Boot record Virus

Hi,

FDISK /MBR is an undocumented switch within FDISK. All it does is replaces the copy of the partition record at the start of the hard disk with a copy of the second, normally hidden, copy of the Master Boot Record at the end of the hard disk.

To clear any possibility of a boot sector virus you need to run the debug utility or run the clean1k utility from the Dell resource CD's.

Alternatively one I read recently is to install the hard disk in an Apple mac and then re-install it in a PC. The Mac setup renders the hard disk completely clean as far as a PC is concerned.  

hth

Ceri

Thanks Ceri for the explanation.

I always thought that FDISK /MBR erased whatever was in the boot record; thanks to you, now I know that it simply replaces the curren MBR with the hidden MBR... which could also be infected.

I usually format my hard drive every semester  --I am studying multimedia and by the end of the semester I have tons of files, trial softwares installed, junk, and find it easier to clean everything up by either formtting the drive and doing a full install or loading the OS from my ghosted hard drive. Now I am wondering if the ghosted hard drive could possibly also have a virus....)

I am not familiar with the clean1K utility on the Dell resouce CD. I presume there is the clean1K utility on all Dell resounce CDs (I have a Dell Pentium 4100)? Does it erase/eliminate all the possible viruses (along with everything else) in both the MBR and the hidden MBR?

I just found the Dell web page on cleanK1 and will read the instructions. Thanks for the cleanK1 suggestion.

Question 1: If I use the cleanK1, am I assured that all viruses have been erased from my computer?

Question 2: Can this software be used also on other brand computers or does it recognize when a computer is not a Dell and does not allow an install?

Thanks a zillion,

Pat 

You should have the Clean 1K utility on your Resource CD. Its more involved but it does a better job by erasing the first part of the HD where the master boot record is stored.

http://support.dell.com/us/en/kb/document.asp?DN=1026413

Pat,

Hi,

The Clean1k is on Resource CD 1 on the disks that came with my D4100

It is located at F:\HDDUTIL\CLEAN\

1 From the write ups & web sites I've read on the Clean 1k I believe all boot sector virus's would be removed. The hard drive is returned to an unpartitioned condition exactly as it came out of the factory

2 I expect the utility would work on any hard disk on any p.c. as Dell supply a range of make hard disks.

The question arises about your antin virus policy. Do you have an up to date program with current signature / DAT files. If not you can scan on-line

here 

http://housecall.antivirus.com/housecall/start_corp.asp

or here

http://security3.norton.com/ssc/home.asp?j=1&langid=ie&venid=sym&plfid=20&pkj=BGWRPJUIYCZRWEJGSSK

hth

Ceri

Thanks for your replies! I will use the housecall antivirus and then the Clean K1.

Once again, all you help is most appreciated.

Have a wonderful week. Merry Xmas,

Pat

Hi Ceri,

Since my Anti-Virus was not up to date, I ran the http://housecall.antivirus.com/housecall/start_corp.asp software and found out that I had no virus after all...

I presume that http://housecall.antivirus.com/housecall/start_corp.asp checks everything and everywhere --including the boot sectors.

Next week, I will wipe everything off with the Clean1k and reinstall everything... but this time I will install Windows XP Pro instead of Windows ME.

Thanks again for all your help!

Pat