Protect Against Directory Viruses

It seems as if you can never have enough security for your computer these days.  Online scams are on the rise as attackers have found ways to manipulate email traffic, online transactions and even DNS servers.  One wrong move on the net, and your computer can be easily compromised or worst, your identity stolen. 

The threat of viruses remains to be one of the biggest problems facing internet users.  These nasty infections find you via email, compromised site or perhaps from a file that appeared to be a legitimate program. Just like it's human counterpart, a computer virus has the ability to spread it's infection throughout the victim's system and distribute itself from host to host.  Without proper security, you are open to an array of attack, welcoming virtual annihilation and the physical destruction of your computer.                                             

While a virus falls under the category of malware, which is described as piece of software attached with a malicious code, it is a classification of its own with many different variations.  One of the most common types of viruses are known as file infectors, parenting another class of it's own, many of which are categorized as directory viruses.

Attacking your Directory

As the name indicates, a directory virus functions by infecting the directory of your computer.  A directory is simply a larger file that contains information about other files and sub-directories within it.  The general information consists of the file or directory name, the starting cluster, attributes, date and time and so forth.  When a file is accessed, it scans the directory entry in search of the corresponding directory.  There it is able to locate the starting cluster which is an index to the FAT (File Allocation Table).  The FAT contains the addresses for all subsequent clusters until the last cluster is indicated by a marker like this: 0xFFF (16-bit FAT). 

A directory virus inserts a malicious code into a cluster and marks it as allocated in the FAT.  This prevents it from being allocated in the future.  The virus then saves the first cluster and forces it to target other clusters, indicating each file it wants to infect.  The malicious code typically contains an extension such as COM. (command) or EXE. (execute) which executes the virus.  

Changing Your Directory Paths

An operating systems finds files by searching for directories and files on the hard drive that form paths.  A directory virus will modify the paths that indicate location, manipulating them to execute and infect clean files, spreading itself throughout the system.  In most cases you can successfully run the file you request while simultaneously launching the infectious program with no knowledge of the activity.  After the virus has run it's course, the original files may be impossible to locate deeming many of your programs useless.  When this occurs, you generally have two options: restore the files from a backup, which may prove pointless on a compromised machine, or install an anti-virus program to relocate the misplaced files, detect the infected ones and keep other viruses out your system.   

(0 Comments)
Log in or sign up to comment.

Post a comment

Log in or sign up to comment.

A computer crash can occur at anytime and on any computer.

By backing up your files--personal documents, financial records, and digital pictures--you can ensure that you will never loose your precious and irreplaceable information.

There are many ways one can back up a computer: special equipment or online programs, which are becoming increasingly popular, can help you to create a sort of 'insurance policy' for the protection of all of your computer-based data.