instant messaging viruses 2nd Instant Virus Production Kit (IVP) instruction tracing (infection technique) INT 13h (interrupt handler) hooking 2nd hooking with boot viruses 2nd 3rd INT 21h (interrupt handler) hooking with file viruses 2nd 3rd 4th integrity checker programs integrity checking 2nd 3rd 4th Intel sysenter Intel Architecture Software Manuals intended debugger-dependent viruses intended viruses interactions between viruses competition 2nd 3rd cooperation 2nd 3rd sexual reproduction SWCP (simple worm communication protocol) interactive disassembler (IDA) intercept mode Internet control message protocol (ICMP) Internet Explorer MIME types 2nd Internet Relay Chat (IRC) worms interpreted environment dependency 2nd 3rd 4th 5th 6th 7th 8th 9th 10th 11th 12th 13th 14th 15th 16th 17th 18th 19th 20th 21st 22nd 23rd 24th 25th 26th 27th 28th 29th 30th 31st 32nd 33rd 34th 35th 36th 37th interrupt handlers memory scanning for 2nd Interrupt Request Packets (IRPs) Interrupt Spy (TSR program) Interrupt Spy tool interrupt vector table (IVT) 2nd calculations in interrupts calling with INT 1 and INT 3 2nd divide-by-zero exceptions entering kernel mode on Windows 9x 2nd generating exceptions hooking 2nd 3rd 4th 5th INT 1 and INT 3 on INT 13h (boot viruses) 2nd 3rd on INT 21h (file viruses) 2nd 3rd 4th in polymorphic decryptors undocumented DOS interrupts (Int 21h/52h) intrusion [See also NIDS] Invader (virus) invalidation exception frame pointers IP addresses scanning 2nd 3rd 4th 5th 6th IRC (Internet Relay Chat) worms IRC worms 2nd IRPs (Interrupt Request Packets) IsDebuggerPresent() API ISO images infecting IVP (Instant Virus Production Kit) IVT (interrupt vector table) 2nd calculations in |