How to clean an MBR and recover drive partitions

Sometimes it’s necessary to recover drive partitions because you accidentally repartitioned a drive you didn’t mean to, or because your MBR got infected or otherwise trashed. Here’s how to recover them, for free.

Infecting MBRs with malware is popular with virus writers again. And I fully expect chaos to ensue, because that’s what happened the last time there was more than one virus floating around that infected MBRs. They quit doing it for a good reason.

So here’s how to clean up the mess when an MBR gets infected, or when multiple infections blitzes the MBR and the hard drive loses the ability to boot, just displaying a message like Missing Operating System or Operating System Not Found.

We’ll be using the Gparted Live CD. Many Linux live CDs have the proper tools, but GParted works well and it’s a small download. You can try to use another Linux live CD, and it will work fine, but the icons might not all be where I say they are.

Read more

MBR rootkits don’t mean you have to wipe the drive

There’s a nasty rumor going around that if your computer gets infected with the Popureb rootkit, your only recourse is to wipe your MBR, reformat your hard drive, and reinstall (or run your factory recovery disk, which is essentially the same thing).

Not so fast.

Read more

First impressions: Microsoft Standalone System Sweeper

Microsoft has released an antivirus/antispyware live CD that runs in the Windows PE environment called Microsoft Standalone System Sweeper. I wouldn’t use it as a full replacement for a Linux-based live CD from an antivirus vendor such as Bit Defender, which I’ve written about before. It is, however, a good supplement–a second opinion. Nothing catches everything, after all.

The idea behind all of these is to boot into a sterile environment to scan a dormant hard drive for things that evade or disable your normal antivirus software. The need for this grows just about every day, as there’s a lot of really nasty stuff out there these days. It’s not a substitute for normal antivirus software–it’s what you call on if and when normal antivirus software fails and a malware infestation prevents normal use of the computer.

Read more

Removing the Windows XP Repair scareware

Windows XP Repair is a fake system optimization and repair tool. It takes over the computer almost completely, and it’s a pain to remove. Worse yet, there’s at least one version floating around right now that standard no antivirus/antimalware tool I threw at it recognized.

Here’s how I removed it for someone.

Read more