Anti Virus Solutions That Use Their Own Boot CD?

[Will]

Can someone recommend an anti-virus solution that lets you build a boot CD
that will inspect the NTFS file system for trojans or viruses without any
need to boot the OS on the file system you are inspecting?

--
Will

 

[Doug McIntyre]

"Will" <westes-usc@noemail.nospam> writes:
>Can someone recommend an anti-virus solution that lets you build a boot CD
>that will inspect the NTFS file system for trojans or viruses without any
>need to boot the OS on the file system you are inspecting?

Thats not going to be too common, because its not a very effective
model for ongoing A/V protection.

You could probably do something like this by combining together
something like BartPE or WindowsPE boot disks with Clamwin so that can
you can boot (or even PXE boot) off CD and run Clamwin to scan files
on the mounted hard drive.

 

[FromTheRafters]

Has Clamwin now gone beyond the mostly email scanning
database? I recall that Clam's original purpose had been to
look for the types of malware that you would expect to find
in the email environment and misused as an all around scanner
by many of the open source proponents.

It shouldn't be any problem inspecting the files, but affecting
them is another matter.

"Doug McIntyre" <merlyn@geeks.org> wrote in message
news:486bd948$0$60075$8046368a@newsreader.iphouse.net...
> "Will" <westes-usc@noemail.nospam> writes:
>>Can someone recommend an anti-virus solution that lets you build a boot CD
>>that will inspect the NTFS file system for trojans or viruses without any
>>need to boot the OS on the file system you are inspecting?
>
> Thats not going to be too common, because its not a very effective
> model for ongoing A/V protection.
>
> You could probably do something like this by combining together
> something like BartPE or WindowsPE boot disks with Clamwin so that can
> you can boot (or even PXE boot) off CD and run Clamwin to scan files
> on the mounted hard drive.
>
>
>
>
>

 

[Will]

"Doug McIntyre" <merlyn@geeks.org> wrote in message
news:486bd948$0$60075$8046368a@newsreader.iphouse.net...
> "Will" <westes-usc@noemail.nospam> writes:
>>Can someone recommend an anti-virus solution that lets you build a boot CD
>>that will inspect the NTFS file system for trojans or viruses without any
>>need to boot the OS on the file system you are inspecting?
>
> Thats not going to be too common, because its not a very effective
> model for ongoing A/V protection.

Day-to-day protection has to balance many different issues like
intrusiveness and performance on a system under use. It's very easy to
subvert modern virus checking programs with root kit viruses. The rootkit
simply rewrites kernel functions and reports back to the virus checker only
the data it wants the checker to see.

Booting from a standalone CD is the only approach that guarantees that all
files on the file system can be inspected by an OS and application that is
not under control of a trojan or rootkit. It would be an extremely good
way of checking for hidden files or folders that would otherwise be hidden
from view if the rootkit were active.

It's a shame if no anti-virus vendor has seen to create such a bootable CD.

--
Will

 

[David H. Lipman]

From: "Will" <westes-usc@noemail.nospam>

| "Doug McIntyre" <merlyn@geeks.org> wrote in message
| news:486bd948$0$60075$8046368a@newsreader.iphouse.net...
>> "Will" <westes-usc@noemail.nospam> writes:
>>>Can someone recommend an anti-virus solution that lets you build a boot CD
>>>that will inspect the NTFS file system for trojans or viruses without any
>>>need to boot the OS on the file system you are inspecting?

>> Thats not going to be too common, because its not a very effective
>> model for ongoing A/V protection.

| Day-to-day protection has to balance many different issues like
| intrusiveness and performance on a system under use. It's very easy to
| subvert modern virus checking programs with root kit viruses. The rootkit
| simply rewrites kernel functions and reports back to the virus checker only
| the data it wants the checker to see.

| Booting from a standalone CD is the only approach that guarantees that all
| files on the file system can be inspected by an OS and application that is
| not under control of a trojan or rootkit. It would be an extremely good
| way of checking for hidden files or folders that would otherwise be hidden
| from view if the rootkit were active.

| It's a shame if no anti-virus vendor has seen to create such a bootable CD.

| --
| Will



The problem is by nature a CDROM is Read-Only and thus can't be updated easily. Thus, its
signature would go out of date rather rapidly.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

 

[David B.]

Both Avira and Kaspersky have a free boot CD scanner available.

http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html
http://ftp.kaspersky.com/devbuilds/RescueDisk/

--

----
Crosspost, do not multipost http://www.blakjak.demon.co.uk/mul_crss.htm
How to ask a question http://support.microsoft.com/kb/555375



"Will" <westes-usc@noemail.nospam> wrote in message
news-CdnR39nbGKIvbVnZ2dnUVZ_vednZ2d@giganews.com...
> Can someone recommend an anti-virus solution that lets you build a boot CD
> that will inspect the NTFS file system for trojans or viruses without any
> need to boot the OS on the file system you are inspecting?
>
> --
> Will
>
>

 

[Will]

A well-made product of the kind I am describing contains a program to create
that boot CD on demand, from the latest updates.

It's the same model that ERD Commander uses to build new recovery boot CDs,
installing different sets of device drivers on each build.

If you have a suspect computer, you would go to the "safe" computer,
download the latest virus files, then build a new boot CD and use it the
same day to do your inspection of the infected computer.

--
Will

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:eyW2kaP3IHA.3544@TK2MSFTNGP05.phx.gbl...
> From: "Will" <westes-usc@noemail.nospam>
>
> | "Doug McIntyre" <merlyn@geeks.org> wrote in message
> | news:486bd948$0$60075$8046368a@newsreader.iphouse.net...
> >> "Will" <westes-usc@noemail.nospam> writes:
> >>>Can someone recommend an anti-virus solution that lets you build a boot
CD
> >>>that will inspect the NTFS file system for trojans or viruses without
any
> >>>need to boot the OS on the file system you are inspecting?
>
> >> Thats not going to be too common, because its not a very effective
> >> model for ongoing A/V protection.
>
> | Day-to-day protection has to balance many different issues like
> | intrusiveness and performance on a system under use. It's very easy to
> | subvert modern virus checking programs with root kit viruses. The
rootkit
> | simply rewrites kernel functions and reports back to the virus checker
only
> | the data it wants the checker to see.
>
> | Booting from a standalone CD is the only approach that guarantees that
all
> | files on the file system can be inspected by an OS and application that
is
> | not under control of a trojan or rootkit. It would be an extremely
good
> | way of checking for hidden files or folders that would otherwise be
hidden
> | from view if the rootkit were active.
>
> | It's a shame if no anti-virus vendor has seen to create such a bootable
CD.
>
> | --
> | Will
>
>
>
> The problem is by nature a CDROM is Read-Only and thus can't be updated
easily. Thus, its
> signature would go out of date rather rapidly.
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
>
>

 

[David H. Lipman]

From: "Will" <westes-usc@noemail.nospam>

| A well-made product of the kind I am describing contains a program to create
| that boot CD on demand, from the latest updates.

| It's the same model that ERD Commander uses to build new recovery boot CDs,
| installing different sets of device drivers on each build.

| If you have a suspect computer, you would go to the "safe" computer,
| download the latest virus files, then build a new boot CD and use it the
| same day to do your inspection of the infected computer.

| --
| Will

That's true. I explain such a concept in using a surrugate PC to download updates for my
Multi AV Scanning tool and transferring the Multi AV to a thumb drive (or media,
preferrably Read/Write media) and then to an infected PC and boot from a DOS Disk or a DOS
disk with NTFS4DOS.


Download MULTI_AV.EXE from the URL --
http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe

http://www.pctipp.ch/downloads/dl/35905.asp

English:
http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

 

[Will]

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:uf$ZZBV3IHA.2064@TK2MSFTNGP02.phx.gbl...
> From: "Will" <westes-usc@noemail.nospam>
>
> | A well-made product of the kind I am describing contains a program to
> create
> | that boot CD on demand, from the latest updates.
>
> | It's the same model that ERD Commander uses to build new recovery boot
> CDs,
> | installing different sets of device drivers on each build.
>
> | If you have a suspect computer, you would go to the "safe" computer,
> | download the latest virus files, then build a new boot CD and use it the
> | same day to do your inspection of the infected computer.
>
> | --
> | Will
>
> That's true. I explain such a concept in using a surrugate PC to download
> updates for my
> Multi AV Scanning tool and transferring the Multi AV to a thumb drive (or
> media,
> preferrably Read/Write media) and then to an infected PC and boot from a
> DOS Disk or a DOS
> disk with NTFS4DOS.
>
>
> Download MULTI_AV.EXE from the URL --
> http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe
>
> http://www.pctipp.ch/downloads/dl/35905.asp
>
> English:
> http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/

The idea of combining multiple anti-virus programs to one integrated
environment is nice. You would think someone would have figured out how to
sell that as a subscription service and then send out a new CD every two
weeks and charge for it? I would gladly pay and do not have the time to
put these kinds of packages together and then constantly update them.

--
Will

 

[Will]

That's great stuff. We have a winner. Thanks!

--
Will

"David B." <mail@nomail.net> wrote in message
news:ep8e91Q3IHA.2524@TK2MSFTNGP04.phx.gbl...
> Both Avira and Kaspersky have a free boot CD scanner available.
>
> http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html
> http://ftp.kaspersky.com/devbuilds/RescueDisk/
>
> --
>
> ----
> Crosspost, do not multipost http://www.blakjak.demon.co.uk/mul_crss.htm
> How to ask a question http://support.microsoft.com/kb/555375
>
>
>
> "Will" <westes-usc@noemail.nospam> wrote in message
> news-CdnR39nbGKIvbVnZ2dnUVZ_vednZ2d@giganews.com...
>> Can someone recommend an anti-virus solution that lets you build a boot
>> CD
>> that will inspect the NTFS file system for trojans or viruses without any
>> need to boot the OS on the file system you are inspecting?
>>
>> --
>> Will
>>
>>
>

 

[David H. Lipman]

From: "Will" <westes-usc@noemail.nospam>



| The idea of combining multiple anti-virus programs to one integrated
| environment is nice. You would think someone would have figured out how to
| sell that as a subscription service and then send out a new CD every two
| weeks and charge for it? I would gladly pay and do not have the time to
| put these kinds of packages together and then constantly update them.

| --
| Will

I provide the Multi AV Scanning Tool as CareWare.

If you find the tool useful and it has helped you -- Don't donate to me, donaye to
charity.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

 

[Will]

The Kaspersky boot CD simply shuts down the computer when it gets to the
graphics display. It has a "safe" mode that looks like a simple bash
shell, and I have no idea what to do there. Clearly an experimental
project for them....

The Avira boots, but it looks like a very simple tool.

--
Will

"David B." <mail@nomail.net> wrote in message
news:ep8e91Q3IHA.2524@TK2MSFTNGP04.phx.gbl...
> Both Avira and Kaspersky have a free boot CD scanner available.
>
> http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html
> http://ftp.kaspersky.com/devbuilds/RescueDisk/
>
> --
>
> ----
> Crosspost, do not multipost http://www.blakjak.demon.co.uk/mul_crss.htm
> How to ask a question http://support.microsoft.com/kb/555375
>
>
>
> "Will" <westes-usc@noemail.nospam> wrote in message
> news-CdnR39nbGKIvbVnZ2dnUVZ_vednZ2d@giganews.com...
> > Can someone recommend an anti-virus solution that lets you build a boot
CD
> > that will inspect the NTFS file system for trojans or viruses without
any
> > need to boot the OS on the file system you are inspecting?
> >
> > --
> > Will
> >
> >
>

 

[Twayne]

> "Doug McIntyre" <merlyn@geeks.org> wrote in message
> news:486bd948$0$60075$8046368a@newsreader.iphouse.net...
>> "Will" <westes-usc@noemail.nospam> writes:
>>> Can someone recommend an anti-virus solution that lets you build a
>>> boot CD that will inspect the NTFS file system for trojans or
>>> viruses without any need to boot the OS on the file system you are
>>> inspecting?
>>
>> Thats not going to be too common, because its not a very effective
>> model for ongoing A/V protection.
>
> Day-to-day protection has to balance many different issues like
> intrusiveness and performance on a system under use. It's very easy
> to subvert modern virus checking programs with root kit viruses. The
> rootkit simply rewrites kernel functions and reports back to the
> virus checker only the data it wants the checker to see.
>
> Booting from a standalone CD is the only approach that guarantees
> that all files on the file system can be inspected by an OS and
> application that is not under control of a trojan or rootkit. It
> would be an extremely good way of checking for hidden files or
> folders that would otherwise be hidden from view if the rootkit were
> active.
> It's a shame if no anti-virus vendor has seen to create such a
> bootable CD.

Norton and, I think McAfee both allow that, actually. The only gotcha
is that only PART of the inspection can be done that way. Since virus
profiles are constantly changing, it will still have to access the drive
to get those signatures. But, it's still a very reliable way of
handling infections on PCs. A CD, once written and its session closed,
is not going to be affected by any virus or malware of any kind. So,
yes, the do it with the exception of using the signature files on the
hard drive.
I can't understand why everyone is saying no one does it I just
pulled out my CD to make sure I'm right, and, well, I'm right! <g>.
Toss it in the drive, boot from it, the AV process automagically starts,
and off we go. It's not new been this way for a long, long time.

 

[Will]

"Twayne" <nobody@devnull.spamcop.net> wrote in message
news:eRJPHGj3IHA.3500@TK2MSFTNGP05.phx.gbl...
> > "Doug McIntyre" <merlyn@geeks.org> wrote in message
> > news:486bd948$0$60075$8046368a@newsreader.iphouse.net...
> >> "Will" <westes-usc@noemail.nospam> writes:
> >>> Can someone recommend an anti-virus solution that lets you build a
> >>> boot CD that will inspect the NTFS file system for trojans or
> >>> viruses without any need to boot the OS on the file system you are
> >>> inspecting?
> >>
> >> Thats not going to be too common, because its not a very effective
> >> model for ongoing A/V protection.
> >
> > Day-to-day protection has to balance many different issues like
> > intrusiveness and performance on a system under use. It's very easy
> > to subvert modern virus checking programs with root kit viruses. The
> > rootkit simply rewrites kernel functions and reports back to the
> > virus checker only the data it wants the checker to see.
> >
> > Booting from a standalone CD is the only approach that guarantees
> > that all files on the file system can be inspected by an OS and
> > application that is not under control of a trojan or rootkit. It
> > would be an extremely good way of checking for hidden files or
> > folders that would otherwise be hidden from view if the rootkit were
> > active.
> > It's a shame if no anti-virus vendor has seen to create such a
> > bootable CD.
>
> Norton and, I think McAfee both allow that, actually. The only gotcha
> is that only PART of the inspection can be done that way. Since virus
> profiles are constantly changing, it will still have to access the drive
> to get those signatures. But, it's still a very reliable way of
> handling infections on PCs. A CD, once written and its session closed,
> is not going to be affected by any virus or malware of any kind. So,
> yes, the do it with the exception of using the signature files on the
> hard drive.
> I can't understand why everyone is saying no one does it I just
> pulled out my CD to make sure I'm right, and, well, I'm right! <g>.
> Toss it in the drive, boot from it, the AV process automagically starts,
> and off we go. It's not new been this way for a long, long time.

What you are describing is a way to run a virus checker from a CD after
booting the OS on the affected system. The problem with that approach is
that a rootkit virus can alter the operating system calls to disguise what
is on the disk.

The c:\windows folder might contain a subdirectory named evilvirustoolkit,
but as long as you boot your OS under the control of the rootkit that folder
stays invisible to every application on the system, including your virus
checker.

What I was asking for was a virus checker that boots from *its own operating
system embedded on a CD*. That way there is no involvement with infected
OS code on the system being inspected.

--
Will

 

[Al Dunbar]

"Will" <westes-usc@noemail.nospam> wrote in message
news:JfydnQ3UJ91BXPPVnZ2dnUVZ_hOdnZ2d@giganews.com...
> "Twayne" <nobody@devnull.spamcop.net> wrote in message
> news:eRJPHGj3IHA.3500@TK2MSFTNGP05.phx.gbl...
>> > "Doug McIntyre" <merlyn@geeks.org> wrote in message
>> > news:486bd948$0$60075$8046368a@newsreader.iphouse.net...
>> >> "Will" <westes-usc@noemail.nospam> writes:
>> >>> Can someone recommend an anti-virus solution that lets you build a
>> >>> boot CD that will inspect the NTFS file system for trojans or
>> >>> viruses without any need to boot the OS on the file system you are
>> >>> inspecting?
>> >>
>> >> Thats not going to be too common, because its not a very effective
>> >> model for ongoing A/V protection.
>> >
>> > Day-to-day protection has to balance many different issues like
>> > intrusiveness and performance on a system under use. It's very easy
>> > to subvert modern virus checking programs with root kit viruses. The
>> > rootkit simply rewrites kernel functions and reports back to the
>> > virus checker only the data it wants the checker to see.
>> >
>> > Booting from a standalone CD is the only approach that guarantees
>> > that all files on the file system can be inspected by an OS and
>> > application that is not under control of a trojan or rootkit. It
>> > would be an extremely good way of checking for hidden files or
>> > folders that would otherwise be hidden from view if the rootkit were
>> > active.
>> > It's a shame if no anti-virus vendor has seen to create such a
>> > bootable CD.
>>
>> Norton and, I think McAfee both allow that, actually. The only gotcha
>> is that only PART of the inspection can be done that way. Since virus
>> profiles are constantly changing, it will still have to access the drive
>> to get those signatures. But, it's still a very reliable way of
>> handling infections on PCs. A CD, once written and its session closed,
>> is not going to be affected by any virus or malware of any kind. So,
>> yes, the do it with the exception of using the signature files on the
>> hard drive.
>> I can't understand why everyone is saying no one does it I just
>> pulled out my CD to make sure I'm right, and, well, I'm right! <g>.
>> Toss it in the drive, boot from it, the AV process automagically starts,
>> and off we go. It's not new been this way for a long, long time.
>
> What you are describing is a way to run a virus checker from a CD after
> booting the OS on the affected system.

Re-read what Twayne wrote: "Toss it in the drive, boot from it, the AV
process automagically starts". to me that means booting from the CD, not
booting the OS installed on the machine.

/Al

> The problem with that approach is
> that a rootkit virus can alter the operating system calls to disguise what
> is on the disk.
>
> The c:\windows folder might contain a subdirectory named evilvirustoolkit,
> but as long as you boot your OS under the control of the rootkit that
> folder
> stays invisible to every application on the system, including your virus
> checker.
>
> What I was asking for was a virus checker that boots from *its own
> operating
> system embedded on a CD*. That way there is no involvement with infected
> OS code on the system being inspected.
>
> --
> Will
>
>

 

[Will]

"Al Dunbar" <AlanDrub@hotmail.com.nospaam> wrote in message
news:u1dZcsl3IHA.4988@TK2MSFTNGP04.phx.gbl...
>
> "Will" <westes-usc@noemail.nospam> wrote in message
> news:JfydnQ3UJ91BXPPVnZ2dnUVZ_hOdnZ2d@giganews.com...
>> "Twayne" <nobody@devnull.spamcop.net> wrote in message
>> news:eRJPHGj3IHA.3500@TK2MSFTNGP05.phx.gbl...
>>> > "Doug McIntyre" <merlyn@geeks.org> wrote in message
>>> > news:486bd948$0$60075$8046368a@newsreader.iphouse.net...
>>> >> "Will" <westes-usc@noemail.nospam> writes:
>>> >>> Can someone recommend an anti-virus solution that lets you build a
>>> >>> boot CD that will inspect the NTFS file system for trojans or
>>> >>> viruses without any need to boot the OS on the file system you are
>>> >>> inspecting?
>>> >>
>>> >> Thats not going to be too common, because its not a very effective
>>> >> model for ongoing A/V protection.
>>> >
>>> > Day-to-day protection has to balance many different issues like
>>> > intrusiveness and performance on a system under use. It's very easy
>>> > to subvert modern virus checking programs with root kit viruses. The
>>> > rootkit simply rewrites kernel functions and reports back to the
>>> > virus checker only the data it wants the checker to see.
>>> >
>>> > Booting from a standalone CD is the only approach that guarantees
>>> > that all files on the file system can be inspected by an OS and
>>> > application that is not under control of a trojan or rootkit. It
>>> > would be an extremely good way of checking for hidden files or
>>> > folders that would otherwise be hidden from view if the rootkit were
>>> > active.
>>> > It's a shame if no anti-virus vendor has seen to create such a
>>> > bootable CD.
>>>
>>> Norton and, I think McAfee both allow that, actually. The only gotcha
>>> is that only PART of the inspection can be done that way. Since virus
>>> profiles are constantly changing, it will still have to access the drive
>>> to get those signatures. But, it's still a very reliable way of
>>> handling infections on PCs. A CD, once written and its session closed,
>>> is not going to be affected by any virus or malware of any kind. So,
>>> yes, the do it with the exception of using the signature files on the
>>> hard drive.
>>> I can't understand why everyone is saying no one does it I just
>>> pulled out my CD to make sure I'm right, and, well, I'm right! <g>.
>>> Toss it in the drive, boot from it, the AV process automagically starts,
>>> and off we go. It's not new been this way for a long, long time.
>>
>> What you are describing is a way to run a virus checker from a CD after
>> booting the OS on the affected system.
>
> Re-read what Twayne wrote: "Toss it in the drive, boot from it, the AV
> process automagically starts". to me that means booting from the CD, not
> booting the OS installed on the machine.

I guess I can go buy one and find out. I did read what he wrote, but
somehow thought he didn't mean it as he literally said it.

--
Will


>> The problem with that approach is
>> that a rootkit virus can alter the operating system calls to disguise
>> what
>> is on the disk.
>>
>> The c:\windows folder might contain a subdirectory named
>> evilvirustoolkit,
>> but as long as you boot your OS under the control of the rootkit that
>> folder
>> stays invisible to every application on the system, including your virus
>> checker.
>>
>> What I was asking for was a virus checker that boots from *its own
>> operating
>> system embedded on a CD*. That way there is no involvement with
>> infected
>> OS code on the system being inspected.
>>
>> --
>> Will
>>
>>
>
>

 

[David B.]

Haven't seen that behavior on any machines I've run it on.
Simple means nothing, as long as it accomplishes the task it's designed to
do, which is scan for nasties.

--

----
Crosspost, do not multipost http://www.blakjak.demon.co.uk/mul_crss.htm
How to ask a question http://support.microsoft.com/kb/555375



"Will" <westes-usc@noemail.nospam> wrote in message
news:qISdndd-R45dNPPVnZ2dnUVZ_sednZ2d@giganews.com...
> The Kaspersky boot CD simply shuts down the computer when it gets to the
> graphics display. It has a "safe" mode that looks like a simple bash
> shell, and I have no idea what to do there. Clearly an experimental
> project for them....
>
> The Avira boots, but it looks like a very simple tool.
>
> --
> Will
>
> "David B." <mail@nomail.net> wrote in message
> news:ep8e91Q3IHA.2524@TK2MSFTNGP04.phx.gbl...
>> Both Avira and Kaspersky have a free boot CD scanner available.
>>
>> http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html
>> http://ftp.kaspersky.com/devbuilds/RescueDisk/
>>
>> --
>>
>> ----
>> Crosspost, do not multipost http://www.blakjak.demon.co.uk/mul_crss.htm
>> How to ask a question http://support.microsoft.com/kb/555375
>>
>>
>>
>> "Will" <westes-usc@noemail.nospam> wrote in message
>> news-CdnR39nbGKIvbVnZ2dnUVZ_vednZ2d@giganews.com...
>> > Can someone recommend an anti-virus solution that lets you build a boot
> CD
>> > that will inspect the NTFS file system for trojans or viruses without
> any
>> > need to boot the OS on the file system you are inspecting?
>> >
>> > --
>> > Will
>> >
>> >
>>
>
>