Ray..
I'm flattered you singled me out, but I don't believe in the list of my nicknames you've ever seen "Rootkit Resolver". Since it's not, this is the best I could find and know to suggest.
I'm unable to find very much, specifically related to Sophos Anti-Rootkit. I did find a lot of infections reported within those restore points, with no thanks to Sophos. I presume you're questioning it because Sophos recommends not removing the files. 
According to the Sophos Anti-Rootkit Manual, it's because they don't recognize the files. See their release notes, as to why they don't. I personally feel they should have suggested it and included not to remove them "without further investigation", which is what you might be doing.
If you're looking to gain access to System Volume Information folder, you're going to have to "unhide" your files and folders and also the protected opertaing system files.
"Name=compatibility Type= reg_dword Data= 0x00000400 (1024)"
The only time I found where the Compatibility Flag value was a problem, was when there was another value after it. Although this user only posted a partial CLSID #, see this thread. Maybe it will explain it, in part.
As far as the "exe's" you were looking for and their location in the System Volume Information folder, you'll see plenty of them in this thread as an example. And also many more.
I'm not sure why you're asking, but did you scan with F-Secure's Blacklight to see what it reported? (More here)">http://windowssecrets.com/2008/05/22/05-Top-free-tools-for-rooting-out-rootkit-spies]here) I know you're fully aware of the fact, that you can flush your restore points and scan again. I wish I was able to tell you why it tagged those specific files, but I can't. 
Ray, it's only my guess that because it's in the restore points, and no where else, the points were never cleaned after an infection. Please don't act upon my "guess". If you're dealing with a problem, and not sure how to proceed, I would suggest getting another opinion. That is not to say, I don't appreciate your confidence in my "searching abilities". I came up a little short this time. 
Carol, etc.
Would you assign this to "Sherlock" I am unable to find any info
Scan is by Sophos anti- rootkit
Area: Local hard drives
Description: Unknown hidden file
Location: C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP290\A0161340.exe
Removable: Yes (but clean up not recommended for this file)
Notes: (no more detail available)
Area: Local hard drives
Description: Unknown hidden file
Location: C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP289\A0156543.exe
Removable: Yes (but clean up not recommended for this file)
Notes: (no more detail available)
A scan with rootkit revealer show all system clean
When it brought the scan past the two rp numbers it only show \snapshot\repository\fs
Search of the registry showed the key with the values
Name=compatibility Type= reg_dword Data= 0x00000400 (1024)
Google search of 0x00000400 possible trojan but the key numbers are different.
Unable to find any info at Sophos as the scan indicates
Search for exe files with Windows shows no files listed
Run command also comes up blank
Are these remnants of prior malware ,Trojans,spyware,etc.
Yes I know how to delete system volume information. But why would Sophos tag these particular files.
Ray
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic