Unknown .exe files in System Volume Information [Resolved]

When defragmenting one of my partitions with Defraggler, it quickly diplays the path to some unknown .exe files in the System Volume Information folder. Anyone knows what this could be? I can’t access the folder because Windows System Restore is turned off, and the service is deleted since long.

Thanks

LA

[attachment deleted by admin]

I can’t do anything to change any rights for this folder ???

Have you tried to take ownership?

What is that? :-[

I’ve tried to enable sharing, both locally and on the network, but those options are grey.

LA

[attachment deleted by admin]

http://www.howtogeek.com/howto/windows-vista/add-take-ownership-to-explorer-right-click-menu-in-vista/

http://www.howtogeek.com/howto/windows-vista/how-to-delete-a-system-file-in-windows-vista/

http://translate.google.com/translate?u=http%3A%2F%2Fwww.raymond.cc%2Fblog%2Farchives%2F2007%2F11%2F08%2Fabout-recycler-and-system-volume-information-folder-in-xp-and-vista%2Fpt%2F&sl=pt&tl=en&hl=pt-PT&ie=UTF-8

Hope it helps you.

Poor LA. So upset that she (he??) can’t deleted those files. (:TNG)

It won’t take long for a prosecution… :smiley: … Just kidding… I wonder if LA is already threatning the System Volume Folder to give full rights… :smiley:

(:LGH)

BTW DarkButterfly, how come even right after you reply to a topic, your status is offline? Are you set up as a hidden user?

Judging from the file name, it sounds like a normal System Restore-file, which may, or may not, be a malicious file.

LA, you’ll need to disable simple file sharing in folder options.
http://compnetworking.about.com/cs/winxpnetworking/ht/winxpsfs.htm

Once you’ve done that, right-click System Volume Information and go to the Security-tab, and from here, you can change permissions for the users. Just give full permission to yourself, and you can access the folder.

Yep. One of the links, I believe that last one I gave, tells how to do it. But all other information is algo great and useful to have. We never know when windows can go crazy at us… :slight_smile:

We could say - hiatus :slight_smile: :smiley:

Thank you very much guys for the advice.

However, it seems like none of them apply to my system. I guess it’s too slimmed.

  1. I can’t take ownership - the command is unknown to XP (those links were for Vista). :slight_smile:
  2. I can’t disable simple file sharing because the option is gone. :slight_smile:
  3. I have no Security tab in Properties. :slight_smile:

LA

Ps. Like you wrote Rag, those are probably “normal” System Restore files. They are probably harmless. Anyway they have never been executed or done anything else.

I was unaware you have XP… Sorry… :slight_smile: But, if I am not mistaken one of them pointed for XP… Anyway, you nlited XP so well, you can’t do nothing at all… :smiley:

I can’t say if that file is or not harmless, but, could one live with that doubt? I hope it’s nothing.

Best regards

You could try booting up on a CD or in Safe Mode…

Well, I can live with the uncertainty, thanks to Defense+. :slight_smile: If anything in System Volume Information ever gets executed (though I doubt that it will happen) I think D+ would catch it.

Jeremy, I might try your suggestions later. Thanks.

LA

In XP, you should be able to access a security tab in properties, there are several ways depending on the version (Home or Pro), perhaps the most convenient one is just booting in safe mode (no need to change the simple sharing setting then). There take over ownership (as admin), then grant yourself permission to delete, then delete.

Just a thought have you tried Safe Mode with command prompt not sure if you would be able to see the files though.
Dennis

Thank you all.

I booted in Safe Mode which made the Security tab appear. Obivously, Ownership was already taken. Seems like there’s nothing left to do according to the tips here. But hey! I received a sweet little PM from JoWa. He suggested to use the FileASSASSIN tool of Malwarebytes’ Anti-Malware. And guess what - I got it working!!!

:BNC

With FileASSASSIN I could open the folder, select any file, and even open the files from there. There were a few RP folders (Restore Point), and many .ini files. Also, many .exe and .sys files. I looked briefly at some files and it seems like some were nLite related, some were Windows Update (hotfix) related. I deleted them all and saved 200 MB on the D partition. ;D

Of course I had to check C as well, maybe I could save space, but that folder was empty.

So everyone, in case you cannot access your folder and you wish to clean up some junk, install Malwarebytes’ Anti-Malware and give it a shot. :-La

Topic resolved - but let’s leave it open for a while in case anyone wish to comment. I’m just thrilled that I saved even more disk space. :slight_smile:

LA

And now they are destroyed indeed. :slight_smile: Which reminds me, I should run Defraggler again, the very program that started all this. 88)

LA