Protect Against Directory Viruses

It seems as if you can never have enough security for your computer these days.  Online scams are on the rise as attackers have found ways to manipulate email traffic, online transactions and even DNS servers.  One wrong move on the net, and your computer can be easily compromised or worst, your identity stolen. 

The threat of viruses remains to be one of the biggest problems facing internet users.  These nasty infections find you via email, compromised site or perhaps from a file that appeared to be a legitimate program. Just like it's human counterpart, a computer virus has the ability to spread it's infection throughout the victim's system and distribute itself from host to host.  Without proper security, you are open to an array of attack, welcoming virtual annihilation and the physical destruction of your computer.                                             

While a virus falls under the category of malware, which is described as piece of software attached with a malicious code, it is a classification of its own with many different variations.  One of the most common types of viruses are known as file infectors, parenting another class of it's own, many of which are categorized as directory viruses.

Attacking your Directory

As the name indicates, a directory virus functions by infecting the directory of your computer.  A directory is simply a larger file that contains information about other files and sub-directories within it.  The general information consists of the file or directory name, the starting cluster, attributes, date and time and so forth.  When a file is accessed, it scans the directory entry in search of the corresponding directory.  There it is able to locate the starting cluster which is an index to the FAT (File Allocation Table).  The FAT contains the addresses for all subsequent clusters until the last cluster is indicated by a marker like this: 0xFFF (16-bit FAT). 

A directory virus inserts a malicious code into a cluster and marks it as allocated in the FAT.  This prevents it from being allocated in the future.  The virus then saves the first cluster and forces it to target other clusters, indicating each file it wants to infect.  The malicious code typically contains an extension such as COM. (command) or EXE. (execute) which executes the virus.  

Changing Your Directory Paths

An operating systems finds files by searching for directories and files on the hard drive that form paths.  A directory virus will modify the paths that indicate location, manipulating them to execute and infect clean files, spreading itself throughout the system.  In most cases you can successfully run the file you request while simultaneously launching the infectious program with no knowledge of the activity.  After the virus has run it's course, the original files may be impossible to locate deeming many of your programs useless.  When this occurs, you generally have two options: restore the files from a backup, which may prove pointless on a compromised machine, or install an anti-virus program to relocate the misplaced files, detect the infected ones and keep other viruses out your system.   

Log in or sign up to comment.

Post a comment

Log in or sign up to comment.

With the advent of wireless Internet, more and more computer users are entering the world of cyber space.

Yet, while these users are well aware of the importance of the protection of their computer when hooked up to regular internet providers, they are often oblivious to the fact that the same cyber dangers, and in fact even more, exist in the world of WiFi.

What you may not know is that same Internet connection that makes it possible to check your email from the comfort of your bed also makes it easier for hackers to access your personal information.

It is for this reason, the sharing of the wireless Internet connection, that protecting your computer when wireless is even more important than ever before.