script doesn't see system folder

hi
it uses system account, there are all permissions for this acc. If user without permissions logined, script doesn't see folder "_restore"
If any user didn't login, all ok
what's wrong?

 On error resume next
 
const strComputer = "."
set fsoObject = Wscript.CreateObject("Scripting.FileSystemObject")
Set ErrLog = fsoObject.OpenTextFile("C:\install\ErrLog2.txt", 2, "True")
 
  ErrLog.WriteLine "=========================================="
 
   Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\CIMV2")
   Set colItems = objWMIService.ExecQuery("ASSOCIATORS OF {Win32_Directory.Name='c:\System Volume Information'}" & "WHERE AssocClass = Win32_Subdirectory " & "ResultRole = PartComponent")
 
   For Each objItem In colItems
      ErrLog.WriteLine "subfolder: " & objItem.Name
   Next
   
Set objFolder2 = fsoObject.GetFolder("c:\System Volume Information")
ErrLog.WriteLine "Size " & objFolder2.Size
 
If Err.Number <> 0 Then 
	ErrLog.WriteLine "Test.vbs Error: " & Err.Number & ", Description = " & _
	Err.Description & ", Source = " & Err.Source
end if			
ErrLog.Close
wscript.quit 

Start by removing the On Error Resume Next to see if you are getting errors.

and what? do u think i didn't make this???  other advices?

The reason you remove the On Error Resume Next is to see what the errors are in the script and error handling should be done where the error will occur, not globally:

Dim objFSO : Set objFSO = WScript.CreateObject("Scripting.FileSystemObject")
Dim strFolder : strFolder = "C:\System Volume Information"
If objFSO.FolderExists(strFolder) Then
    On Error Resume Next
    Dim objFolder : Set objFolder = objFSO.GetFolder(strFolder)
    If Err.Number = 0 Then
        WScript.Echo "No Error, connected to folder"
        WScript.Echo objFolder.Name & vbTab & objFolder.DateLastModified
    Else
        WScript.Echo Err.Number & " " & Err.Description
    End If
    On Error GoTo 0
Else
    WScript.Echo strFolder & " does not exist"
End If

it's without errors. Script doesn't see "_restore", not "system volume information"
if u talk about dim and others, script is a part of another script with it
about "On Error Resume Next", do u think i didn't remove it?!

any suggestions?

My first suggestion is to provide more information. Don't assume that everyone knows the issue you're having or how you arrived at it.

Please confirm the following:

1. The script is running under the NT AUTHORITY\SYSTEM account.
2. If a user is not logged-on, the script enumerates the sub-folders, it sees one named '_restore'.
3. If a user is logged-on, the script enumerates the sub-folders, but it does not see one named '_restore'.
4. Your question would be: Why is this occurring?

1) yes
2) yes
3) there is one folder "_restore", can't say about enumerate
If logined user have permissions on folder, all ok
4) this is mistake of microsoft?
Script runs on win xp

that example was need for this script. if u noticed mistake or know how improve it, please tell me

' script backup system volume information, if space isn't enough, sen e-mail
 
 
 dim colFolders, objFolder, Envi, objFolder2, objFolder3, SystemPath, DirectoryName, strComputer
 dim WshShell, objPName, net
 dim fsoObject, LogFile, txtStream, tag, objEmail
 dim objNetwork, objComputerName, objUserName, namefolder
 
 
 
 ' Computer Name and Logoned Username
 Set objNetwork = CreateObject("Wscript.Network") ' объявляем Network, создаём программный объект автоматизации
 objComputerName = objNetwork.ComputerName
 objUserName = objNetwork.UserName
 
 
 k = 34
 kk = chr(34)
 
 strComputer = "."
 Set WshShell = WScript.CreateObject ("WScript.Shell") 
 IF  WshShell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\CurrentVersion") > "5.1" Then
     wscript.quit
 end if
  objPName = WshShell.RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductName")
 
 IF Instr( 1, LCase (objPName), "microsoft windows server", 1) = 0 Then
     set fsoObject = Wscript.CreateObject("Scripting.FileSystemObject")
     Set Envi = WshShell.Environment ("Process")
     SystemPath = Envi("SystemDrive")
     DirectoryName = SystemPath & "\System Volume Information"
     
     ' name of organization
     If fsoObject.FileExists("c:\\program files\OCS Inventory Agent\service.ini") Then
         Set LogFile = fsoObject.OpenTextFile("c:\program files\OCS Inventory Agent\service.ini", 1)
         txtStream = LogFile.ReadAll
         tag = InStr(LCase(txtStream), "/tag:") 
         txtStream = mid(txtStream,tag)
         tag = InStr(LCase(txtStream), " ")
         txtStream = left(txtstream,tag)
         txtStream = mid(txtstream,6)
         LogFile.Close
     else
         txtstream = "file doesn't exist"
     end if
     
     
     ' make mail for sending
     Set objEmail = CreateObject("CDO.Message")
     objEmail.From = "***@***.***"
     objEmail.To = txtStream + "@***.***"
     objEmail.Configuration.Fields.Item _
     ("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
     objEmail.Configuration.Fields.Item _
     ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = _
     "***"
     objEmail.Configuration.Fields.Item _
     ("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
     objEmail.Configuration.Fields.Update
     
     if fsoObject.FolderExists (SystemPath & "\System Volume Information") Then
         
         Set objFolder2 = fsoObject.GetFolder(SystemPath & "\System Volume Information")
         Set colFolders = objFolder2.SubFolders
         For Each objFolder in colFolders
                If Instr(objFolder.Name, "restore") <> 0 then
                 k = 1
             end if
         Next
         
         if objFolder2.Size = 0 then
             k = 0
         end if    
         If k = 1 then
             ' проверяем свободное место
             if frit(systemPath) > 10 then
                 DirectoryName = SystemPath & "\sr"
                 
                 Set CmdLog = fsoObject.OpenTextFile("C:\Cmd.cmd", 2, "True")
                 CmdLog.Writeline "CHCP 1251"
                 CmdLog.Writeline kk & "%ProgramFiles%\nnBackup\nnbackup.exe" & kk & " sync -i " & kk & "%SystemDrive%\System Volume Information\" & kk & " -o " & kk & "%SystemDrive%\sr\backup" & kk & " -s -sa -e -c -x *.tmp"
                 CmdLog.Close
                 net = WShShell.Run ("C:\Cmd.cmd", 0, true)
                 wscript.sleep 15000
                 fsoObject.DeleteFile("C:\Cmd.cmd")
                 Set objWMIService = GetObject("winmgmts:" & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
                 Set colFolders = objWMIService.ExecQuery("ASSOCIATORS OF {Win32_Directory.Name='" & DirectoryName & "'}" & "WHERE AssocClass = Win32_Subdirectory " & "ResultRole = PartComponent")
                 For Each objFolder in colFolders
                     LMDate = objFolder.LastModified
                     datemod = WMIDateStringToDate(LMDate)
                     namefolder = objFolder.Name
                     Set objShell = CreateObject("Shell.Application")
                     Set objFolder2 = objShell.Namespace(nameFolder)
                     Set objFolder3 = fsoObject.GetFolder(namefolder)
         
 
                     if objFolder3.Size > 0 then
                         Set CmdLog = fsoObject.OpenTextFile("C:\Cmd.cmd", 2, "True")
                         CmdLog.Writeline "CHCP 1251"
                         CmdLog.Writeline kk & "%ProgramFiles%\nnBackup\7za.exe" & kk & " a " & kk & "%SystemDrive%\sr\" & objfolder2 & "_" & date & ".7z" & kk & " " & kk & namefolder & kk & " -v2g"
                         CmdLog.Close
                         net = WShShell.Run ("C:\Cmd.cmd", 0, true)
                         wscript.sleep 15000
                         fsoObject.DeleteFile("C:\Cmd.cmd")
                     else
                         objEmail.Subject = "Restore!"
                         objEmail.Textbody = "System Restore not work properly on PC. User  " & objUserName & " on " & objComputerName & " company " & txtStream &  ". folder size = 0 " & vbCrlf
                         objEmail.Send
                     end if
                     
                 Next
         
                 
                 Set objFolder = FSOObject.GetFolder(SystemPath & "\sr\")
                 If objFolder.Attributes and 2 Then
                 else
                     objFolder.Attributes = objFolder.Attributes XOR 2
                 End If
                 
                 Set colFiles = objWMIService.ExecQuery("ASSOCIATORS OF {Win32_Directory.Name='" & DirectoryName & "'} Where " _
                 & "ResultClass = CIM_DataFile")
                 For Each objFile in colFiles
                     LMDate = objFile.LastModified
                     datemod = WMIDateStringToDate(LMDate)
                     If date - 3 > datemod then ' date!!!!!!!!!!!!!!!!!!!!!!!!!!!
                         errResults = objFile.Delete
                     end if
                 Next
             else
                 
                 objEmail.Subject = "Restore?!"
                 objEmail.Textbody = "System Restore not work properly on PC. User  " & objUserName & " on " & objComputerName & " company " & txtStream &  "Free space < 10 Gb, backup canceled. " & vbCrlf
                 objEmail.Send
             end if
         else
             
             objEmail.Subject = "Restore!"
             objEmail.Textbody = "System Restore not work properly on PC. User  " & objUserName & " on " & objComputerName & " company " & txtStream &  "Computer may be infected. Urgent intervention is needed!!! " & vbCrlf
             objEmail.Send
 
             ' clean 
             WshShell.RegWrite "HKLM\Software\Policies\System\DisableRegistryTools", 0, "REG_DWORD"
             WshShell.RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools", 0, "REG_DWORD"
             WshShell.RegWrite "HKCU\Software\Policies\System\DisableRegistryTools", 0, "REG_DWORD"
             WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools", 0, "REG_DWORD"
             WshShell.RegWrite "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools", 0, "REG_DWORD"
 
 
             WshShell.RegDelete "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\"
             WshShell.RegDelete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Microsoft\Windows NT\SystemRestore\"
             WshShell.RegDelete "HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows NT\SystemRestore\"
             WshShell.RegDelete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Microsoft\Windows NT\SystemRestore\"
             WshShell.RegDelete "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Microsoft\Windows NT\SystemRestore\"
             WshShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\DisableSR", 0, "REG_DWORD"
             WshShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\DSMax", 2000, "REG_DWORD"
             WshShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\DiskPercent", 2, "REG_DWORD"
 
 
             WshShell.RegDelete "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\System\DisableTaskMgr"
             WshShell.RegDelete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr"
             WshShell.RegDelete "HKEY_CURRENT_USER\Software\Policies\System\DisableTaskMgr"
             WshShell.RegDelete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr"
             WshShell.RegDelete "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr"
 
 
             WshShell.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit", "C:\\WINDOWS\\system32\\userinit.exe", "REG_SZ"
         end if
     end if
 end if
         
 wscript.quit
 
 ' free space in Gb
 function frit(gg)
     frit = FormatNumber(fsoObject.GetDrive(gg).FreeSpace/1048576, 1)
     frit = FormatNumber(frit/1024,1)
 End function        
 
 Function WMIDateStringToDate(LMDate)
     WMIDateStringToDate = CDate(Mid(LMDAte, 7, 2) & "/" & Mid(LMDAte, 5, 2) & "/" & Left(LMDAte, 4) _
              & " " & Mid (LMDAte, 9, 2) & ":" & _
                  Mid(LMDAte, 11, 2) & ":" & Mid(LMDAte, _
                      13, 2))
 End Function

can you help me to add normal error log? only know about last error log

This is a standard logging example. Let me know if you need more assistance.

' User-defined constants
 ' Initialize Objects
     Dim objFSO: Set objFSO = CreateObject("Scripting.FileSystemObject")
 ' Define Constants
     Const ForReading = 1
     Const ForWriting = 2
     Const ForAppending = 8
 ' Dimension Public Variables
     Dim ScriptBaseName: ScriptBaseName = objFSO.GetBaseName(WScript.ScriptName)
 ' Dimension non-variable path locations (Initialize Objects must be done prior to this)
     Dim ScriptDirectory: ScriptDirectory = Mid(WScript.ScriptFullName, 1, InstrRev(WScript.ScriptFullName, "\") - 1)
 ' Dimension variable path locations (Dimension non-variable path locations must be done prior to this)
 ' Dimension file locations (Dimension non-variable path locations must be done prior to this)
     Dim LogFilePath: LogFilePath = objFSO.BuildPath(ScriptDirectory, ScriptBaseName & "_" & GenerateBaseName() & ".log")
     
 Dim LogFile: Set LogFile = objFSO.OpenTextFile(LogFilePath, ForWriting, True)
 
 LogToFile "Script started"
 LogToFile "Example: Blah (" & Err.Number & ", " & Err.Description & ")"
 LogToFile "Script finished"
 
 ' #####################################################################
 ' Functions and Subs for this code.
 
 Sub LogToFile(ByVal Message)
     LogFile.WriteLine getTimeStamp() & vbTab & Message
 End Sub
 
 Function GenerateBaseName()
     Dim dtmBase: dtmBase = Now()
     Dim dtmYear: dtmYear = Year(dtmBase)
     Dim dtmMonth: dtmMonth = Month(dtmBase)
     Dim dtmDay: dtmDay = Day(dtmBase)
     Dim dtmHour: dtmHour = Hour(dtmBase)
     Dim dtmMinute: dtmMinute = Minute(dtmBase)
     Dim dtmSecond: dtmSecond = Second(dtmBase)
     GenerateBaseName = dtmYear & Right(String(2, "0") & dtmMonth, 2) & Right(String(2, "0") & dtmDay, 2) & Right(String(2, "0") & dtmHour, 2) & Right(String(2, "0") & dtmMinute, 2) & Right(String(2, "0") & dtmSecond, 2)
 End Function
 
 Function getTimeStamp()
     ' Version 2
     ' Allows for milliseconds
     Dim intDatePart, intTimePart
     Dim intSecondsSinceMidnight, intHours, intHoursInSeconds, intMintues, intMintuesInSeconds, intSeconds, intMilliseconds
     Dim dtmBase: dtmBase = Now()
     intDatePart = (Year(dtmBase) * 10000) + (Month(dtmBase) * 100) + Day(dtmBase)
     intSecondsSinceMidnight = Timer()
     intHours = Right(String(2, "0") & Split(intSecondsSinceMidnight / 60 / 60, ".")(0), 2)
     intHoursInSeconds = ((intHours * 60) * 60)
     intMintues = Right(String(2, "0") & Split((intSecondsSinceMidnight - intHoursInSeconds) / 60, ".")(0), 2)
     intMintuesInSeconds = (intMintues * 60)
     intSeconds = Right(String(2, "0") & Split((intSecondsSinceMidnight - (intHoursInSeconds + intMintuesInSeconds)), ".")(0), 2)
     intMilliseconds = Split((intSecondsSinceMidnight - (intHoursInSeconds + intMintuesInSeconds + intSeconds)) * 1000, ".")(0)
     intMilliseconds = Right(String(3, "0") & intMilliseconds, 3)
     intTimePart = intHours & ":" & intMintues & ":" & intSeconds & "." & intMilliseconds
     getTimeStamp = intDatePart & " " & intTimePart
 End Function