XP pro corp sp2, odd thing is its a new machine, only been running about 10 days or so. The first things I put on were OS, firewall, antivirus, spyware. So not as if it's been online for years to get clogged with crap.
The Signature & Avatar Rules - No adverts or referral links
I got a couple more ideas but running out here, lol.
try the system restore off and on as before, but reboot inbetween turning it off and turning it back on.
If that fails try:
try turning off system restore as before, but do a more complete job this time by also going to run and typing "services.msc" look for the system restore service in that list and disable it. Reboot into safe mode and run the scan again. if it doesn't hang on it, go back into normal mode and try turning system restore back on in both locations.
if that doesn't work try typing:
del c:\system volume information\tracking.log
in command prompt and see if it will delete the file. If it give an error (other than not found) and won't let you delete it, try it in safe mode.
Last, just delete the whole folder, it shouldn't harm your computer at all, and if you're wary, just back up any data first, which should be easy since its only a 10 day old build.
If none of that works I guess it might be worth it to post either a rootkitrevealer log file and or an Hijackthis log.
Last edited by hvymetal86; 11-13-2007 at 11:48 PM.
Ok, first off you can't get into the Sys Vol Info folder because you don't have the correct permissions to do so. Before doing this make sure that System Restore is turned off (also make sure to restart after turning it off), otherwise you're going to get a file in use error when trying to delete it. To be able to view the permissions tab open any explorer window (i.e. My Computer), go to:
Tools > Folder Options...
Click the 'View' Tab
Scroll all the way to the bottom and uncheck the box that says 'Use simple file aharing'
Now browse to your C: drive, right click on the sys vol info folder and click properties.
Click the Security tab
click Add... type 'Administrators' in the box, and press return
with Administrators selected in the list check the box in the lower portion of the windows that says 'Full Control' then click OK
You should now be able to browse into your sys vol info folder
You might have to repeat the setting of permissions on the tracking.log file, but you should be able to delete it now.
If you do get a file in use error when trying to delete the file click here to download HijackThis.
run the exe, when you get to the main program window click config, click Misc Tools at the top and then click 'Delete a file on reboot'. Browse to the file and click open.
Now reboot your system. If the file is still there then it is being loaded too early during startup and the only way of actually getting rid of it will be to boot off of other media and delete the file.
WARNING: Technically the System Volume Information folder is only used for storing System Restore information, and deleting this file should have no affect on your system, but I have not personally done this before so I can't guarantee it. I would make a copy of this file before deleting it just in case.
"I'm sorry sir, but your ID:10-T error appears to be caused by a PEBKAC issue. There's nothing I can do for you."
You need to defrag your system go to All Programs, Accessories, System tools, Defrag. Then run your spyware software again. Also make sure to reboot after defragging.
Excuse Me?
Didn't Think So!
Bookmarks