Home News Reviews Forums Shop


Removing a MBR virus..??

Anything else

Removing a MBR virus..??

Postby pranav81 on Fri Nov 19, 2004 8:50 am

Hi guys.


A friend of mine has a IBM Thinkpad.He has Win XP SP2 installed on it.The computer had Trend AV.He removed it and installed NAV 2003 Pro on the computer and Norton detected a virus in the MBR of the HDD.As Windows is already loaded,NAV is not able to remove the virus.The name of the virus is Bloodhound.MBR.I dont have any bootable antivirus CD handy,so is there any option to remove the virus,without formatting the system?The file system is NTFS.

Waiting for some posts.
Thanks in advance.


::Pranav::
Increasingly mathematics will demand the courage to face its implications.
User avatar
pranav81
CD-RW Player
 
Posts: 1160
Joined: Thu Dec 05, 2002 6:57 am
Location: Solapur,Maharashtra,India

Postby Justin42 on Fri Nov 19, 2004 1:02 pm

I THINK using "fdisk /mbr" from a DOS boot disc (NOT a DOS window) just wipes the MBR but leaves everything intact.

Google that to see if it helps until someone comes along and confirms (or yells what an idiot I am!)
Justin42
CD-RW Player
 
Posts: 723
Joined: Sat Jun 29, 2002 10:30 pm

Postby hoxlund on Fri Nov 19, 2004 2:29 pm

so poping that cd in and having the cd drive boot before the hard drive won't boot the virus scanning software?
Fractal Design Define R5 White Window Case
Corsair RM1000 Power Supply
MSI X99A XPower AC USB 3.1 Motherboard
Intel i7-5930K CPU @ 4.8GHz
Corsair H100i GTX 240mm CPU Cooler
Mushkin Blackline 4x8GB DDR4 2400 Memory
Asus 980Ti Strix OC
User avatar
hoxlund
CD-RW Player
 
Posts: 3706
Joined: Mon May 27, 2002 12:55 am
Location: RAF Lakenheath / Suffolk United Kingdom

Postby Justin42 on Fri Nov 19, 2004 2:39 pm

You need to boot to a DOS command prompt, not just a Windows install CD. You could make a bootable CD that would be enough, but you need to get the files of a bootable DOS disk with FDISK -- there are places around the web (Search "dos boot disk" -- try to get one from like Windows 98SE).

I really wouldn't try it until you know for sure it wouldn't toast the XP install. I am pretty sure it wouldn't but please don't take my word for it. :)

I don't think anyone even makes bootable antivirus CDs anymore... MBR viruses are fairly rare...
Justin42
CD-RW Player
 
Posts: 723
Joined: Sat Jun 29, 2002 10:30 pm

Postby hoxlund on Fri Nov 19, 2004 2:46 pm

i think 2004 and 2005 norton's are bootable, but could be wrong
Fractal Design Define R5 White Window Case
Corsair RM1000 Power Supply
MSI X99A XPower AC USB 3.1 Motherboard
Intel i7-5930K CPU @ 4.8GHz
Corsair H100i GTX 240mm CPU Cooler
Mushkin Blackline 4x8GB DDR4 2400 Memory
Asus 980Ti Strix OC
User avatar
hoxlund
CD-RW Player
 
Posts: 3706
Joined: Mon May 27, 2002 12:55 am
Location: RAF Lakenheath / Suffolk United Kingdom

Postby Justin42 on Fri Nov 19, 2004 5:00 pm

Interesting-- I hadn't heard that. Definitely something to try, and see if it could remove it before doing anything more drastic.
Justin42
CD-RW Player
 
Posts: 723
Joined: Sat Jun 29, 2002 10:30 pm

Postby pranav81 on Sat Nov 20, 2004 8:09 am

hox is right.The legal NAV CD's are bootable,so that you can use them in emergencies.I dont remember when I last used the NAV CD.But I dont currently have any CD's handy so I could pop them in and repair the MBR.I think repairing MBR with fdisk will render WinXP useless,i.e.,it will probably not boot.I think I will wait for a couple of days until I get my hands on a bootable AV disk.

Thanks for the info guys.


::Pranav::
Increasingly mathematics will demand the courage to face its implications.
User avatar
pranav81
CD-RW Player
 
Posts: 1160
Joined: Thu Dec 05, 2002 6:57 am
Location: Solapur,Maharashtra,India

Postby hoxlund on Sat Nov 20, 2004 12:16 pm

formatting the MBR i think makes your partitions reset or whatever so in deed it would make your system unusable until you format and reinstall xp

let me pop in my NAV cds, believe it or not symantec hands there products out like they were water if you work retail, i have every 2005 program of theres for free

ok yes it does indeed check your MBR for viruses, but only using the virus definitions that are on the cd, you can download the latest virus definitions from norton and put them on a floppy disk it looks like

it will see those and use those too for scanning
Fractal Design Define R5 White Window Case
Corsair RM1000 Power Supply
MSI X99A XPower AC USB 3.1 Motherboard
Intel i7-5930K CPU @ 4.8GHz
Corsair H100i GTX 240mm CPU Cooler
Mushkin Blackline 4x8GB DDR4 2400 Memory
Asus 980Ti Strix OC
User avatar
hoxlund
CD-RW Player
 
Posts: 3706
Joined: Mon May 27, 2002 12:55 am
Location: RAF Lakenheath / Suffolk United Kingdom

Postby pranav81 on Sun Nov 21, 2004 2:35 pm

Well....found the NAV 2002 bootable.The CD was stored in a plastic sleeve.It was stuck to the sleeve and there is something white on the CD.I tried to clean it,but the CD is not read my any drive.


Well....I dont have any other option until I get other CD.



::Pranav::
Increasingly mathematics will demand the courage to face its implications.
User avatar
pranav81
CD-RW Player
 
Posts: 1160
Joined: Thu Dec 05, 2002 6:57 am
Location: Solapur,Maharashtra,India


Return to General Software Questions

Who is online

Users browsing this forum: No registered users and 0 guests

All Content is Copyright (c) 2001-2017 CDRLabs Inc.