Is there a way to protect MBR from rootkits?

My question arises from the fact all virtualising programs now admit they can't protect the MBR from rootkits such as TDL&Co.,apart from Diskshot which has not been translated yet.

I use three pcs with three different configurations which i'd like to protect,please bear in mind computers 2&3 run GRUB as i dual boot Ubuntu:

1-Windows7:Comodo CIS5+ToolwizTimeFreeze and MBAM,Superantispyware free on demand

2-XP (GRUB): Sandboxie + ToolwizTimeFreeze and
Comodo AV,MBAM,Superantispyware on demand

3-netbook Windows7(GRUB): Sandboxie + ToolwizTimeFreeze and Comodo AV,MBAM,Superantispyware on demand.

In computer 1 I also do routinely scans with MBAR (Malwarebytes anti rootkit prog) and KasperskyTDDS.

What I'm planning is doing the above plus perhaps a new image every now and then ( two weeks?) whether i need it or not, just to reinstate the MBR.
(I wonder if you can successfully backup and recover just the MBR with PARAGON )
(I also wonder if the new Comodo V6 with its Kiosk can take care of MBR threats...)

Any suggestion/advice on this matter regarding the MBR and/or my setup is more than welcome,thanks.

 

i use one, in korean. check my signature.

 

Yes, you can. It is possible to backup just the MBR or the Track0.

 

@flamerz,thank you for suggesting
nProtect MBR Guard
I'm in the process of familiarizing with it via the couple of threads i found here at Wilders,which i had read ,but had forgotten about.
There are pro&cons in its use it seems and i'm trying to check it out against the similar application of AppGuard.

@Robin A. ,you mean it is safe to check for recovery of just and only Track0/MBR and nothing else?
Have you ever tried that?

 

I found out now that Shadow Defender site is working ok and offering the updated versions at
http://www.shadowdefender.com/download.html

Perhaps the costly,but easy solution for me would be to just substitute ToolwizTimeFreeze with ShadowDefender as the latter does take care of the MBR -as i gather from a few Wilders threads.

 

The best protection against MBR Rootkits is a "clean" Windows System Partition" Image.

It is my understanding that many of the Software MBR guard's protect the MBR using their Window's Driver. It is possible for the MBR to get infected if the infection occurs before the MBR guard's Window's Driver loads.

 

@TheKid7,
I am not sure to what section you refer to given the fact that a " Windows System Partition" is defined as:

So,are you referring to 'hardware software',BIOS or small Windows7 100-200 MBS system partition?

Or do you mean just a simple 'image' of the System Partition taken with an imaging program?

Please clarify, i am very interested.

I take it you imply that MBR guarding software do not guard at all-at least potentially-as they can be beaten up by malware the way you depicted......

That is why ,to cut it short, I've preferred ,at least for the time being, to install right now Shadow Defender,whose defending properties vs ZeroAccess,TDDS and the likes have been well expounded in Wilders threads.
I hope i'm not wrong about that, in anycase i'd have paid only a few bucks for a software which can virtualise the whole disk and not a part of it.

 

@Robin A., yes what you say makes sense and is a clear possibility.