Question about boot sector viruses

I don't have a virus, I'm not working on an infected PC, I don't need any virus removal help.
I just have a question about boot sector viruses. It seems they aren't as prevalent as they were a few years ago, but are still a nuisance. My question is: does formatting the hard drive erase the boot sector? For example: If I boot to a WinXP install CD, and perform a clean install using the quick format option, does that effectively erase the boot sector and any viruses that may be hiding there? Is a more in-depth wiping of the drive needed using a low level tool like DBAN or the HD manufacturer's zeroing utility? Is there a utility that wipes the boot sector only?

Thanks.

 

If I boot to a WinXP install CD, and perform a clean install using the quick format option.

This only erase the directory it's not touching the boot sector and the rest
of the HD.

Is there a utility that wipes the boot sector only?

http://mbrwizard.com/

 

You don't need to 'wipe', as such.

The Dos command 'fixmbr' writes a brand new mbr (it doesn't actually fix it writes new)
and 'fixboot' writes rather than fixes a brandnew boot sector.

These are the conventional ways to sort the problem

However

The boot sector/MBR contains information about current partitions.

A quick format leaves the partitions intact but resets the pointers so they appear unused.
Thus any rogue code is still present, if no longer active.

To be sure of a clean disk you need to delete the partition and start again.

Even worse, but I have only seen it once, I recently had a nearly new Hitachi disk with either rogue code or a locked block. I eventually had to do a low level format which cleared the problem. Even Hitachi have not been able to distinguish which was the issue.

 

I agree with studiot (yes, it does happen occasionally ) in as much as the only guaranteed way to remove a boot sector virus is to do a low level format

 

Hope you don't mind me joining in, dlb - I'm interested in this one, too.

What's the difference between these two commands?

Can rogue code become active again? If so, how? File recovery only?

When/why would it matter if the disk was fully clean and when/why wouldn't it?

Would any of these problems stop a disk from being recognised and partitioned?
How do you do a low-level format?

So the commands Studiot gave - do they remove the boot sector virus, such as by writing over it, or just disable it and can it reactivate, such as file recovery?

 

@ chookers: Nope... don't mind at all We're all here to learn, to help, or both.

This is all very enlightening. :cool Some other questions that I hadn't even considered asking were answered also. Thanks all. This is great stuff that I'll have to try to remember.

:major

 

fixmbr rewrites the MBR, but not the bootsector.
fixboot writes a new bootsector.

It usually only matters if the partition or filesystem is damaged.

Use a utility that writes 0s across the drive.

I wouldn't trust it. However, since NT has become mainstream, you don't see a lot of these low level viruses anyway. They were more common when Win9x was in full force, because it allowed software to have direct hardware access. As you can imagine, that is a bad thing, for both stability and security reasons.