How do you fix a virus infected boot sector??

Toggle sidebar Toggle sidebar
N

NotoriousJTC

Golden Member
Nov 19, 2000
1,406
0
0
A friend of mine apparently got a virus that infected his boot sector...... He's running WinXP.

I don't know how or when he got it, but he said he's since formatted a few times and it still there. I don't know how to recover a PC from this type of infection...... I'd assume to may have to formet the mbr completely.


Can anyone elighten me on how to go about fixing this problem? So he can install Windows again and get up & running? Thanks.
 
K

Kelvrick

Lifer
Feb 14, 2001
18,422
5
81
I'm not sure, but isn't it if sector 0 is infected, the HD is gone? Sorry, bringer of bad news. Some good news though, I'm only like 30% confident in saying that.
 
N

NikPreviousAcct

No Lifer
Aug 15, 2000
52,763
1
0
format -mbr

err... format /mbr?

If formatting the master boot record will do it, the command is one of those two...
then format the drive and reinstall

nik
 
Y

yakko

Lifer
Apr 18, 2000
25,455
2
0
Go to his hard rive manufacturers website and they should have a utility that will erase everything on the drive.
 
K

kamiam

Banned
Dec 12, 1999
2,638
0
0


<< Go to his hard rive manufacturers website and they should have a utility that will erase everything on the drive. >>

a low-level formatting utility...as Yakko said, most OEM's have their own utility
 
D

Derango

Diamond Member
Jan 1, 2002
3,113
1
0


<< Back in the good ol dos days, wasn't it fdisk /mbr? >>



Thats what it still is :)
 
K

krunk7

Member
Apr 27, 2002
146
0
0
Yep, right that sucker to 0's, baby. Every manufacturer has the utility. I do it everytime I get a virus so bad that I have to format, just to make sure.
 
E

Electrode

Diamond Member
May 4, 2001
6,063
2
81
dd if=/dev/zero of=/dev/hda bs=1024 count=1

If you have a *NIX boot disk handy (the 16 meg Gentoo Linux install CD is good enough) you can run that command to erase your boot sector. You can probably then access any data the virus didn't destroy.

BTW: the /dev/hda part of that commnd tells it to write to the primary master IDE disk. Some alternates:

Primary slave IDE: /dev/hdb
First SCSI: /dev/sda
 
Iron Woode

Iron Woode

Elite Member
Super Moderator
Oct 10, 1999
31,150
12,667
136
Doesn't Norton Antivirus have an option to run after booting off the cdrom?
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom