|
Posted by jen on April 14, 2008, 8:33 pm
If you were Registered and logged in, you could reply and use other advanced thread options
The OP's OS is XP. He should instead boot from the Recovery Console and
type: fixmbr.
Fixmbr Command Syntax:
fixmbr (device_name):
device_name = This is where you designate the exact drive location that
a master boot record will be written to. If no device is specified, the
master boot record will be written to the primary boot drive.
Fixmbr Command Examples:
fixmbr \Device\HardDisk0
In the above example, the master boot record is written to the drive
located at \Device\HardDisk0.
fixmbr:
In this example, the master boot record is written to the device that
your primary system is loaded onto. If you have a single installation of
Windows installed, which is normally the case, running the fixmbr
command in this way is usually the right way to go.
Fixmbr Command Availability:
The fixmbr command is only available from within the Recovery Console in
Windows 2000 and Windows XP.
-jen
> Boot using a DOS setup floppy (latest/last version).
>
> Type fdisk /mbr
>
> The /mbr is an undocumented call that will replace the mbr on the
> master hard drive. It is best to physically disconnect all other hard
> drives when performing this call to prevent any unwanted actions due
> to multiple hard drives being connected.
>
>
>> Indeed, Kurt. Thank you for your response.
>>
>> A quote from Computer Active
>>
http://www.computeractive.co.uk/computeractive/news/2207251/mebroot-attack-takes-security
>>
>> "Mebroot, which is designed to steal personal information and bank
>> details, is embedded in legitimate websites.
>> If the latest updates and patches for browsers or the XP operating
>> system have been applied, then anti-virus software can stop the
>> rootkit and the associate malware such as keystroke loggers and
>> others it downloads.
>>
>> But if patches have not been applied the malware downloads to a PC
>> and then hides from security software. It can be removed quite
>> simply, according to Hypponen, but currently only by the user
>> rewriting the MBR".
>>
>> My question remains. HOW does a user rewrite the MBR.
>>
>> Many thanks to anyone who can provide the answer!
>>
>> --
>>
>> Dave
>>
>>
>>
>>
>>
>>
>
| 
XML site map