this read access is useless when trying to recover from malware.
read/write/delete/execute access is a MUST !
No problem. See below.
FAT32 has a file size limit of 4 GB, so
if you're into video capture and/or DVD image burning then you will
be unable to do these [easily] with FAT32. NTFS files, on the other
hand, can be ANY size;
I've been doing DL size dvd's for years on fat32 systems. Never once
came across a file that was >4GB. The whole directory structure
totalled > 9GB at times, but that is why dvd shrink & such utils are
used. The actual .vob files were never more than 1GB each in size.
But, you see, many people need files bigger than just DL size. Besides, the
other advantages of NTFS are just overwhelming. I'll never, EVER go back to
FAT32 and sitting in front of my machine waiting for a scandisk to finish
and wondering what got corrupted THIS time!!! NEVER!
This is an excellent topic at an extremely fortunate time
It was just a little too late as it turned out, sorry.
I have Mark's new computer in front of me (Compaq Presario S6300NX)
with the factory Win XP Home SP1 installed. NTFS boot partition
(109GB) and a 6GB FAT32 hidden recovery partition.
So far, so good.
The last 2 days of grief that Mark endured will demonstrate why MOST
average home users should not use NTFS unless they want to spend lots
of time restoring/recovering their systems. Losing precious data in
the process is a given with inaccessable ntfs systems
Well, but he *could* have spent about 15 minutes total. Knowledge!
Knowledge!
And I hate to think how much data (and programs and OS installations)
people have lost from crashed FAT32 filesystems. Look on any given system
at random and notice those .chk files! Try recovering much out of them,
too.
And the cumulative time people have wasted sitting in front of their desks
waiting for the ol' FAT32 scandisk to finish . . . it must amount to
millions of man-hours
. With NTFS you can say goodbye to that nonsense,
thank god!
Unless you're just masochistic or love anachronisms, of course.
His computer was randomly rebooting whenever his family tried to
connect to the internet (dial-up). Lsass.exe errors and numerous
others I have seen many times before on clients computers.
Too easy I thought.... get rid of the Trojans and viruses & he'll be
all set. Not as easy as I thought. I was just going to take his
computer home, yank out his hard drive & throw it into my system &
purge the nasty malware.... Done it millions of times before & is the
quickest approach.
It's definitely NOT the quickest approach, which I'll give you below.
TOTALLY unnecessary to disconnect his computer and waste time and effort
taking his computer home and disassembling and reassembling it!
All those millions of times . . . .
But then, do you charge by the hour?
Mark didn't want it done that way. He wanted to be shown properly how
to correct this mistake on their part & PREVENT it from happening
again. He also wanted it cleaned up without buying any new software.
Mark did have a valid point with the desire to be self sufficient &
not dependent on others for assistance (admirable ambition I thought
Instinctively he somehow realizes there MUST be a better way. I'm impressed
with this Mark. Maybe he should think about starting a new career in IT.
Norton AV 2004 & Norton Firewall was installed properly on his
computer & fully updated but it still allowed the malware. Booting to
safe mode w/ command prompt was useless as none of the installed
utilities can run properly in safe mode nor recovery mode for that
matter
In safe mode w/ command prompt; AVG & F-prot are also useless with
ntfs also. They don't recognize it either.
The trick is to find a bootdisk util that will allow the user to
safely boot to a command prompt that will still allow FULL access to
the ntfs partition (read, write, delete, execute) such that they may
install OR run a disk-based antivirus utility. None exist.
Please stop spreading misinformation. Of course it does very much exist and
is in use and has a very loyal following.
If anyone
does know of such a beast (NO INSTALL & BOOT-DISK style)
I don't see how the trick can be to find a bootdisk util and then require
it not run BOOT-DISK style! I mean, really!
If the computer won't boot because of malware etc. then of course there's
no way around a bootdisk of some kind. Now, FAT32 addicts absolutely love
clinging to their old DOS boot diskettes, even though their modern DELL
might not have a floppy drive
.
please post
in this newsgroup. Emails to sysinternals & several other gurus also
resulted in the same answer.... none exist. They said either reformat
or try non- destructive recovery. Neither choices were desired by
Mark.
Good on Mark. What fine common sense. Hope he tells off those idiots at
sysinternals and those would-be gurus.
We ended up going with my original method of swapping out his drive to
my system.
Oh, what a monumental waste of time that was for both of you.
His system is now malware free & no critical data was lost.
NTFS is no longer on his system & fat32 IS faster on his AMD Athalon
2800+.
But then Mark's computer was evidently struck with another kind of malware,
almost as bad as that it replaced, that wiped out his reliable, secure,
highly superior NTFS filesystem and replaced with that FAT32 crap. Even as
we speak, Mark's probably sitting in front of blue screen watching a
scandisk, reading about clusters truncated . . . .
You put that NTFS right back on the way it was, you hear? Some repair guy,
eh? The nerve!
Now you've probably got to do the cluster alignment first, too: see
http://www.aumha.org/a/ntfscvt.htm on how to handle that.
Anyone else have a reliable NO INSTALL method to correct ntfs
corruption due to malware, please post to the group. I am sure we are
all ears
Cup your ears, pal. Here it comes, a revelation:
Just get Bart's PE Builder free from
http://www.nu2.nu/pebuilder/
and make yourself a boot disk on steriods that gives access to just about
any utility you want, even a web browser, and reads/writes NTFS with ease
in a mini-XP environment. Many plugins are available including for
virus/spyremovers (you can build your own, too) and there's an active forum
for support. Fantastic, really, as far as boot disks go!
It also has network drivers so you can just boot up Bart's on the ailing
computer and run whatever you want on its disk from another machine, like
your notebook for example.
Perfect for running your sys files restore from the backup you previously
made with ERUNT, which don't even need to be on a separate partition or
anything. (Just restoring a registry can sometimes be enough to deal
adequately with malware or at least get your system booted well enough to
run what you need.)
A DOS prompt is just PITIFUL compared to that, pal! And I do mean
PITIFUL!!!
OK, you've been told. Yer welcome.
( but that will change