May be this can be of help
> http://support.microsoft.com/kb/240184
Just a note: The article recommends CreateFile with READ_CONTROL.
Generally, using CreateFile on a file requires the file’s DACL also have
FILE_READ_ATTRIBUTES bit set for the current user/group. I’ve seen files,
created by malware, that only have FILE_EXECUTE flag set and rest cleared
(IIRC Conficker does that). In that case, CreateFile can NOT be used
on such file at all. Even CreateFile(fileName, FILE_EXECUTE will fail,
because internally, it adds FILE_READ_ATTRIBUTES to dwDesiredAccess
before calling NtCreateFile.
L.