0

Background: 500 GB HD began to max out, determined total folders/files should be approx 250 GB. I have Bitdefender but somehow a Trojan got by but finally found with HouseCall. Now all folders indicate "folder empty" although properties show that contents are what they should be. Currently running a full system scan by Bitdefender (45% after 3 1/2 hours) but that won't solve my real problem, which is:

Just ran cmd attrib and discovered ALL files are now access denied. Is there a way to do a wholesale delete of the access denied prefix within cmd or is there another way to solve the problem?

Robert Doty
  • 1
  • 1
  • As @GabrielaGarcia states, see the full guide. In brief, though, from your description, malware is still running; there is no "prefix" or attribute that denies access. The options from most secure to least: 1. Format the HDD and restore from a *known good* backup. 2. Format the HDD and reinstall Windows or another OS from scratch. 3. Make fresh rescue media for malware removal using tools from Kaspersky, MalwareBytes, Avira, etc. Boot from the rescue CD or USB and scan, realizing even multiple tools may still leave some malware. – DrMoishe Pippik Aug 29 '18 at 02:33
  • Hi Robert. Did you run the command prompt “as administrator?” Once you do that you can remove the hidden attributes from files and folders. If all files were “access denied” you wouldn’t even be able to use your computer. – Appleoddity Aug 29 '18 at 02:49
  • I would boot in your case to Live Linux CD, copy most important files (Linux don't care about windows permissions) and then reinstall system. If you got some serious virus which can intercept core API then there no guarantee you can cure it on the same running system, even antiviruses that you can run from live CD (which means you don't activate infected windows) can not give you 100% confidence that everything was cleaned(when virus's binary removed, there are still a lot of damages in registry) In a future, never work under administrative account and don't blindly install software. – Alex Aug 29 '18 at 03:09
  • Not a duplicate, they are asking how to remove the access denied, not how to remove malware. – Moab Aug 29 '18 at 16:39

2 Answers2

0
  1. Go to folder properties and see if you have correct permissions.
  2. Open command prompt with Administrator rights.
  3. To take ownership :takeown /r /f *
    (first test this for one file by giving filename instead of *).
  4. Then to reset file permissions: icacls * /reset
Rahul_69
  • 11
  • 1
-1

An "Access Denied" error message can occur for one or more of the following reasons:

1.The folder ownership has changed.

2.You do not have the appropriate permissions.

3.The file is encrypted.

More than likely the files are encrypted by the malware, you are basically screwed unless you pay them to un encrypt the files.

Source

Moab
  • 58,044
  • 21
  • 113
  • 176