I'll second BARTPE for being able to write to the disk-it is very cool. You can set drives to be shared so that you can hook your laptop to it and run through directories etc.
Even with a linux-based live disk like Helix you can write to ntfs too. Just needs to be mounted right. http://www.ntfs-3g.org/ mount -t captive-ntfs -o rw /dev/hda1 /mnt/hda1 etc > >-----Original Message----- > >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > >On Behalf Of Mike Moratz-Coppins > >Sent: Wednesday, March 19, 2008 4:28 AM > >To: [email protected] > >Subject: Re: More along the lines of malware disinfection > > > >Express Web Systems, Inc. wrote: > >> The problem with accessing the "Documents and Settings" folder is a > >tough > >> one to crack, as I didn't have to deal with it in my instance (the > >files > >> were located in a hidden directory in C:\Windows\). You might want to > >try > >> liveCD that supports reading and writing to NTFS (if they are using > >NTFS, or > >> if you are lucky, just access the drive via FAT32). > > > >AFAIK most live CDs just grant read-only access to NTFS. Which one > >would you recommend? > > > >> As a different avenue of approach, maybe you can accomplish something > >with > >> BartPE. That would allow you to boot into windows and run various apps > >> independent of the compromised OS. > > > >I haven't heard of that before, I'll read up about it. > > > > > >-- > >Mike Moratz-Coppins > >[EMAIL PROTECTED] > >http://www.mikeymike.org.uk/
