From: "Robert Comer" 

Did you try changing to SU?

It might be that the NTFS driver is read only though, and the only way
around that is to use something else.

--
Bob Comer


"Glenn Meadows"  wrote in message
news:43b48b5f$1{at}w3.nls.net...
> What would the magic incantation be using Knoppix, to allow me to DELETE
> files on the Windows HD?
>
> I successfully created the Knoppix 4.0.2 bootable CD, and the Dell box
> very nicely booted.
>
> I clicked on the hd2 link that was on the desktop, and was able to
> navigate to the System32 folder, and there, lo and behold, was the
> offending file, browseal.dll.  Right click, select DELETE, got the error
> Unable to delete, insufficient permissions (or something like that).
> Then, I opened the properties on the file, and attempted to add the
> appropriate permissions, but was told that I was unable to change the
> permissions.  (The icon on the file was the "gear", which I
presume means
> "system file".  Very frustrating.
>
> The resolve I reached on this issue, was remove the HD (it was on snap
> slides in the Dell box, which had a swing open case), then add it in on
> another system, boot that, and then navigate to the offending file, and
> was able to delete it.  Put the drive back in the original box, booted
> right up, and since I had cleaned out all the "trash" left from the
> attack, it didn't reappear.  Cleaned up the remaining registry entries,
> ran a couple more virus scans (AVG, SOPHOS, as well as 4 Adware/malware
> scans (Ad-Aware, Spybot, Counterspy, and ewido).  Each found a few other
> "remnants" that needed to be cleared out.  One, a left
behind keylogger
> that never was executed (alt.exe), and a couple other remnants of
> W32/Loosky-k.
>
> It appears, that he got hit with the very early bleeding edge of a new
> Trojan that's in the wild.
>
>
> --
>
> Glenn M.
> "Robert Comer" 
wrote in message
> news:43b3f22d$1{at}w3.nls.net...
>> I've used Knoppix or BartsPE for things like this...
>>
>> --
>> Bob Comer
>>
>>
>> "Glenn Meadows"  wrote in message
>> news:43b35cc9{at}w3.nls.net...
>>> Thanks.  I think I've got an XPHome full install version, will have to
>>> slipstream it.
>>>
>>> There's also Knoppix as a trial  (downloading now).
>>>
>>> --
>>>
>>> Glenn M.
>>> "Robert Comer"  wrote
in message
>>> news:43b35aa3$1{at}w3.nls.net...
>>>> You need a WInXP home CD with SP1 slipstreamed into it, there was a
>>>> password hashing problem /difference between GA and SP1.
>>>>
>>>> --
>>>> Bob Comer
>>>>
>>>>
>>>> "Glenn Meadows" 
wrote in message
>>>> news:43b35949$1{at}w3.nls.net...
>>>>> Tried that, got a strange situation.  When booting the Recovery
>>>>> console, and asking for the Administrator PW, when
entered, I get
>>>>> "incorrect password", and I'm not allowed in.
>>>>>
>>>>> I even booted into safe mode, logged into the
Administrator account,
>>>>> and reset the password to something else, but the
Recovery Console
>>>>> still says the Password is incorrect.  The OS is
XP-Home, using and
>>>>> XP-Pro install CD. Incompatible???
>>>>>
>>>>> --
>>>>>
>>>>> Glenn M.
>>>>> "Gregg N" 
wrote in message
>>>>> news:43b35847$1{at}w3.nls.net...
>>>>>> Glenn Meadows wrote:
>>>>>>> I'm seriously thinking of removing the HD,
strapping it in as a
>>>>>>> second drive on another system, and deleteing
the file from a
>>>>>>> different booted system. Thoughts on that approach?
>>>>>>>
>>>>>>>
>>>>>> Just use a bootable CD that gives you access to a
command prompt. I
>>>>>> think you can use the XP installation CD for this purpose.
>>>>>>
>>>>>> Gregg
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>

--- BBBS/NT v4.01 Flag-5