tech blog

Boot Sector Viruses

Boot sector Viruses occur in the Master Boot Record (MBR). The Master Boot Record acts like an Air Traffic Controller. It directs data through the different partitions and along the different segments to the different sectors. Boot Sector viruses infect the Master Boot Record and inject files into the Operating System. One of the most famous boot sector viruses is the Michael Angelo Virus

RootKit Viruses

Rootkit Viruses by their very nature obscure the fact that they are doing nefarious things. They hide their processes from the different type of security scanners (Anti Virus, Spyware etc…). The often modify the operating system in such a way that hides the Rootkit Virus from being detected.

Removal of Rootkits is often easiest by formatting and reinstalling the Operating System.

Worms

Worms can be introduced to the environment in a number of ways including a Trojan horse or malicious code on a website and then is spread to the machines on the local subnet. Worms typically infect some part of the operating system that is known to have an exploit. Usually the OS manufacturer will issue a patch to cover the exploit. However, not everyone gets patches. The worm looks for all the unpatched machines on the local subnet and infects them. This can create a great botnet of workstations working together to a) slow the network down, b) collective attack a site or service, or c) to collect information on a grand scale.

Trojan Horses

As mentioned in the section on Worms, Trojan horses are bad. End users who are not particularly adept at using computers are the most vulnerable to an attack via Trojan horse. In 1999, thousands of computers were infected with Trojan horses as a result of a spamming blitz. The spam said that “You can view naked pictures of Anna Kornikova” and all you had to do was click on the link. Never mind the fact that Anna Kornikova was 15 at the time and erotic pictures of her would be classified as Child Pornography and illegal. Thousands of men clicked the link. The more tricky websites told the end users that all they needed to do was download a special “viewer” to view the pictures. The special “viewer” was of course a Trojan horse that infected the workstation, there obviously were no photos and IT technicians were kept very busy for months cleaning up the aftermath.

Program Viruses

Program viruses were the more typical viruses especially in the early 1990’s, Program viruses typically have the .exe, .com and .vbs extensions and don’t infect the workstation until they are opened or run.

Stealth or Sneaky Viruses

These types of viruses hide under the radar. They avoid detection by most anti-virus software e.g. (Norton, TrendMicro, Avast etc…). This class of virus changes shape, type and size to avoid detection. It often takes using a specially formulated removal tool to remove this class of virus.

Macro Viruses

Macro viruses were common a few years ago, but thanks to the added security that Microsoft has built into its office suite added security that prevents unauthorized macros from running. Macro viruses would hide in word or excel spreadsheets and infect the workstation when opened. Bad people would create “helpful” templates and post them online. These not so helpful templates would infect the computer when the end user would open them.