Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!wuarchive!gem.mps.ohio-state.edu!usc!polyslo!vlsi3b15!vax1.cc.lehigh.edu!sei.cmu.edu!krvw
From: 2014_5001@uwovax.uwo.ca, , (A.R. PRUSS)
Newsgroups: comp.virus
Subject: re: datacrime & fdisk (PC) re: datacrime & fdisk (PC)
Message-ID: <0009.8909261721.AA06193@ge.sei.cmu.edu>
Date: 26 Sep 89 14:16:50 GMT
Sender: Virus Discussion List 
Lines: 21
Approved: krvw@sei.cmu.edu

In article <0005.8909251230.AA29228@ge.sei.cmu.edu>, MATHRICH@UMCVMB.BITNET (Ri
ch Winkel UMC Math Department) writes:
>>From:    IA96000 
>>if you use fdisk to create a dummy partition of lets says 2
>>cylinders and then create a second normal active dos partition
>>will this prevent the virus from destroying track zero?
>
> It depends on how it accesses the disk.  If it uses bios calls (INT
> 13H), it will still attack physical cyl 0 on the disk.  If it uses the
> [correct info deleted to conserve space]

Is it not simpler to back the FAT/boot sectors up to floppy and then
restore them?  You can use Norton Utilities Advanced for that, or a
quick little utility that I will release within a week.

What I would like to know, however is whether just rewriting the boot
and FAT sectors will be sufficient?

Alexander Pruss, at one of: Department of Applied Mathematics, Astronomy,
Mathematics, or Physics                     University of Western Ontario
pruss@uwovax.uwo.ca         pruss@uwovax.BITNET          A5001@nve.uwo.ca