Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!wuarchive!gem.mps.ohio-state.edu!usc!polyslo!vlsi3b15!vax1.cc.lehigh.edu!sei.cmu.edu!krvw From: 2014_5001@uwovax.uwo.ca, , (A.R. PRUSS) Newsgroups: comp.virus Subject: re: datacrime & fdisk (PC) re: datacrime & fdisk (PC) Message-ID: <0009.8909261721.AA06193@ge.sei.cmu.edu> Date: 26 Sep 89 14:16:50 GMT Sender: Virus Discussion ListLines: 21 Approved: krvw@sei.cmu.edu In article <0005.8909251230.AA29228@ge.sei.cmu.edu>, MATHRICH@UMCVMB.BITNET (Ri ch Winkel UMC Math Department) writes: >>From: IA96000 >>if you use fdisk to create a dummy partition of lets says 2 >>cylinders and then create a second normal active dos partition >>will this prevent the virus from destroying track zero? > > It depends on how it accesses the disk. If it uses bios calls (INT > 13H), it will still attack physical cyl 0 on the disk. If it uses the > [correct info deleted to conserve space] Is it not simpler to back the FAT/boot sectors up to floppy and then restore them? You can use Norton Utilities Advanced for that, or a quick little utility that I will release within a week. What I would like to know, however is whether just rewriting the boot and FAT sectors will be sufficient? Alexander Pruss, at one of: Department of Applied Mathematics, Astronomy, Mathematics, or Physics University of Western Ontario pruss@uwovax.uwo.ca pruss@uwovax.BITNET A5001@nve.uwo.ca