|
Posted by FromTheRafters on March 31, 2008, 4:43 pm
Please log in for more thread options
>
>>
>>> <snip>
>>> Have you any idea how one may remove a virus from the boot code? TIA.
>>
>> Sure, you overwrite/replace the correct code where it belongs. The
>> trouble
>> is that sometimes you need part of the malicious code to recover your
>> data
>> from the malware. Say for instance the virus encrypted some of your
>> files, and
>> you decide to overwrite the boot code (stomping on the virus) then reboot
>> only
>> to find the algorithm and 'key' to recovering your data was also stomped
>> on.
>>
>> ..also consider that some of your backups may have been affected if the
>> malware
>> was there long enough.
>>
>> The whole Fdisk/MBR thing just illustrates the old saw 'a little
>> knowledge is a dangerous thing'.
>>
> Thanks once again. You say "Sure, you overwrite/replace the correct code
> where it belongs". You didn't explain *How*. If you know, please advise.
> TIA
http://support.microsoft.com/kb/69013
After reading this, you should see how it could be dangerous if the user
doesn't know what he or she is doing. I used to have a dual boot box
Linux/Win98 using 'grub' as the OS chooser. Fdisk/mbr would have
messed things up considerably on that box for instance.
> Data retention is not relevant to this exercise. The object is to have a
> 'clean sheet' so to speak! :)
I can't tell you how to do it correctly for your system, because I don't
know
what correct is for your system.
> I do take on board, though, your point regarding backups possibly being
> contaminated.
The chances of you having the specific kind of virus that attaches to boot
code is extremely small.
Formatting the drive will likely be sufficient for your purposes.
| 
XML Sitemap