Access denied on various Win7 files

[Zootal]

I boot to XP, which is located on my e: partition, and I navigate to G:
\Program Files\Windows Sidebar (Win7 is on my g: partition). I attempt to
rename sidebar.exe. I get "access denied". How can I get access denied? I'm
logged into XP as an administrator, and Win7 isn't running. I can rename
the directory the file is in. I can copy the file. I do a diskcheck and it
says nothing is wrong with the file.

It's not just this one file. There seem to be many files that are part of
the Win7 install that I can't rename/delete, even though Win7 is not even
running and I am logged into admin.

 

[Joel]

Anyone have a better answer?

It would probably be a complex hack, if even possible, to modify the
permissions on files like that, to allow another Windows installation
to modify them.

 

[Zootal]

It would probably be a complex hack, if even possible, to modify the

permissions on files like that, to allow another Windows installation
to modify them.

I wasn't aware that you could do *anything* to a file to deny access to the
administrator of the currently running operationg system. XP doesn't do it
- I restore my XP installations from time to time, and I've never had any
problems deleting all of the existing XP install files and replacing them
from a backup.

 

[Joel]

I wasn't aware that you could do *anything* to a file to deny access to the
administrator of the currently running operationg system.

Administrator is not the highest privilege level.

 

[Zootal]

Administrator is not the highest privilege level.

What is?

 

[Joel]

What is?

Well, that doesn't necessarily mean that an Admin can't get access if
they force the issue - in fact, I'm pretty sure that by booting into
Win7 itself, you could figure out how to. But I would have to think
they'd make it a lot trickier to open the system files up, to other OS
installs, particularly of XP and older NT versions.

To answer your question, though, System would generally be the highest
privilege level.

 

[Zootal]

Administrator is not the highest privilege level.

Well, that doesn't necessarily mean that an Admin can't get access if
they force the issue - in fact, I'm pretty sure that by booting into
Win7 itself, you could figure out how to. But I would have to think
they'd make it a lot trickier to open the system files up, to other OS
installs, particularly of XP and older NT versions.

To answer your question, though, System would generally be the highest
privilege level.

I'm curious as to how this is done. I've always kept my XP installs on
fat32 partitions, so this has never been an issue. You can't do anything to
a file on fat32 to restrict access when you boot from another OS.
Apparently, you can do this with files on an ntfs partition.

 

[Dave-UK]

What is?

TrustedInstaller has the highest privileges and TrustedInstaller owns the sidebar.exe file.

If you check the security status of sidebar.exe you will see that Users, Administrators and
even System have only read and execute access.
Only TrustedInstaller has full control. That's why you can't rename it.

If you wanted to run sidebar.exe as you said, you would first have to take ownership of
the file and then give yourself full control.
Then edit it with a hex editor to stop it writing the registry entry to run at start-up.
The string 'Software\Microsoft\Windows\CurrentVersion\Run' starts
at 0x00005F1C so you could, I guess, modify that by changing, say, Run to Sun.
Then when you ran the program it would write a harmless registry entry that didn't
instigate a run at start-up.

If you tried to edit sidebar.exe without taking ownership then Win7 will
just automatically replace the edited file with a good copy.

 

[Joel]

I'm curious as to how this is done. I've always kept my XP installs on
fat32 partitions, so this has never been an issue. You can't do anything to
a file on fat32 to restrict access when you boot from another OS.
Apparently, you can do this with files on an ntfs partition.

NTFS has features that are more akin to Unix/etc. file systems.

 

[Joel]

To answer your question, though, System would generally be the highest
privilege level.

Privilege in that sense not necessarily meaning within the file
system - it's deliberately more dynamic in the file system.

 

[GreyCloud]

Dl this take ownership reg hack and you can do anything to any
file/folder you wish.

http://www.neowin.net/forum/topic/499870-vista-tips-tricks-tweaks/

There is now a God Mode in Win7.

http://techpp.com/2010/01/08/windows-7-god-mode/comment-page-1/

I don't know if this is useful for the OP tho.

 

[Pastor Dave]

I boot to XP, which is located on my e: partition, and I navigate to G:
\Program Files\Windows Sidebar (Win7 is on my g: partition). I attempt to
rename sidebar.exe. I get "access denied". How can I get access denied? I'm
logged into XP as an administrator, and Win7 isn't running. I can rename
the directory the file is in. I can copy the file. I do a diskcheck and it
says nothing is wrong with the file.

It's not just this one file. There seem to be many files that are part of
the Win7 install that I can't rename/delete, even though Win7 is not even
running and I am logged into admin.

Have you tried, in Win7, to "take ownership" of the files?

--

Pastor Dave

The following is part of my auto-rotating
sig file and not part of the message body.

“What we do for ourselves dies with us. What we do
for others and the world, remains and is immortal.”
- Albert Pines

 

[Zootal]

Have you tried, in Win7, to "take ownership" of the files?

No - I solved the problem without actually taking the ownership of the
file.

 

[Pastor Dave]

No - I solved the problem without actually taking the ownership
of the file.

Great! Would you mind please sharing how you did it?
I (and we, I'm sure) would very much appreciate it!

--

Pastor Dave

The following is part of my auto-rotating
sig file and not part of the message body.

"For the day is near, even the day of the Lord is near,
a cloudy day; it shall be the time of the heathen. And
the sword shall come upon Egypt, and great pain shall
be in Ethiopia, when the slain shall fall in Egypt, and
they shall take away her multitude, and her foundations
shall be broken down." - Ezekiel 30:3-4 (prophecy about
Egypt, fulfilled in 480 B.C.)

 

[Lord Vetinari]

Great! Would you mind please sharing how you did it?
I (and we, I'm sure) would very much appreciate it!

--

Pastor Dave

The following is part of my auto-rotating
sig file and not part of the message body.

"For the day is near, even the day of the Lord is near,
a cloudy day; it shall be the time of the heathen. And
the sword shall come upon Egypt, and great pain shall
be in Ethiopia, when the slain shall fall in Egypt, and
they shall take away her multitude, and her foundations
shall be broken down." - Ezekiel 30:3-4 (prophecy about
Egypt, fulfilled in 480 B.C.)

Check your religion at the door, Davey, this ng is about Win7....

 

[Zootal]

Great! Would you mind please sharing how you did it?
I (and we, I'm sure) would very much appreciate it!

Well, the initial problem is Windows sidebar, on startup, will add itself
to the run section of the registry so that it automatically starts next
time you start Windows. There doesn't seem to be any way to stop it - you,
the user, the owner of the computer, are not given a choice (thank you
Microsoft for telling me what I want). I tried to delete the file, and
could not because I, the administrator, did not have sufficient privileges.

One of the more helpfull denizens here suggested I edit the file so that it
writes to a different place in the registry, thereby preventing the auto
startup. Rather then figure out how to get privileges to do so (which was
easy but I swear it wouldn't let me at the time lol), I simply copied the
file to sidebar1.exe. I own the copy, and it let me edit it and now I run
the edited copy at Windows startup. No more auto startup.

 

[chrisv]

Check your religion at the door, Davey, this ng is about Win7....

His sig (and yours) can be anything he wants. Don't criticize.

 

[Lord Vetinari]

His sig (and yours) can be anything he wants. Don't criticize.

This ain't about YOU, dick. You really ought to learn what's said about
unsolicited advice. JFGI.

BTW, "Pastor" Davey is one of those nasty little xian trolls who afflict
alt.atheism....and I'll hound his sorry ass anytime I run across him.

 

[Gordon]

His sig (and yours) can be anything he wants. Don't criticize.

No it shouldn't - way too long. RFC says FOUR lines max.