Clearing the Master Boot Record Using DEBUG
http://www.softcom.net/users/fdamico/clear_mbr.htm
This procedure
goes 7 layers deep so no data will be recoverable. It goes far beyond fdisk
/mbr in clearing the master boot record. This will also remove an NTFS partition.
Using Debug
l. Boot to DOS
6.22, Disk 1, and then press F3, Then press F3 again.
2. Type DEBUG and press Enter.
|
What to Type: |
Display on Screen |
Explantation
|
|
FCS:200 400 0 <ENTER> |
|
Prepares a 400(hex) byte buffer filled with Os at ME offset
600(hex) that will be written to the appropriate |
|
RAX <ENTER> |
AX 0000 |
Command to change the contents of the A, X register. |
|
0301 <ENTER> |
|
03=Write function, 0 l=Sector count, to clear sector 2 which
contains the multimedia password/script for Windows 3.X system at the same
time as the boot record. Enter 0302. |
|
RBX <ENTER> |
BX 0000 |
Command to change the contents of the B, X register. |
|
0600 <ENTER> |
|
0600=Pointer to offset of the data that will be written to the
sector(s). |
|
RCX <ENTER> |
CX 0000 |
Command to change the contents of the C, X register. |
|
0001 <ENTER> |
|
000 l=Which sector to begin writing at. To clear just the
multimedia password/script enter 0002. |
|
RDX <ENTER> |
DX 0000 |
Command to change the contents of the D, X register. |
|
0080 <ENTER> |
|
00=Head number, 80=drive type is fixed disk use 81when using this routine on a second hard
drive. |
|
E 100 CD 13 <ENTER> |
|
Writes the assembly command to execute INT 13 to |
|
P <ENTER> |
|
Executes the first assembly command at default memory offset of 0100. |
|
Q <ENTER> |
|
Closes the debug program. |
Turn Computer off (do not restart), each time-this will keep a
Virus from rewriting itself to the Hard Drive. Follow this with FDisk and FORMAT
c: /s