how to scan for viruses using NAV as a boot CD....

[ceez]

zup peeps,

earlier this week or so i was wondering how i could boot up with the NAV CD and be able to do a virus scan using the latest virus definitions and not the original one's that were placed in the CD during production.

Well I found this article on symantec that shows you how to do it if you're using FAT32, but it doesnt show you if you're running NTFS. I have yet to try it on my pc that has NTFS but when i do i'll post my results (if youve tried it let us know too! )

SYMANTEC ARTICLE.

Laterz

ceez

[prathapml]

Right.

One work-around that I use:

1. Get NTFS dos (or better, NTFSdos Pro from winternals, commercial).

2. Get WinImage (google for download, its shareware), to modify floppy-images.

3. Make an ISO CD-image of the CD, onto your HDD, using UltraISO or similar tool.

4. Extract the boot-sector from the ISO, using ultraiso.

5. Open that boot-sector in WinImage, and modify the contents to include the NTFSdos.

6. Also, edit autoexec.bat to run NTFSdos with appropriate switches, before running the NAV scanner.

7. Save the files in the boot-sector. Modify the ISO (using ultraISO) to use the new modified boot-sector.

8. Now save the ISO to be a bootable CD-image (ISO).

9. Burn it to CD-RW and test (since the first time is always trial-and-error basis).

So now even your NTFS partitions are mounted and scanned, enjoy!

Edited September 19, 2004 by prathapml

[ceez]

prathapml you're info is a little over my head. can you please explain all that embedding, switches and autoexec stuff?

how would you do it?

[prathapml]

Sorry, now I've edited my previous post and made it more detailed.

That doing what you want, is no doubt possible as you can see.

All the best, in your quest!

[ceez]

prathapml, you da' man! thkz for your assistance and knowledge. I will definitely give it a try.

I was trying to open up 2 image files located on the root of the CD but WinISO could not open them, gave an error message.

thkz again!

ceez

[ceez]

just 1 more thing!

this is the autoexec.bat that is on the CD (i am using the systemworks BOOTIMG.BIN)

@echo off

cls

isgbpart

if errorlevel 1 goto gb_detected

echo  ******************************************************************************

echo  **************** Norton AntiVirus: Emergency Virus Repair ********************

echo  ******************************************************************************

echo.                                                                            

echo        Press any key to begin automatic operation. If you prefer manual     

echo        operation, press Ctrl-C to exit and type NAVDX /? for information.    

echo.                                                                            

echo  ******************************************************************************

echo.

pause

NAVDX C: /m+ /b+ /REPAIR

goto finish

:gb_detected

echo ******************************************************************************

echo **************** Norton AntiVirus: Emergency Virus Repair ********************

echo ******************************************************************************

echo.    

echo Norton AntiVirus has detected that GoBack is running on your computer

echo.    

echo You must disable GoBack before you can boot from this CD

echo To disable GoBack, first remove this CD and then reboot your computer

echo When GoBack prompts you, press the spacebar and follow the onscreen instructions

echo Once GoBack has been disabled, reinsert this CD and then reboot your computer                                                                       

echo.                                                                            

echo ******************************************************************************

echo.

pause

:finish

echo on

Where do I add the the info for the ntfs app? I was looking at the switches and I dont believe I have to use them, ntfs should auto mount any drive it finds as a FAT32 drive right?

/L:<letter>... Specifies drive to start mounting at

/C:<size> Specifies size of XMS cache in KB

/N  Disable compressed file support

/X  Disable extended int 13 support

/U  Tolerate unicode file names

/V  Verbose

I was thinking that It might go right after the "cls" command on the beginning of the file

=-=-=-=-=-=-=-

cls

ntfsdos.exe <--right here

isgbpart

if errorlevel 1 goto gb_detected

=-=-=-=-=-=-=-

Your thoughts??!!?

[ceez]

prathapml you there?

can you confirm my steps?

thkz

[prathapml]

If you have put ntfsdos.exe and the other .SYS files that it wants (the NTFS driver DLL files, "NTFS.SYS", "NTOSKRNL.EXE" and so on... details in their home-page) in the floppy-boot-image, yes it should work.

Though I normally use the "/U" and "/L:P" (for drive letter) switches as well.

[ceez]

**** now i am all confused!?!?!

I downloaded the regular ntfs version, not the PRO version. the only files that come in the zip are

ntfsdos.exe

ntfshlp.vxd <-for Win95 use

readme.txt

the only file that I assume I should add to that boot image is the ntfsdos.exe file and add the line "ntfsdos.exe" write after the "cls" command in the autoexec.bat of the boot image.