1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

MBR

Discussion in 'A+' started by zero, Sep 19, 2005.

  1. zero

    zero Bit Poster

    16
    0
    12
    Hi all,

    Does anybody know if formatting the Hard drive alone can remove viruses from infected MBR (Master Boot Record)??

    Or, it has to be Fdisk then Formatting?

    Thanks in advance. :)
     
    Certifications: A+, Network+, Security+
  2. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,199
    125
    199
    If you perform an FDISK what you are doing is removing the partitons, and upon recreating them you create a new MBR.

    Don't think that a format of an existing partition alone will fix MBR viruses.

    8)
     
  3. Veteran's son

    Veteran's son Megabyte Poster

    915
    2
    55
    Couldn't the MBR be replaced by a command
    at the command prompt without formatting
    and partitioning? :)
     
    Certifications: A+
    WIP: N+
  4. tripwire45
    Honorary Member

    tripwire45 Zettabyte Poster

    13,493
    179
    287
    Certifications: A+ and Network+
  5. Boycie
    Honorary Member

    Boycie Senior Beer Tester

    6,281
    85
    174
    Zero,
    Do you know the name of the virus that you are dealing with?
     
    Certifications: MCSA 2003, MCDST, A+, N+, CTT+, MCT
  6. zero

    zero Bit Poster

    16
    0
    12
    Ok, but i read in a forum that sometimes if you scan your hard drive it may not find the virus and that it's advisable to make antivirus diskettes and scan from outside the windows.

    what do you think guys?
     
    Certifications: A+, Network+, Security+
  7. Boycie
    Honorary Member

    Boycie Senior Beer Tester

    6,281
    85
    174
    Zero,
    It depends on what Anti-virus software you use. All the subscribed ones usually scan the boot sector. As you say it is wise to make a set of boot discs before the PC is infected so to help you get rid of it. Let us know how you get rid of it.
     
    Certifications: MCSA 2003, MCDST, A+, N+, CTT+, MCT
  8. tripwire45
    Honorary Member

    tripwire45 Zettabyte Poster

    13,493
    179
    287
    You've got a couple of options. You can use TrendMicro's online virus scanner for free. You can also download McAfee's Stinger and can your machine that way as well.

    Here's the link to the online scanner:

    http://housecall.trendmicro.com/

    Here's the link to McAfee's Stinger:

    http://vil.nai.com/vil/stinger/

    BTW, did you look at the Microsoft link I posted earlier. It seemed to recommend *not* using Fdisk under these circumstances.
     
    Certifications: A+ and Network+
  9. zero

    zero Bit Poster

    16
    0
    12
    well,from what i understood, i think that what Microsoft talked about was the Fdisk/mbr command that is not supposed to be used.

    As, for the Fdisk there is no problem. :rolleyes:

    actually i dont know the virus i am dealing with as i am using Norton and after the scan it didnt catch any viruses, thats why i ll use the bootable diskettes.
     
    Certifications: A+, Network+, Security+
  10. Veteran's son

    Veteran's son Megabyte Poster

    915
    2
    55
    The fdisk/mbr command was the one I was talking about;
    with that, you can replace the MBR. :)

    Now that you mention it, I seem to recall that there
    were times that command should not be used. :oops:

    Anyhow, I wish I could have been more help, zero. :(
     
    Certifications: A+
    WIP: N+
  11. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    The only time that you shoudn't use the /mbr switch is when you have an 'overlay' like maxblast. These hide in the MBR and following sectors to translate calls to drives that the motherboard otherwise wouldn't support.

    If a virus gets in such a system then the whole drives will usualy vanish anyway!

    fdisk /mbr is normaly useful to kill boot sector viruses. However, I have to say that despite what you read in the A+ books these are rare these days.

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  12. Veteran's son

    Veteran's son Megabyte Poster

    915
    2
    55
    Thanks for your reply, Harry! :)
    The overlay was the situation I was thinking of
    as when not to use the fdisk/mbr switch.
     
    Certifications: A+
    WIP: N+
  13. hbroomhall

    hbroomhall Petabyte Poster Gold Member

    6,623
    115
    224
    Glad to be of help!

    Harry.
     
    Certifications: ECDL A+ Network+ i-Net+
    WIP: Server+
  14. zero

    zero Bit Poster

    16
    0
    12
    Thanks guys, I'll go ahead and try .
     
    Certifications: A+, Network+, Security+

Share This Page

Loading...