Zvi said:
The reference is useless because of the opposite, as it doesn't answer the only
question that matters: How to recover the lost partition and boot ability.
clearly the idea of breaking a difficult problem into smaller simpler
problems - and conversely building up an answer to a difficult problem
from the answers to simpler sub-problems - is something you don't
ascribe to...
[snip]
My guess is that what caused the problem is something of the sort you advised,
i.e. trying to get rid of the virus with AV.
and my guess is that it was more likely the generic (and wrong) 'fdisk
/mbr cleans bootsector viruses' advice...
This is a possibility too in Baphomet's case, although I don't think that this
is what happened, since the OP didn't mention FDISK, but he mentions having
tried AV.
it wouldn't be the first time someone brought a virus problem to the
group without listing (or in some cases even having) a complete set of
the procedures attempted so far...
Besides, you twist things: I don't recommend FDISK /MBR as a
standard solution to BSI (and certainly didn't recommend it here, although you
make it sound as if I did), FDISK is far from being a panacea, and FDISK /MBR
isn't part of InVircible, although you make it sound like it is.
?? maybe it's an issue of english not being your native tongue, but i
made no reference to your product nor your advice... i fail to see
where you're drawing these inferences...
the generic and wrong 'fdisk /mbr cleans boot sector viruses' advice is
in reference to the generic and wrong advice that has been floating
around the internet and other forums for as long as i can remember...
part of the background noise of bad advice, if you will... any
long-standing participant in av forums should be able to remember a
variety of instances when the advice has popped up - it's why there's a
section in the alt.comp.virus faq against warning against fdisk /mbr...
[snip]
I realize that your ideas haven't progressed a bit since FIDONET.
Quite
fossilized and formalistic ones for such a young fellow.
well, you know what opinions are like, don't you...
Attempting the removal of boot infectors with conventional AV is like playing
Russian roulette, as sometimes is FDISK /MBR. Whether you like it or not, FDISK
/MBR has higher success scores when dealing with boot infectors compared to AV,
while the latter has killed far more drives in the process. Deal with that.
deal with what? an assertion with no supporting evidence? should i take
your word as an authority in spite of your vested interest?
there are voluminous examples of conventional av's removing bsi's
properly archived for posterity by google groups...
Besides, I am no partisan of FDISK /MBR either.
never said you were...
As to why that is, the simple answer is that AV products aren't tested, nor
certified, for properly fixing virus damage,
not true... some tests/certifications do involve virus removal... not
vtc or virus bulletin, perhaps, but others do... i seem to recall a
certain someone (whom shall remain nameless) shilling for icsa (i
think) certs. on that very basis...
[snip]
It doesn't suggest anything of the sort. If anything at all, the above suggests
that the poster is clueless and could use some real help. As an old timer here
you should know that "writing to C" does not imply that he can access sector
0/0/2 which is outside the reach of the OS,
he doesn't say he's "writing to C"... in fact he doesn't actually say
where he's writing anything - chalk it up to ambiguous grammar if you
like...
perhaps he didn't express what he's doing as accurately as you would
like... perhaps he does indeed think of physical and logical drives
interchangeably and therefore calls his first physical disk "C"... but
if he's writing a copy of the boot record then he must have read it
from somewhere, and if he can read it from where it is and write it to
where it's supposed to go what more do you want?
at any rate, i've given him the benefit of the doubt (clue-wise) that
you apparently would rather not give him... whatever - to each their own...
