When you turn on a computer, the hardware looks for the boot sector program, which is usually on the hard disk (but can be on a CD/DVD or Flash Drive), and runs it. This program then loads the rest of the operating system into memory.
Boot sector malware replaces the original boot sector with its own, modified version (and usually hides the original somewhere else on the hard disk). The next time you start up, the infected boot sector is used and the malware becomes active.
Boot sectors are now used by some malware designed to load before the operating system in order to conceal its presence (e.g., TDL rootkit).
Back to Security Threats A-Z
Back to Threatsaurus Home