[ Date Index ][
Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
-----Original Message----- From: owner-list@xxxxxxxxxxxx [mailto:owner-list@xxxxxxxxxxxx]On Behalf Of Andrew Shelley Sent: 16 July 2004 22:29 To: list@xxxxxxxxxxxx Subject: Re: [LUG] Sony Lagdog, etc Ok, here's the deal. A friends pc with windows xp home, of which I know nothing, is reporting an infected file containing a trojan. The file is buried several directories down - starting at c:/System Volume information. This is some sort of hidden directory which can't be seen using the file manager or dos prompt. I thought I'd be clever, so I booted knoppix off the cd, then mounted the ntfs partition. I can now see the offending file but can't delete/rename it. None of his antivirus stuff seems to be able to sort the matter. I did suggest ditching windows completely, but this idea hasn't found favour :(
< Hi Andrew, C:\System Volume CAN be seen but you need to tell the system you want to. It'll warn you it's dangerous but tell it to get lost as you know what you're doing ;) (You do know what you're doing don't you? ;)) In Windows go to My Computer, then Tools -> Folder Options -> View: Untick "hide protected operating system files (recommended)". Also change the bullet point above it to "show hidden files and folders". Then go to the offending file and dump it :) If you're not sure of your friend's ability not to delete somethign vital by mistake, feel free to hide the files again afterwards. If that doesn't work (and there is no reason it shouldn't) try the below. Plan A: visit www.bootdisk.com download their Windows 98 book disk image and put it on a floppy disk. Then boot the offending machine into DOS and delete the file there, where it *can't* stop you. You WILL also need a DOS NTFS reader but a bit of Googling should avail you of one. Plan B: You could try www.freedos.com and use a Freedos boot disk. I *think* that will read NTFS straight away. Plan C: www.bootdisk.com also have Windows XP boot disks but I don't know their ability to read/write NTFS. Always keep your boot disk handy (as a friend of mine recently reminded me). One thing I will say is that Windows XP defaults to NTFS on installation which I think is a bad idea. I always change mine to FAT32 because I have a software AND a hardware firewall between me and the internet and more sense than to open a dodgy file in an email. Therefore a bog standard Windows 98 disk does me fine :) Kind regards, Julian PS as this is Windows related feel free to mail me off the list if you need any ideas :) --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.719 / Virus Database: 475 - Release Date: 12/07/2004 -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.