You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

52 lines
1.7 KiB

#### General
###### Is the student able to explain clearly how we can manage the startup programs in windows?
###### Is the student able to explain clearly how he get the ip of the attacker from the malware?
###### Is the student able to explain clearly how his program works?
Files that must be inside your repository:
- Your program source code.
- a README.md file, Which clearly explains how to use the program.
###### Are the required files present?
##### Evaluate the student's submission
Create a Windows virtual machine
Add mal-track.exe (<../resources/mal-track(Fynloski%20sample%2C%20ON%20VM%20ONLY).zip>) to anti-virus exceptions
##### Launch the mal-track.exe program
###### Does it exist in the task manager?
##### Launch the student program
###### Does the program developed by the student kills the malware process.
> Open task manager CTRL+ALT+DEL or Windows key+R -> msconfig.
###### Has mal-track.exe been killed from task manager?
###### Does the program developed by the student removes our malware from the start of the machine?
> Open Registry Editor Windows key+R -> regedit
###### Is maltrack not located in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run?
###### Is maltrack not located in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce?
###### Is maltrack not located in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run?
###### Is maltrack not located in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce?
> The attacker's IP address is "127.0.0.1"
###### Does the student program display the attacker's IP address?
###### Can the student trace the IP address of the attacker manually with an hexadecimal editor?