Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Combofix - Three Protected OS folders not hidden


  • Please log in to reply
3 replies to this topic

#1 trimmer1

trimmer1

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tennessee
  • Local time:06:02 PM

Posted 27 August 2014 - 08:52 PM

Although I have used combofix in t/past, I won't ever use it again unless I HAVE to.

 

I was looking everywhere to find info about protected operating sys. folders after using combofix. My C:\Boot, C:\Config.Msi, C:\MSOCache and one C:\hp folder will not hide, no matter how folder options are set. I deleted $RECYCLE.BIN and it re-created/fixed it. I keep folder settings on show hidden files, folders & drives. I keep hide protected OS files ticked. I found almost t/same exact problem on a page titled "I am seeing files that should be hidden but aren't hidden" - Dated June-10th-14th-2014 ....username is liorshwa, 'Mako', moderator from 'Malware Response Team'. This post: http://snipurl.com/297h21n  - (I am using W7 x64)

 

Any and all help would be well appreciated, thanks,

~Dale


Edited by trimmer1, 27 August 2014 - 08:56 PM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,470 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:02 PM

Posted 28 August 2014 - 08:53 AM

I checked with sUBs the developer in regards to your problem. He advised this was an issue in regards to system attribute and he doesn't believe ComboFix had anything to do with removing them as he has conducted frequent test runs on his W7 x64.
 

For 'Hide Protected System files' to work, these files/folders need to have the 'System' attribute. I suspect that they do not have them....the fix is rather easy affair. Just attrib +h +s "{Path_To_Folder}"


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 trimmer1

trimmer1
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tennessee
  • Local time:06:02 PM

Posted 28 August 2014 - 02:02 PM

Thanks a bunch quietman7! I've read a fair amount of your threads at this site t/past few yr.'s. ...even saved the Dick Tracy avatar.

 

Yeah, before I posted my problem I could see the on the "Security" tab (Group or user names:) "Everyone" was highlighted, not "System". I picked that up from looking at my newly re-created $RECYCLE.BIN. After one factory restore (Oct. 2013) my account was reset to "Administrator". Anyway (prob. nothing to do w/Admin. account) I seen some folders had a little lock image on them. I hit "Security"/Edit/Add, and in the window I typed "Users" & hit "Check Names". The locks went away.

I may to do a factory restore soon, NO...I'll wait until I have to. I don't have any errors ......one now & then....probably my fault. This HP PC was a gift from my sister....I was skeptical about HP machines, not as much now. I use it 5-17 hr.'s a day, every day. Aug. 4th, 2010 is t/day it came out of t/box, it's never been out of this room.

 

Thanks very much, I'll be around.

-Dale



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,470 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:02 PM

Posted 28 August 2014 - 04:18 PM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users