Home News Reviews Forums Shop


Removing a MBR virus..??

Anything else

Removing a MBR virus..??

Postby pranav81 on Fri Nov 19, 2004 8:50 am

Hi guys.


A friend of mine has a IBM Thinkpad.He has Win XP SP2 installed on it.The computer had Trend AV.He removed it and installed NAV 2003 Pro on the computer and Norton detected a virus in the MBR of the HDD.As Windows is already loaded,NAV is not able to remove the virus.The name of the virus is Bloodhound.MBR.I dont have any bootable antivirus CD handy,so is there any option to remove the virus,without formatting the system?The file system is NTFS.

Waiting for some posts.
Thanks in advance.


::Pranav::
Increasingly mathematics will demand the courage to face its implications.
pranav81
CD-RW Player
 
Posts: 1160
Joined: Thu Dec 05, 2002 6:57 am
Location: Sunnyvale, CA

Postby Justin42 on Fri Nov 19, 2004 1:02 pm

I THINK using "fdisk /mbr" from a DOS boot disc (NOT a DOS window) just wipes the MBR but leaves everything intact.

Google that to see if it helps until someone comes along and confirms (or yells what an idiot I am!)
Justin42
CD-RW Player
 
Posts: 723
Joined: Sat Jun 29, 2002 10:30 pm

Postby hoxlund on Fri Nov 19, 2004 2:29 pm

so poping that cd in and having the cd drive boot before the hard drive won't boot the virus scanning software?
Thermaltake Core X5 Snow Edition TG Case
Corsair RM1000 Power Supply
MSI X399 Gaming Pro Carbon AC
AMD Threadripper 1950x @ 4.1GHz
Custom Loop w/ EK MSI x399 Monoblock
G.Skill 4x8GB DDR4 3200 RGB Memory
MSI 1080Ti Lightning X Video Card
User avatar
hoxlund
CD-RW Player
 
Posts: 3708
Joined: Mon May 27, 2002 12:55 am
Location: Idaho

Postby Justin42 on Fri Nov 19, 2004 2:39 pm

You need to boot to a DOS command prompt, not just a Windows install CD. You could make a bootable CD that would be enough, but you need to get the files of a bootable DOS disk with FDISK -- there are places around the web (Search "dos boot disk" -- try to get one from like Windows 98SE).

I really wouldn't try it until you know for sure it wouldn't toast the XP install. I am pretty sure it wouldn't but please don't take my word for it. :)

I don't think anyone even makes bootable antivirus CDs anymore... MBR viruses are fairly rare...
Justin42
CD-RW Player
 
Posts: 723
Joined: Sat Jun 29, 2002 10:30 pm

Postby hoxlund on Fri Nov 19, 2004 2:46 pm

i think 2004 and 2005 norton's are bootable, but could be wrong
Thermaltake Core X5 Snow Edition TG Case
Corsair RM1000 Power Supply
MSI X399 Gaming Pro Carbon AC
AMD Threadripper 1950x @ 4.1GHz
Custom Loop w/ EK MSI x399 Monoblock
G.Skill 4x8GB DDR4 3200 RGB Memory
MSI 1080Ti Lightning X Video Card
User avatar
hoxlund
CD-RW Player
 
Posts: 3708
Joined: Mon May 27, 2002 12:55 am
Location: Idaho

Postby Justin42 on Fri Nov 19, 2004 5:00 pm

Interesting-- I hadn't heard that. Definitely something to try, and see if it could remove it before doing anything more drastic.
Justin42
CD-RW Player
 
Posts: 723
Joined: Sat Jun 29, 2002 10:30 pm

Postby pranav81 on Sat Nov 20, 2004 8:09 am

hox is right.The legal NAV CD's are bootable,so that you can use them in emergencies.I dont remember when I last used the NAV CD.But I dont currently have any CD's handy so I could pop them in and repair the MBR.I think repairing MBR with fdisk will render WinXP useless,i.e.,it will probably not boot.I think I will wait for a couple of days until I get my hands on a bootable AV disk.

Thanks for the info guys.


::Pranav::
Increasingly mathematics will demand the courage to face its implications.
pranav81
CD-RW Player
 
Posts: 1160
Joined: Thu Dec 05, 2002 6:57 am
Location: Sunnyvale, CA

Postby hoxlund on Sat Nov 20, 2004 12:16 pm

formatting the MBR i think makes your partitions reset or whatever so in deed it would make your system unusable until you format and reinstall xp

let me pop in my NAV cds, believe it or not symantec hands there products out like they were water if you work retail, i have every 2005 program of theres for free

ok yes it does indeed check your MBR for viruses, but only using the virus definitions that are on the cd, you can download the latest virus definitions from norton and put them on a floppy disk it looks like

it will see those and use those too for scanning
Thermaltake Core X5 Snow Edition TG Case
Corsair RM1000 Power Supply
MSI X399 Gaming Pro Carbon AC
AMD Threadripper 1950x @ 4.1GHz
Custom Loop w/ EK MSI x399 Monoblock
G.Skill 4x8GB DDR4 3200 RGB Memory
MSI 1080Ti Lightning X Video Card
User avatar
hoxlund
CD-RW Player
 
Posts: 3708
Joined: Mon May 27, 2002 12:55 am
Location: Idaho

Postby pranav81 on Sun Nov 21, 2004 2:35 pm

Well....found the NAV 2002 bootable.The CD was stored in a plastic sleeve.It was stuck to the sleeve and there is something white on the CD.I tried to clean it,but the CD is not read my any drive.


Well....I dont have any other option until I get other CD.



::Pranav::
Increasingly mathematics will demand the courage to face its implications.
pranav81
CD-RW Player
 
Posts: 1160
Joined: Thu Dec 05, 2002 6:57 am
Location: Sunnyvale, CA


Return to General Software Questions

Who is online

Users browsing this forum: No registered users and 0 guests

All Content is Copyright (c) 2001-2024 CDRLabs Inc.