Access Denied

My system has managed to become infected with two different trojans. You gotta love the net I've ran the AV but unfortunately it has failed to clean these trojans from my system. Following the directions from Ontrack, they recommend deleting these files. Ok, fine, no problem. They are located in "C:\System Volume Information\" directory. Again, no problem. When I try to open the folder I get the error message below. I am the administrator on my computer and there are no other users. I'm using WinXP Pro with SP1. I've tried booting into safe mode, and safe mode with command prompt, but whenever I select that option I see several files scrolling on the screen then the comp reboots and loads windows normally........no safe mode. Any ideas of how to open this folder so I can get rid of these trojans?

 

An update here. I managed to boot into Safe Mode and tried to open the folder again. I received the same error message. I also managed to boot into safe mode with command prompt. I went to C:\ and used the 'dir' command to list the directories. The directory isn't listed What gives with that? Is windows hiding the system files in safe mode? If so is there a way show them so that I can access the file. While operating in standard windows I have "Hide system files" unchecked and "Show hidden files and folders" checked so that all is visible. Any thoughts? The directories I'm trying to access are C:\System Volume Information\_restore0D1EAAD5-18FD-4F69-8CB2-2E78919A3B0E\RP46\ and C:\System Volume Information\_restore0D1EAAD5-18FD-4F69-8CB2-2E78919A3B0E\RP77\. Both directories contain the trojans that I need to get rid of. I am assuming (although dangerous) that this directory contains my system restore information. Is there a way I can purge the system restore points and start fresh, thus removing the trojans?

 

turn off system restore. it will delete all restore points and then turn it back on..

additionally, if you're the admin, you can simply TAKE OWNERSHIP of the file in its' security properties and you can access the file.

 

Gotta love System Restore, capable of restoring any precious vira you might have deleted

Actually it is weird that the AV discovers the vira in the System Restore folder most official vira tools excludes those folders.

 

Ok, obiviously I'm doing it wrong. Right click>Sharing & Security>Sharing> the option to make this folder private is greyed out.

Also, I turned off System Restore, then turned it back on. I'm running the AV again to see if detects the trojans in there again but it still bugs me that I can do what I want to with this file.

 

I'm using Ontrack System Suite 4. It's one of the best on the market and I've been using it since it was called Ontrack Fix-It Utility. It's a damn good system suite and I swear by it.

 

Ok, got rid of the two trojans that where plagueing me, but the ownership of that folder still puzzles me. Why can't I take ownership of it?

 

Maybe so, but I was under the impression from Kodo's post that I could take ownership of the folder and go into the folder. I could be wrong though

 

yes you can.. you have to add your user to the rights of the folder and then give the proper rights to access it. I forgot that only SYSTEM is the default user with rights on that folder.

 

Ok, howya do dat

 

Shouldn't it be under properties? Right click and go to properties... I thought there was a security tab there. Permissions are found there... and BTW... you know any anti-virus besides Norton's Antivirus that checks for trojans? Because I think I may have one myself... my Norton's Antivirus doesn't work... and it's acting very strange. Also, I've had attempted logins on my computer as shown by my Event Viewer under the security logs.

I've saved the security log, and if need be, I can attach it and let you guys view it, but it would definately have to be someone on the same ISP as me or someone from the ISP, because I have dynamic IP, being on dial-up, and the attempted logins occur on several different dates. If you have any thoughts, let me know... I've since had my firewall up, which has successfully twarted anymore attempts... so I'm good for now.

 

Sure, Ontrack System Suite........I swear by it. I found the security tab that you're talking about but there isn't anything there to set privelages for.

 

I don't have a security tab. Only general, sharing, and customize. Nothing like that is under either one of those tabs. WTF?

 

I'm using XP Pro and that worked. Thanks Halo.

 

you got to stop using that kaaza dude, the root of all evil