I need to get to the C:\drive before Windows gets a hold of it...not doable with NTFS as it is on FAT-32.
Fortunately, it is not my PC (a friend's) and the trojan is only a MSIE browser hijacker. I set my friend up with Mozilla Firefox and everything works fine now. MSIE bites.
I need to get to the C:\drive before Windows gets a hold of it...not doable with NTFS as it is on FAT-32.
Fortunately, it is not my PC (a friend's) and the trojan is only a MSIE browser hijacker. I set my friend up with Mozilla Firefox and everything works fine now. MSIE bites.
If the file is hidden, it's still no problem. If you don't know where it's running from, open a command prompt ([START] -> [RUN] CMD {Enter}) and then type CD \ {ENTER}. Finally type DIR SVHOST.EXE /A /S {ENTER} to find all the locations it's hiding. Then delete them, using the DEL [path]\SVHOST.EXE command. This will defeat even the "Superhidden" attribute where you will not see the file, even if you've specified that you want to see hidden files.
In a worst case scenario, there is a bootable CD image that you can get off of the Internet (I can't remember the name right off hand) that will allow you to boot XP off your CD, then access the NTFS drive with no problems. I can't remember the name right now, but I can post it later, if someone else doesn' do it first.
Mark