Tuesday, March 19, 2024

Boot Sector Virus

What is a Boot Sector Virus

On every disk, hard drive, floppy disk, CD-ROM, etc., there is a boot sector. When a computer first uses a disk, it first reads the boot sector of the disk.

A few years ago , they were the most prevalent viruses. They use the 16-bit DOS to infect the Boot Sector of a floppy disk and then this floppy disk will infect the Master Boot Record (MBR) and the hard drive.

Once the MBR is infected, the Virus will attempt to infect the Boot Sector of every floppy disk that is used and accessed with this computer.

The Boot Sector Virus hides itself on the first sector of a disk. This is how the Virus is loaded into memory before the System files. This procedure allows the Virus to gain complete control of DOS interrupts making the spreading easier.

It is common practice that a Boot Sector Virus replaces the original contents of the MBR or DOS boot sector with their own contents and also moves the sector to another area in the disk.

The cleaning of a Boot Sector Virus can only be done by booting the affected Computer with an uninfected floppy System Disk or by finding the original Boot Sector and moving it to the correct location on the Disk.

An Infamous one was Michaelangelo Boot Sector Virus it was first reported in April 1991 in Sweden and the Netherlands. The scare hits front pages as media predict it could wipe out millions of hard drives. A few thousand were affected.

This virus got its name as it activated on March 6th which is the famous artists birthday. When activated it will erase important parts of the hard disk, in particular the system area of the hard disk. The hard disk will no longer boot and will need to be reformatted to make the drive work again.

Back To Computer Section Home Page

Comments are closed.