Well, it looked easy anyway... - Linux

This is a discussion on Well, it looked easy anyway... - Linux ; I'm looking to clean the standard umpteen-gazillion virus/spyware apps off of a WinXP box. I do this fairly often for people. Usually, I take the infected drive out and temporarily install it as a secondary drive on my (known clean) ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Well, it looked easy anyway...

  1. Well, it looked easy anyway...

    I'm looking to clean the standard umpteen-gazillion virus/spyware apps
    off of a WinXP box. I do this fairly often for people. Usually, I take
    the infected drive out and temporarily install it as a secondary drive
    on my (known clean) PC; I scan and clean it, then reinstall it.

    This time I thought I'd try fixing the drive in-place with knoppix and
    f-prot, as described here: http://www.oreillynet.com/pub/wlg/5118

    No luck.

    I've got the latest version of knoppix, 3.8.1 dated 2005-04-08. When I
    start kpackage, f-prot is not listed as a "new" package to install.
    (Actually, no packages at all are listed under the "New" tab.) I tried
    changing settings in kpackage, but the changes don't stick. So instead,
    I went directly to http://www.f-prot.com/download and downloaded the
    ..deb to the desktop. Except, there's no change to the desktop; mozilla
    says it's done but no icon appears on the desktop.

    So I dl'ed it again, and this time instead of telling it to save the
    ..deb I told moz to open it using kpackage. OK, that worked, and I told
    it to install, and it says it did (I had to shell out and reset the root
    password first though). Except that there's no f-prot icon anywhere
    that I can find. Oh, sure, kpackage says it's installed -- or at least
    I think that's what it's saying since it's now offering me the option to
    uninstall f-prot instead of install it.

    Now I know that knoppix runs from CD and uses a RAMdisk. I know that no
    changes survive a reboot. That's pretty much the whole point of
    knoppix, right? But I didn't reboot and still nothing seems to be
    sticking. My best guess is that the RAMdisk is mounted readonly.


    I dunno. Any theories? Is there maybe a liveCD distro with AV tools
    preinstalled?

    --
    Gordon S. Hlavenka http://www.crashelectronics.com
    Tragically, as many as 9625 out of every 10,000
    individuals may be neurotypical


  2. Re: Well, it looked easy anyway...

    > Is there maybe a liveCD distro with AV tools preinstalled?

    Turns out there is; BitDefender has a knoppix variant available.

    Unfortunately, the captiveNTFS tool on the CD doesn't work. It finds a
    couple of files, contacts Microsoft's website and begins downloading the
    rest, then experiences a "segmentation fault" and closes. No NTFS = no
    cleaning. So I'm back to doing it the old-fashioned way.

    --
    Gordon S. Hlavenka http://www.crashelectronics.com
    Tragically, as many as 9625 out of every 10,000
    individuals may be neurotypical


+ Reply to Thread