How can I zero out the boot code of a MBR?

I have two drives in my Windows system:

Drive 1, System and Boot.
Drive 2, data storage.

Some time previously, I had Windows installed on the second drive. Now that I have the current setup, I would like to remove the boot code from Windows from the bootsector on Drive 2. To be specific, I do not want to erase the partition table or anything, just get rid of (zero out) the little bit of code that looks for NTLDR.

Is there a software or command to do this?

K.A.Monica

Posted 2013-01-12T04:24:41.667

Reputation: 5 887

Boot sectors cannot be removed, only replaced with something else. – Ignacio Vazquez-Abrams – 2013-01-12T05:48:55.887

Updated my answer below for your update... :p – Xyon – 2013-01-12T21:32:00.057

Answers

The MBR, in the case of DOS-style partition tables, is always present on the drive as a very small collection of sectors at the start of the drive.

It's not a thing to get rid of, because it contains, in addition to boot code, the partition table of your drive. Losing that means that the data on your disk, while intact, is suddenly a lot harder to get at (most OS'es I've seen will report a bad format and windows asks if you want to format the drive if it doesn't understand the partition table).

More info: http://technet.microsoft.com/en-us/library/cc976786.aspx

Edit: since you edited the question, I'll update my answer; dd can wipe it. Boot into a linux livecd and on your unmounted data drive run;

dd if=/dev/<path to data drive> of=/dev/<somewhere safe on windows drive>/mbr.img bs=512 count=1

This will give you a 512-byte backup of the MBR including partition table, in case anything goes wrong.

To wipe the 446-byte bootstrap:

dd if=/dev/zero of=/dev/<path of data drive> bs=446 count=1 seek=0

Depending on what you are trying to achieve you might only want to wipe the first 440 bytes of the MBR. The 4 bytes following the first 440 bytes contain the Windows Unique Disk Signature which you might want to retain. To wipe only the first 440-bytes use this command:

dd if=/dev/zero of=/dev/<path of data drive> bs=440 count=1 seek=0

Xyon

Posted 2013-01-12T04:24:41.667

Reputation: 1 499

Is there a particular reason for the seek=0 here? That's the default, surely? – Hashim – 2018-04-13T04:56:03.350

Belt and braces. – Xyon – 2018-04-13T07:27:00.960

2+1, but future readers should take note that there is no (obvious) reason why anybody would actually want to do this. – Harry Johnston – 2013-01-14T01:23:15.277

Marking it as not active in disk management should more than suffice for your situation.

Bryan

Posted 2013-01-12T04:24:41.667

Reputation: 710

I beg your pardon in advance for the complicated answer, but I don't quite grasp what you want to do (or better: why).

I think that you are looking for the FDISK /CMBR command. There are also utilities that perform the same task, e.g. Paragon Partition Magic, or Boot/Partition Editor.

What you want to do is to rewrite the MBR and set the D: partition to non-system (not active, not bootable, no B flag, etc.).

Note that FDISK /CMBR should act only on a non system disk; many boot loaders install code that is needed afterwards to "see" the disk with the correct format or geometry; replacing them with a stock loader (which is what /CMBR does) can then render the disk unaccessible until the previous code is restored.

If you need to make the disk non-bootable because it interferes on the boot sequence or something (and displays a "NTLDR not found" error instead of booting, say), a better choice would be to modify the BIOS parameters for boot device order or using a FDISK-like utility to mark all partitions on that drive as non-system. In a pinch, swapping two hard disks ought to achieve the same result.

Otherwise, there are "selective boot loaders" (e.g. GRUB) that may help you implement a flexible booting option (e.g. booting Linux, or Windows, or another Windows from a startup menu screen).

LSerni

Posted 2013-01-12T04:24:41.667

Reputation: 7 306