Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

access denied system volume information - virus ?


  • Please log in to reply
8 replies to this topic

#1 steveeeee5

steveeeee5

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:53 PM

Posted 02 October 2010 - 01:24 PM

Hi ,
I am using XP Pro and and get "access denied" when trying to access system volume information on a removable drive. I am set to see hidden files etc. but I also get "unknown boot code" from bootkit_remover.exe
When I use "fix" parameter from this utility it says "cant read first sector of disk"
Have tried a format but still the same.

Now I am not sure If I really have a virus.

Any help appreciated

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,262 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:53 PM

Posted 02 October 2010 - 01:35 PM

System manufacturer and model?

Can you post a screenshot from Disk Management? Start/Run...type diskmgmt.msc and hit Enter.

How to take and share a screen shot in Windows - http://www.bleepingcomputer.com/tutorials/how-to-take-and-share-a-screen-shot-in-windows/

Louis

#3 steveeeee5

steveeeee5
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:53 PM

Posted 02 October 2010 - 06:28 PM

You dont mention what you want disk mgmt to display. Not sure if this helps.
Its a Dell Latitude

cannot upload.

#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,262 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:53 PM

Posted 02 October 2010 - 06:38 PM

The display is the entire screen.

If you follow my directions to get to Disk Management...you will be looking at what I want to see.

In particular I would like to see the right side of the screen which reflects the drive/partition information for each drive.

Dell Latitude is only part of the System model info...there should be a number assigned the model which identifies which Latitude it is.

Louis

#5 steveeeee5

steveeeee5
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:53 PM

Posted 03 October 2010 - 03:27 AM

Hi Louis, thanks & I have managed to upload now.

Latitude D630Attached File  untitled.JPG   136.63KB   6 downloads

On a seperate note. AVG free, COMODO and Pc Tools antivirus are always running in the background. I run Malware Bytes when I think of it. I hope this is enough

Edited by steveeeee5, 03 October 2010 - 06:10 AM.


#6 hamluis

hamluis

    Moderator


  • Moderator
  • 55,262 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:53 PM

Posted 03 October 2010 - 07:52 AM

Thanks :thumbsup:.

That image reflects an external drive with nothing on it, other than a partition.

Are there any files on that external drive, other than the ones which may initially be put there by XP?

FWIW: The System Volume Information folder...typically reflects "access denied" messages when users attempt to open. It is a protected system file which is used to reflect the info used by the System Restore function.

I'm not familiar with bootkit_remover.exe, so I cannot comment on that or any errors appearing in such.

Dells typically have atypical boot partitions...on your system, that is represented by the EISA partition of 94MB, I think.

I guess that I have to ask...why are running this boot_remover.exe program? What are you trying to do/accomplish?

If you have a malware problem...I suggest that you stop trying to solve it yourself by using questionable programs that might impair your system.

I would suggest, as an alternative way of dealing with such...that you read and follow the suggestions contained in Preparation Guide, Before Using Malware Removal Tools and Requesting Help - http://www.bleepingcomputer.com/forums/topic34773.html.

The 9th step will have you then make the appropriate post in the correct format...at the proper malware forum.

Louis

#7 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:05:53 PM

Posted 03 October 2010 - 01:37 PM

Hi ,
I am using XP Pro and and get "access denied" when trying to access system volume information



You will be unable to access that on any computer. It is a system protected archive. It stores all your system restore points and what not.

#8 DaChew

DaChew

    Visiting Alien


  • BC Advisor
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:01:53 PM

Posted 03 October 2010 - 02:25 PM

On a seperate note. AVG free, COMODO and Pc Tools antivirus are always running in the background


I do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either xxxx or xxxx.
Chewy

No. Try not. Do... or do not. There is no try.

#9 Gabrial

Gabrial

  • Members
  • 468 posts
  • OFFLINE
  •  
  • Local time:12:53 PM

Posted 03 October 2010 - 07:56 PM

You will be unable to access that on any computer. It is a system protected archive. It stores all your system restore points and what not.


It is advisable if connecting a drive to another computer to scan it for malware to change the permissions on your "System Volume Information" so it can be read and the files can be scanned.

To do so, follow the instructions here: http://support.microsoft.com/kb/309531




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users