Boot sector virus

  • Thread starter Thread starter Andrew Wilson
  • Start date Start date
A

Andrew Wilson

Googled but still very confused.
Running Win XP Pro with SP3.
Just done a Norton Ghost successfully but when it had finished and rebooted
it put up 'Boot Sector Virus Continue Y/N'.
I wanted the machine back up so clicked Y and everything seems to be fine
but have I still got a boot sector virus or not? Difference of opinion on
many forums/sites. How do I scan and repair the boot sector if I have got a
virus?
Many thanks
Andrew Wilson
 
David H. Lipman said:
Then there probably is no Boot Sector Infector.

However, you can use my Multi-AV Scanning Tool to verify this.

Use the Avira and/or Sophos module.
Click to expand...
Thanks, Dave will give it a try tomorrow.
Regards
Andrew Wilson
 
You must have enabled to halt the system if there is a change to the
boot sector in your BIOS. When you format the HD for the very first
time, the OS needs to write to the boot sector; Also, if you are
restoring the system from the Ghost image files, again boot sector needs
to be written to. This being the case, if you have enabled to be
alerted of any changes to the boot sector in your BIOS then you are
likely to get this false positive alert message.

I doubt if you really have any viruses. I would rely on MSE to keep the
gateways secure and to keep monitoring for any other system abnormalities.

hth


Andrew said:
Googled but still very confused.
Running Win XP Pro with SP3.
Just done a Norton Ghost successfully but when it had finished and rebooted
it put up 'Boot Sector Virus Continue Y/N'.
I wanted the machine back up so clicked Y and everything seems to be fine
but have I still got a boot sector virus or not? Difference of opinion on
many forums/sites. How do I scan and repair the boot sector if I have got a
virus?
Many thanks
Andrew Wilson
Click to expand...

--

cHECK THESE LINKS OUT BOY!
HTTP://WWW.MYITTECH.CO.UK
HTTP://WWW.MYTAXNEWS.CO.UK
HTTP://WWW.HTML-CSS.CO.UK
HTTP://WWW.MYTAXHELP.CO.UK
HTTP://WWW.MYUKTAXHELP.CO.UK
HTTP://WWW.TAXWIKI.ORG.UK
HTTP://WWW.UKTAXSITE.CO.UK
HTTP://WWW.MYUKTAXHELP.COM
HTTP://WWW.UKTAXHELP.COM
HTTP://WWW.UKTAXSITE.COM
 
Tester said:
You must have enabled to halt the system if there is a change to the
boot sector in your BIOS. When you format the HD for the very first
time, the OS needs to write to the boot sector; Also, if you are
restoring the system from the Ghost image files, again boot sector needs
to be written to. This being the case, if you have enabled to be
alerted of any changes to the boot sector in your BIOS then you are
likely to get this false positive alert message.

I doubt if you really have any viruses. I would rely on MSE to keep the
gateways secure and to keep monitoring for any other system abnormalities.

hth




--

cHECK THESE LINKS OUT BOY!
HTTP://WWW.MYITTECH.CO.UK
HTTP://WWW.MYTAXNEWS.CO.UK
HTTP://WWW.HTML-CSS.CO.UK
HTTP://WWW.MYTAXHELP.CO.UK
HTTP://WWW.MYUKTAXHELP.CO.UK
HTTP://WWW.TAXWIKI.ORG.UK
HTTP://WWW.UKTAXSITE.CO.UK
HTTP://WWW.MYUKTAXHELP.COM
HTTP://WWW.UKTAXHELP.COM
HTTP://WWW.UKTAXSITE.COM
Click to expand...

Tester
Thanks for this. By the way what would have happened if I had pressed N
instead of Y?
Regards
Andrew Wilson
 
Andrew said:
Tester
Thanks for this. By the way what would have happened if I had pressed N
instead of Y?
Regards
Andrew Wilson
Click to expand...

If you pressed N instead of Y then the operating system won't install.
The reason being, the OS needs to write the necessary disk statistics in
the boot sector so that it can create the necessary FAT - File
Allocation Table.

hth
 
David H. Lipman said:
Then there probably is no Boot Sector Infector.
Click to expand...
Curious, why would the file system matter? AIUI, the Boot Sector is
independent of file system. Also, I've seen NTFS systems infected
with boot sector infectors (recent Alureon variants, especially) so
they certainly aren't immune...

--
Zaphod

Arthur: All my life I've had this strange feeling that there's
something big and sinister going on in the world.
Slartibartfast: No, that's perfectly normal paranoia. Everyone in the
universe gets that.
 
David H. Lipman said:
Its not the same for a Boot Sector Infector which targets FAT not
NTFS.
Click to expand...
And so we come full-circle. Are you saying that an NTFS boot sector
is immune to infection somehow, or only that viruses that target FAT
boot sectors can't infect NTFS boot sectors?
 
Back
Top