	[x] Posted via EE Mobile
	Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

05/16/2009 at 02:46AM PDT, ID: 24414271

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

8.7

spyware / rootkit or else? Cannot take ownership of new folder "quarantine" and cannot delete

Asked by abel in Windows Network Security, Anti-Spyware, Windows Vista

Tags: spyware, rootkit, quarantine, spyware doctor, pc tools, take ownership, security

Hi all!

I'm not totally ignorant when it comes to rootkits, spyware etc and I don't (yet) say I have one. Two scans (Panda, Comodo) didn't reveal viruses (going to try online F-Secure and McAfee as well), but I know that even rootkit revealers usually won't reveal that: rootkits (F-Secure blacklight didn't find any). This nightmare started out while researching why Apache didn't start anymore: http:Q_24412193.html.

Now, my current question where I'm a bit stuck on, is this: I tried to install Spyware Doctor and it gave me an error "Access Denied" while trying to create the quarantine folder (c:\users\Abel\AppData\Roaming\PC Tools\Spyware Doctor\Quarantine). So I went to that folder, and it wasn't created. I created it. Ran the installer again (as admin) and same error.

Now it gets funny: I went again to that directory, this time to delete it, and now I got Access Denied myself. I checked permissions: no ownership (!!???) and tried to regain ownership (tried several admin users) and failed with all, saying "access denied". I then tried it from the command prompt to be sure I wasn't crazy and still: access denied.

Know that I usually don't have problem taking over ownership of a file or a directory. In fact, I use the "remove ownership" trick sometimes to make sure occasional users don't accidentally remove secure files (it is just to prevent stupidity).

I'm on Windows Vista Business, and the following two commands should show you my problem clearly:

C:\>dir "Users\Abel\AppData\Roaming\PC Tools\Spyware Doctor" /b
quarantine

C:\>takeown -f "Users\Abel\AppData\Roaming\PC Tools\Spyware Doctor\quarantine"
ERROR: Access is denied.

Any help on how to search for what's going on here is appreciated. I will restart into safe mode to find out whether that will help. In the screenshot the advanced security settings

View the Solution FREE for 30 Days

Attachments:

ScreenShot284.png (37 KB) (File Type Details)

owner tab

Related Solutions: Interpretation of combofix log

20091028-EE-VQP-86 - Hierarchy / EE_QW_EXPERT_20070906

1. snoopfrogg 85,125
2. oBdA 71,016
3. dstewartjr 62,335
4. Paranorm... 61,156
5. McKnife 53,397
6. bbao 45,259
7. richrumble 40,403
8. mkline71 38,275
9. johnb6767 37,201
10. DaveHowe 36,256
11. toniur 29,970
12. bluntTony 28,435
13. CoccoBill 26,461
14. rpggamer... 25,500
15. Admin3k 22,039
16. keith_ala... 21,450
17. Americom 20,700
18. xmachine 18,300
19. Shift-3 17,100
20. tigermatt 16,600
21. Chris-Dent 15,000
22. demazter 14,345
23. Mestha 13,450
24. Pber 13,100
25. leew 12,950

1. richrumble 716,664
2. r-k 434,942
3. oBdA 373,903
4. Sheharya... 355,518
5. trywaredk 297,335
6. war1 296,544
7. rpggamer... 290,883
8. gidds99 274,092
9. Phil_Agc... 244,228
10. toniur 235,529
11. KCTS 216,346
12. CoccoBill 209,480
13. sirbounty 194,693
14. McKnife 181,460
15. bbao 173,429
16. PeteLong 163,654
17. johnb6767 161,905
18. sunray_... 146,627
19. snoopfrogg 134,051
20. Jay_Jay70 118,090
21. leew 114,761
22. PowerIT 98,045
23. mdiglio 97,751
24. younghv 91,820
25. rindi 90,461

spyware / rootkit or else? Cannot take ownership of new folder "quarantine" and cannot delete

Asked by abel in Windows Network Security, Anti-Spyware, Windows Vista

Tags: spyware, rootkit, quarantine, spyware doctor, pc tools, take ownership, security

About this solution