MBR and XP Pro installation - remedy against boot viruses?

Discussion in 'malware problems & news' started by Tachy0n, Dec 9, 2006.

Thread Status:
Not open for further replies.
  1. Tachy0n

    Tachy0n Registered Member

    Joined:
    Dec 9, 2006
    Posts:
    1
    Hello,

    (I hope that this is the right forum section...)

    I have a few questions concerning the removal of a boot virus without the use of anti-virus software.

    To set up a system, i usually take a Windows XP installation disk and remove all existing partitions from the hard disk. This leaves me with a blank and unusable HDD ('Operating system not found.'). Booting from this disk will not be possible unless an OS is installed. I then proceed to partition and format (NTFS) one part of the disk to install the OS. I leave the rest of the disk unpartitioned to take care of that afterwards.

    Presuming that none of the installation media is infected, this method normally gets rid of any malware on the hard disk. Normally, since boot viruses can survive a disk format. This leads to my first question:

    1. Will a Windows XP installation process as described above remove viruses that reside in the MBR or boot sectors without the use of AV-software?

    I know that boot viruses are nearly extinct, I could not think about a situation where I could have caught one yet I am some sort of unsure about this matter - kinda paranoid.

    The second question I have is related to the first one, I could not find a definite answer about this on the net:

    2. Does a Windows XP installation as described above rewrite the MBR of a hard disk? Or will it simply modify it?

    I have read that newer MS-OSes take older versions into account and leave them in the MBR, therefore I am not sure whether a clean reinstall will kill the MBR. The machine I speak of is no multi-boot system, the only OS installed would be XP Pro.
    I know about the Repair Console (or something) that is available on the installation disk and am informed about the command fixmbr. Is the action performed during a new installation the same as the action fixmbr performs?

    I am sorry if these questions sound confused yet I hope that someone can give me some more information about the matter...

    Thanks and Regards,

    Tachy0n.
     
Loading...
Thread Status:
Not open for further replies.