Can emsisoft anti-malware remove a boot sector virus?

[josephwcarrillo]

How deep or low level will anti-malware scan for viruses? Can it detect even the lowest level virus such as one hiding in the bios? I have heard this is what boot sector viruses do.

[Lynx]

Hi josephwcarrillo, welcome to the forum

1st, there is no such security out there that can protect you 100%.

It does not exist & expecting that is a pure utopia

Then "boot sector viruses" & poisoning BIOS are pretty much different matters including techniques behind those

Antivirus (any), since you asked about "scanning" cannot be considered being the best guardian at all including the matter you've raised

At the same time, have a look at the description (and items) stated by EAM's Behavioral Blocker, for example - that's very much more sophisticated and that may protect you, but still you (we) must have an experience in order to react to alerts

Say, poisoning BIOS should involve some firmware re-flashing utility to be run

I never encountered the malicious one yet, but when running the legit Tool, which I'm using often in order to upgrade BIOS I am Alerted ...IF... EAM or Mamutu is active

.... but honestly I would switch off any security when upgrading BIOS, because I do know what I'm doing & where I got the Flash Utility from

My regards

[H_D]

Hi, josephwcarrillo

The boot sector is the first area of a hard drive that is read when your start your computer. The boot sector contains the information required to locate the data on the drive and information about the operating system that is installed on the drive and how the operating system can be started (booted).

Malware can infect a BIOS as detailed in this article from a couple of years ago. As said, the only way to fix that would be to flash the BIOS with a new clean version. Even better, as the article also recommends is to password protect the BIOS. But, as Lynx has pointed out, any software that attempts to infect the BIOS while EAM is running should be detected either by its signature or the behaviour blocker. But, if you boot from a start-up disk that is infected, that can infect your system.

So, as the BIOS is not something that an anti-malware solution would normally scan, there is not much protection for it other than what is described above. However, any infection of the boot sector can usually be fixed by most anti-malware solutions. Always, as Lynx implies, check the sources of any BIOS updates you D/L, and also scan startup disks before you use them.