This content has actually been archived, and is no much longer maintained through Indiana University. Information right here may no much longer be accurate, and links may no much longer be accessible or reliable.

What boot sector viruses do

Boot ar viruses epidemic or substitute their own code foreither the DOS boots sector or the understand BootRecord (MBR) that a PC. The MBR is a small program that runs every timethe computer system starts up. The controls the boot sequence and determineswhich partition the computer boots from. The MBR usually resides onthe an initial sector of the tough disk.

You are watching: A ____ virus infects the master boot record of a hard disk drive.

Since the MBR executes every time a computer is started, a boot sectorvirus is very dangerous. Once the boot code on the journey isinfected, the virus will certainly be loaded into memory on everystartup. Native memory, the boots virus have the right to spread come every disk the thesystem reads. Boot sector viruses are commonly very daunting toremove, as most antivirus programs cannot clean the MBR when Windowsis running. In most cases, the takes bootable antivirus disks such together aSymantec/Norton AntiVirus (SAV/NAV) rescue set to properlyremove a boots sector virus.

Some usual boot sector viruses incorporate Monkey, NYB (also recognized asB1), Stoned, and also Form.


A boot sector virus can reason a selection of boot or data retrievalproblems. In some cases, data disappear from whole partitions. Inother cases, the computer suddenly i do not care unstable. Often theinfected computer fails to start up or to discover the hard drive. Also,error messages such together "Invalid device disk" may come to be prevalent.

How lock spread

Boot ar viruses space usually spread by infected floppy disks. Inthe past, these were typically bootable disks, yet this is no longer thecase. A floppy disk does not should be bootable come transmit a bootsector virus. Any type of disk can reason infection if that is in the journey whenthe computer boots up or shuts down. The virus can also be spreadacross networks from record downloads and also from email paper attachments.In most cases, all write-enabled floppies supplied on an infected computer willthemselves pick up the boot sector virus.

In the past, setup the computer to boot very first from theC: (hard) drive and also then the A: (floppy)drive, or never ever to boot from the A: drive at all, was areasonable precaution versus boot ar viruses. This is no longerthe case, as viruses space now much more dangerous and spread in more ways.

You have the right to configure some CMOS setups to prevent writing tothe boots sector that the hard drive. This may be of some use againstboot ar viruses. However, if you have to reinstall or update theoperating system, you will have to readjust the setup back to make theMBR writable again.

For much more information on boot sector viruses and also viruses in general,see:

Precautions and also damage control

Prevention is commonly a matter of vigilance and also avoiding call withunknown disks. The following suggestions will assist keep her systemsand data safe:

The ideal protection versus boot ar viruses is the exact same asagainst viruses in general: a good antivirus regime with up-to-datevirus definitions. Antivirus programs perform two vital things: Scan for and remove viruses in files on disks back up your files, so the you deserve to restore lock if a virusdamages them.

Note: If you back up a paper that is currently infectedwith a virus, you deserve to re-infect your system by restoring records fromthe back-up copies. Inspect your backup files through virus scanningsoftware before using them.

save your original application and also system disks locked(write-protected). This will prevent a virus from dispersing to youroriginal disks. If you need to insert one of your application floppy disks right into anunknown computer, lock it first. Unlock your application disk onlyafter verifying that the computer system is cost-free of viruses. Quarantine any infected computer. If you find that a computeris infected v a virus, immediately isolate that from other computers.In various other words, disconnect that from any kind of network that is on. Don"t allowanyone come copy or move papers from it till the whole system has actually beenreliably disinfected.

See more: Ob Research On Job Performance And Individual Characteristics Draws Primarily From Studies In

Some that this details was adapted from an post in theUITS publication computing Times Online.