Wipe MBR / Track 0 #
When particularly nasty malware infections call for formatting a drive, I always like to start by wiping track 0. This will delete not only the MBR and any boot sector viruses, but anything else in the first 63 sectors of the hard disk, including boot overlays (like EZ-BIOS), boot managers (like BootIt NG), harebrained DRM schemes (like some versions of TurboTax), etc, so caution is advised. This process won't help solve persistent BIOS infections like this one: New BIOS Virus Withstands HDD Wipes. The commands below WILL permanently delete data - use at your own risk (and joy).
To wipe just the MBR:
dd if=/dev/zero of=/dev/foo bs=512 count=1
To wipe all of track zero:
dd if=/dev/zero of=/dev/foo bs=512 count=63
"Zero out" the entire drive:
dd if=/dev/zero of=/dev/foo
You'll need to replace foo with the appropriate device (hda, sda, etc). List partitions and disks via one of these methods:
- cat /proc/partitions
- sudo fdisk -l
- sudo parted -l
/nix | Sep 22, 2009
Subscribe or visit the archives.