Home » Troubleshooting

How to protect MBR and system applications from viruses

17 August 20082 Comments

How to protect MBR and system applications from viruses

I was using my PC which has Windows XP and found it became very slow. After a few minutes, it said something wrong and said if this is the first time, restart the PC. I restart my PC but cannot finish the booting anymore.
I then use Window98 startup to boot from ‘A: \’ and then did scandisk which was finished in no time.
I also checked the share folder from other linking PC and cannot find any share folder anymore.

Then I came to know that actually the problem was due to the virus attack in the bootsector. A boot sector virus can cause a variety of boot or data retrieval problems. In some cases, data disappears from entire partitions. In other cases, the computer suddenly becomes unstable.

Often the infected computer fails to start up or to find the hard drive. Also, error messages such as “Invalid system disk” may become prevalent.

Once I lost my exe setup files of all software and lot of times my system files, my precious data

Understanding how viruses work on your system

Viruses are nothing but is a program that produces copies of itself and inserts them into other programs or files, and that usually performs a malicious action (such as destroying data).

Boot sectors viruses are same like other viruses, but they are few but affect your system badly. Some common boot sector viruses include Monkey, Form, Stoned,

NYB (also known as B1)

Worms is program is a computer program that consumes your resources and makes your system slow.

Boot sector viruses infect or substitute their own code for either the DOS boot sector or the Master Boot Record (MBR) of a PC. The MBR is a small program that runs every time the computer starts up. It controls the boot sequence and determines which partition the computer boots from. The MBR generally resides on the first sector of the hard disk.

Since the MBR executes every time a computer is started, a boot sector virus is extremely dangerous. Once the boot code on the drive is infected, the virus will be loaded into memory on every startup. From memory, the boot virus can spread to every disk that the system reads. Boot sector viruses are typically very difficult to remove, as most antivirus programs cannot clean the MBR while Windows is running.

How to protect systems MBR, system applications and files:-

  • You can configure some CMOS setups to prevent writing to the boot sector of the hard drive. This may be of quite useful against boot sector viruses. However, if you need to reinstall or upgrade the operating system, you will have to change the setting back to make the MBR writable again.
  • Using more than one antivirus is also a good practice, as told here.
  • Precautions :-

Backup your files.

Keep your antivirus updated, and keep the real time protection enabled.

Keep your disk write-protected.

Keep your applications write protected.

First try to recover else Quarantine your files or simply delete them for your system safety.

  • My personal experience says, Symantec / Norton Antivirus software’s are good to remove Boot sector viruses, AVG can be used as a light weight counterpart for this purpose.

No tags for this post.

2 Comments »

Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.