I've seen that regarding the D: and G: partitions ,for System Volume Information subfolders (SPP etc..), only SYSTEM has the permission (full control) as shown below(SPP folder as an example):
On the other hand , regarding the C: ,for the subfolders(SPP ,System Restore,Windows Backup etc..) SYSTEM and administrators both have the permissions (full control) and for the subfolders of SPP ,such as SppGroupCache and SppCBSHiveStore ; USERS (limited control),SYSTEM (full control)and administrators(full control) have permissions.
Is this normal?If it is not , can a virus cause this?
Should I remove the permissions of USERS and administrators and leave only the permission of SYSTEM?
Edited by tariintod, 26 April 2011 - 09:20 AM.