con_jdc@selway.umt.edu (John-David Childs) (04/02/91)
>> Nick Fitzgerald <CCTR132@canterbury.ac.nz> wrote >> Some OEM versions of DOS (some of them still >> labelled MS DOS) with version numbers 3.0 and above have versions of >> FDISK that still begin the first partition at 0,0,2 - from memory, I >> think Falcon DOS 3.1 is one such. This may give a tiny bit more >> usable disk space, but causes grief after a Stoned strike. >Padgett Peterson <padgett%tccslr.dnet@uvs1.orl.mmc.com> replied: >[stuff deleted] One point though: A disk could be partitioned with FDISK 1.00 >even though a later version of DOS is loaded. I would like to hear from the >readers if they have come across any later partitioning software that does >not use "hidden sectors" as described. One of our computer labs on campus uses Computerland DOS 3.1 (the FDISK version number is listed as "BC88/BC286 FDISK ver 3.0") which begins the first partition at 0,0,2. A few months back, the lab got hit with the Stoned virus and we discovered that F-PROT 1.13 would not disinfect the stoned virus properly so we ended up having to reinstall the machines from scratch every time the PC's got infected (until I wrote a small C program to get rid of it...thanks to the VIRUS-L readers). F-PROT 1.14 DOES properly disinfect the Stoned virus from machines whose partitions begin at 0,0,2. When used in conjunction with F-DRIVER.SYS at startup, I've had no trouble with removing the virus. If F-DRIVER.SYS or some other detection utility was not loaded at startup (F-DRIVER.SYS halts the PC if a virus is detected), then Nick's and Padgett's comments about corrupted FAT's etc. would be apropos. John-David Childs Consultant, University of Montana CIS