Will reformat cure all?

  • Thread starter Thread starter certsnsearches
  • Start date Start date
from the wonderful person said:
Sorry, I didn't read all the previous posts. Can you explain fdisk /mbr?
It's the' /mbr' bit that escapes me. I thought you couldn't repartition an
already partitioned disk.
Click to expand...

fdisk /mbr (or 'fixmbr' for WinXP users) just writes a new master boot
record. It =should= not screw up any existing partition table, although
if a boot sector virus has been in there and fiddled, then strange
things might indeed happen.
 
FromTheRafters said:
Short answer ~ no.

Longer answer ~ it depends on the virus and whether or not
the PC's OS is susceptible to BSIs.
Click to expand...

actually, bsi infection of the hard disk occurs prior to the OS loading
so it's therefore OS independant... what the OS can do is prevent the
bsi from operating/infecting once the OS has loaded so that further
infection of floppies won't occur...

so the longer answer should also be no since the question of which
virus was taken care of by the "any/all" modifier used and the
interaction of bsi's with later OSes doesn't prevent the the virus from
being there and needing removal...
 
GSV said:
Bitstring <[email protected]>, from the
wonderful person Sugien <[email protected]> said



Depends on what level you reformat =to=. If you low level format and
rewrite the MBR then everything is gone. Besides, it's been years since
I saw a boot sector virus in the wild.
Click to expand...

format doesn't do llf'ing, you need a specific tool from the hd
manufacturer... it's questionable whether llf'ing in the conventional
sense even does anything on modern drives anymore...
 
Peter wrote:
[snip]
Sorry, I didn't read all the previous posts. Can you explain fdisk /mbr?
It's the' /mbr' bit that escapes me. I thought you couldn't repartition an
already partitioned disk.
Click to expand...

fdisk /mbr rewrites the code portion of the master boot record with the
preset standard ms mbr code and if the (lame) integrity check fails
it will also null out the partition table... normally it won't do
anything to the partition table, though...
 
: > Our standard script:
: >
: > boot from floppy
: > fdisk /mbr
: > (write new autoexec)
: > reboot
: > format.
: >
: > That kill's em all and take 1 more reboot, maybe 30 secs longer.
: >
: > But, as you mention, there's not many "monkey" viruses around any
: more.
: >
: Sorry, I didn't read all the previous posts. Can you explain fdisk /mbr?
: It's the' /mbr' bit that escapes me. I thought you couldn't repartition
an
: already partitioned disk.


http://support.microsoft.com/defaul...pport/kb/articles/Q69/0/13.ASP&NoWebContent=1

Or just google "fdisk /mbr" and click the lucky button
 
GSV Three Minds in a Can said:
Depends on what level you reformat =to=. If you low level format and
rewrite the MBR then everything is gone. Besides, it's been years since
I saw a boot sector virus in the wild.
Click to expand...

Hmm, how long do you think, will it take - before one of these
will appear again? It seems that not just script-kiddies are
a pest these days.

Swen is slightly different, I guess the author/s
is getting nice new ideas on the usenet every day....

Regards,
°****°Maebhe
 
kurt wismer said:
actually, bsi infection of the hard disk occurs prior to the OS loading
so it's therefore OS independant... what the OS can do is prevent the
bsi from operating/infecting once the OS has loaded so that further
infection of floppies won't occur...
Click to expand...

This is what I meant, and it has been pointed out to me
that if a "virus" cannot replicate it is *not* a virus. So
with some OSs the BSI becomes merely boot sector
corruption. Is there a way for a BSI to replicate if the
OS is XP?
 
FromTheRafters said:
This is what I meant, and it has been pointed out to me
that if a "virus" cannot replicate it is *not* a virus.
Click to expand...

that's an interesting distinction... one i don't think an anti-virus
program will make...
So
with some OSs the BSI becomes merely boot sector
corruption. Is there a way for a BSI to replicate if the
OS is XP?
Click to expand...

put a floppy disk in before xp loads... obviously rather timing
dependant but i don't think it's totally impossible...
 
Back
Top