You have reason to suspect a Master Boot Record (MBR) threat has compromised their computer, and want to know how to collect the MBR for analysis by Symantec Security Response.
Either a Symantec tool called MBRUtil or a Microsoft tool called Sector Inspector should be able to gather the required data.
MBRUtil
Originally developed by PowerQuest, Symantec's tool MBRUtil can be run to collect the MBR data for forwarding to the Security Response team. This tool has been tested on Windows XP, Windows Vista and Windows Server 2003.
Detailed steps:
1. Download the tool attached below and save it to the root of the local hard drive. Unzip the MBRUtil.zip (MD5 edf9e2839253c9387fbb3321f31a36d0) to extract the contents. The password is: symantec
2. Open a command prompt and run this command:
C:\> MBRUtil /S=MyMBR.dat
3. A file named MyMBR.dat will be created in the C:\ drive. Upload this file to our submission server, using the appropriate link based on support entitlement.
4. Contact Symantec Technical Support for further assistance or to learn the correct submission portal. Provide Technical Support with the tracking number of the Security Response submission.