Detecting of the boot virus.

Boot viruses are the viruses that infect boot-sector of hard disk. Hard-disks contain programs that determine boundaries and size of logical drive or launch operating system. First of all one should check up content of the sector, which may be infected. Some of the boot viruses are easy for detection as they display some kinds of textual messages. Other boot viruses may be detected by absence of textual messages that are usually present at boot-sectors. Those messages are names of system files and error messages. Absence of head-line of the boot sector or changes of it may also be an indicator of boot virus penetration to the operating system. In case of operating any system except Windows 95 those viruses saves at head-lines of floppy disk's boot-sector random messages.

Boot viruses that infects master boot recorder of hard disk are easy to be detected, as standard MS-DOS loader of master boot recorder has rather small volume, but after virus' penetrating the code's length increase. There are also viruses that integrate itself into loader and change no textual messages and sectors' head-lines. They also make almost no changes in the loader code. In most cases it's enough of formatting of the floppy disk by means of uninfected computer to detect the virus. You should save floppy disk's boot-sector as file and than work with floppy on the infected computer for some time to infect it once more. Than you have to compare the boot sector of infected floppy with the original boot-sector that is saved in uninfected computer. As soon as you notice any changes of boot-sector code you may concern yourself a virus-catcher.

Written above is a description of elementary boot virus. There are also boot viruses that use more difficult ways of infection. For example viruses that change only 3 bytes of Disc Portion Table as infecting master boot sector; more over those bytes are correspond to address of an active boot-sector. To detect and identify virus of this type one have to perform detailed examination of boot-sector's codes, one may need to perform full analysis of virus's operating algorithm. These ways of detecting and identifying of the boot viruses is appropriate for standard operating systems and standard ways of disks' memory distribution. In case when disks were formatted with the help of applet that have nothing in common with DOS and are not its part one will have to analyze algorithms of bootees operating and managing for virus detecting.

As you can see there's nothing impossible in our life. Even if you now a very few about computer operating you can deal with virus problem anyway. There are no viruses that are totally impossible to be detected, identified and disposed. Some kinds of the viruses are very easy for detecting and disposing and the other are harder, but all of them are not eternal. Viruses and antivirus software are created by programmers, so if one programmer is skilful enough to create a virus there is one who is skilful enough to detect it and dispose.