AVDisk - NTFS access

[Julian Moss]

AVDisk (www.avdisk.org) looks rather handy, except that if I read it
right, it only gives you read-only access to NTFS partitions, which
would make deleting infected files a bit difficult.

Would it be possible to do a similar thing, but create a bootable CD to
run a DOS scanner under a DOS emulator running on Linux? I think this
would allow read/write access to NTFS partitions, wouldn't it? I seem
to recall there's an NT password recovery tool that runs from a
bootable CD under Linux, so I guess it would.

 

[xmp]

AVDisk (www.avdisk.org) looks rather handy, except that if I read it
right, it only gives you read-only access to NTFS partitions, which
would make deleting infected files a bit difficult.

Would it be possible to do a similar thing, but create a bootable CD to
run a DOS scanner under a DOS emulator running on Linux?

I guess you could use DOSEMU or other emulator, as long as it could
access the disk.

I think this
would allow read/write access to NTFS partitions, wouldn't it?

Why not use Bitdefender or Clam AV linux version? Are you trying to
stick with F-Prot scanner?

I seem
to recall there's an NT password recovery tool that runs from a
bootable CD under Linux, so I guess it would.

I believe NTFS mount (in linux) is safe using a modern driver.

Here's a couple of read-only NTFS drivers for DOS and Win 9x:
http://www.sysinternals.com/win9x/98utilities.shtml
However, the read/write version is not free.

michael

 

[Julian Moss]

I guess you could use DOSEMU or other emulator, as long as it could
access the disk.


Why not use Bitdefender or Clam AV linux version? Are you trying to
stick with F-Prot scanner?


I believe NTFS mount (in linux) is safe using a modern driver.

Here's a couple of read-only NTFS drivers for DOS and Win 9x:
http://www.sysinternals.com/win9x/98utilities.shtml
However, the read/write version is not free.

michael

I was thinking about using F-Prot, certainly. I have tried out ClamAV
for Windows, and even thought of changing my Tech-Protect GUI to use
that, until I read what people in this NG said about it.

It would certainly be nice to be able to download an ISO image that
could be used to make a bootable virus scanner CD.

 

[Frederic Bonroy]

AVDisk (www.avdisk.org) looks rather handy, except that if I read it
right, it only gives you read-only access to NTFS partitions, which
would make deleting infected files a bit difficult.

Yes, that is correct. It relies on a third-party program which, in its
free version, does not allow for write access to NTFS partitions.

Would it be possible to do a similar thing, but create a bootable CD to
run a DOS scanner under a DOS emulator running on Linux? I think this
would allow read/write access to NTFS partitions, wouldn't it? I seem
to recall there's an NT password recovery tool that runs from a
bootable CD under Linux, so I guess it would.

If you use Windows XP, try BartPE: http://www.nu2.nu/pebuilder

If you are able to handle Linux, why not use a Linux scanner that is
capable of accessing NTFS partitions?

 

[Julian Moss]

If you use Windows XP, try BartPE: http://www.nu2.nu/pebuilder

If you are able to handle Linux, why not use a Linux scanner that is
capable of accessing NTFS partitions?

For the same reasons AVDisk doesn't, I guess. I was thinking about
something that could be created using free tools, that could be
downloaded and burnt to CD by anyone who needed to scan or clean a PC
without booting into Windows.

 

[David W. Hodgins]

For the same reasons AVDisk doesn't, I guess. I was thinking about
something that could be created using free tools, that could be
downloaded and burnt to CD by anyone who needed to scan or clean a PC
without booting into Windows.

See http://www.jankratochvil.net/project/captive/
and http://www.f-prot.com/download/home_user/download_fplinux.html

I haven't tried the captive ntfs write, but yesterday, used knoppix 3.6, and
a copy of /usr/local/f-prot burned to a second cd, to clean my neice's fat32
system.

What I did was burn a standard knoppix boot cd. On a second cd, I included
the copy of the f-prot files, as well as windows software such as escan, spybot,
adaware, etc.

Once booted in knoppix, right click on the partition icon and change the
permission from read-only to read-write, before mounting it. Copied the
f-prot files to a new directory on the hd for speed, and ran it from there.
After using f-prot for the initial clean, booted in windows to install, update
and run the standard windows stuff.

It may take some digging to get captive working, but assuming it does, the
above should work.

Regards, Dave Hodgins

 

[Julian Moss]

See http://www.jankratochvil.net/project/captive/
and http://www.f-prot.com/download/home_user/download_fplinux.html

I haven't tried the captive ntfs write, but yesterday, used knoppix
3.6, and a copy of /usr/local/f-prot burned to a second cd, to clean
my neice's fat32 system.

What I did was burn a standard knoppix boot cd. On a second cd, I
included the copy of the f-prot files, as well as windows software
such as escan, spybot, adaware, etc.

Once booted in knoppix, right click on the partition icon and change
the permission from read-only to read-write, before mounting it.
Copied the f-prot files to a new directory on the hd for speed, and
ran it from there. After using f-prot for the initial clean, booted
in windows to install, update and run the standard windows stuff.

It may take some digging to get captive working, but assuming it
does, the above should work.

Regards, Dave Hodgins

Thanks. That looks like the way to go.

 

[Michael]

Thanks. That looks like the way to go.

The Knoppix idea sounds good. You could remaster it so the F-Prot is
installed permanently.

The captive driver sounds safer that the regular ntfs module.
http://linux-ntfs.sourceforge.net/info/ntfs.html#3.2

michael

 

[Larry Sabo]

AVDisk (www.avdisk.org) looks rather handy, except that if I read it
right, it only gives you read-only access to NTFS partitions, which
would make deleting infected files a bit difficult.

Would it be possible to do a similar thing, but create a bootable CD to
run a DOS scanner under a DOS emulator running on Linux? I think this
would allow read/write access to NTFS partitions, wouldn't it? I seem
to recall there's an NT password recovery tool that runs from a
bootable CD under Linux, so I guess it would.

Try http://www.windowsubcd.com/ if you have XP. It's terrific! It
makes it as easy as it gets to create a BartPE CD with several A-V
programs and other useful tools.

Larry

 

[Julian Moss]

Try http://www.windowsubcd.com/ if you have XP. It's terrific! It
makes it as easy as it gets to create a BartPE CD with several A-V
programs and other useful tools.

Larry

I think your recommendation just caused the guy to exceed his bandwidth
allocation!

 

[Larry Sabo]

I think your recommendation just caused the guy to exceed his bandwidth
allocation!

LOL! Nope, it was exceeded when I went to verify the url, so can't be
my fault.

Larry