How can a boot sector virus harm the computer?

A boot virus (also known as a boot infector, an MBR virus or DBR virus) targets and infects a specific, physical section of a computer system that contains information crucial to the proper operation of the computer's operating system (OS).

Though boot viruses were common in the early 90s, they became much rarer after most computer motherboard manufacturers added protection against such threats by denying access to the Master Boot Record (the most commonly targeted component) without user permission.

In recent years however, more sophisticated malware have emerged that have found ways to circumvent that protection and retarget the MBR (e.g, Rootkit:W32/Whistler.A).

How a boot virus infects

Boot viruses differ based on whether they target the Master Boot Record (MBR), the DOS Boot Record (DBR) or the Floppy Boot Record (FBR):

• The MBR is the first sector of a hard drive and is usually located on track 0. It contains the initial loader and information about partition tables on a hard disk.
• The DBR is usually located a few sectors (62 sectors after on a hard disk with 63 sectors per track) after the MBR, and contains the initial loader for an operating system and logical drive information.
• The FBR is use for the same purposes as DBR on a hard drive, but it is located on the first track of a diskette.

A boot virus can be further subdivided into either overwriting or relocating:

• An overwriting boot virus overwrites MBR, DBR or FBR sector with its own code, while preserving the original partition table or logical drive information.
• A relocating boot virus saves the original MBR, DBR or FBR somewhere on a hard or floppy drive. Sometimes, such an action can destroy certain areas of a hard or floppy drive and make a disk unreadable.

All boot viruses are . When an infected computer is started, the boot virus code is loaded in memory. It then traps one of BIOS functions (usually disk interrupt vector Int 13h) to stay resident in memory.

Once resident in memory, a boot virus can monitor disk access and write its code to the boot sectors of other media used on the computer. For example, a boot virus launched from a diskette can infect the computer's hard drive; it can then infect all diskettes that are inserted in the computer's floppy drive.

A boot sector virus is a type of malware that infects a computer's system boot partition or the Master Boot Record (MBR) of a hard disk. Boot sector viruses will attack the boot sector of a floppy disk or the boot sector of a hard disk to ensure that their code is run each time the computer is started.

The boot sector virus represents one of the earliest programs designed to attack and infect PC. Some common boot sector viruses include Elk Cloner, NYB, Stoned, and Michelangelo. 

Boot sector viruses are among three classes of viruses: macro viruses, file infectors, and boot-record infector viruses. Of the three types of viruses, boot sector viruses can be the most damaging. 

How Does the Virus Spread?

When a boot sector virus enters your system, it will infect the connected storage media. How does it spread is as follows:

• Email attachment. This is one of the common reasons for the spread of the boot sector virus. As you download the email attachment, the boot virus code comes with it and then affects the host computer.
• An infected USB drive or disk. Computers become infected when using an infected disk. A boot sector virus can spread through an infected USB drive or floppy disk. When you plug an infected USB drive into your computer, it will replace the existing boot sector code and infect it. 
• Third-party applications. If you install applications from the internet, they may contain boot sector viruses, and installing them can overwrite your current boot sector code.

The Effect of Infecting Boot Sector Viruses

Viruses can be a nightmare for computer users. Infecting the boot sector virus can cause a variety of problems, such as boot or data loss on Windows, for computer users:

• Boot sector viruses insert code into the startup section of a disk. Once infected, the disk may become unbootable. 
• Boot sector viruses, like most other malware, may cause your computer to slow down.
• Files on your computer may be encrypted or disappear after infecting the virus.
• The boot sector virus can also cause your computer to be unable to boot. It may boot to a blue screen, or the OS will not start, or a black screen with an error message may occur.

Measures to Getting Rid of Malware like Boot Sector Virus

Now, we have gotten intimate knowledge of the destructiveness of the virus. Fortunately, we can take many steps to help defend against the boot sector virus.

How does a boot sector virus affect the computer?

What are the harms of computer virus?

How is a boot sector virus spread?

Is boot sector virus harmless?