drdonut1
New member
My Big Mistake
It all began when I wanted to use PowerShell to set the attribute of some personal folders matching a specific regex to "Hidden". (For my defense of what follows: I was way overslept! I didn't even use the regex to begin with...)
I quickly found the following suggestion on a forum here, which I blindly executed ('.' here is my user directory)
I noticed afterwards that this was just a troll, and all my files where hidden...
Well, I then tried to quickly fix it via
I instantly realized that this was probably a stuuuupid idea... And well... Turns out it was.
My Current Fix
After some back and forth I decided that I could just create a new dummy user on my Windows machine and copy over the file attributes from there. For the following, my user directory is "seawe", the dummy user folder is "test".
Seems like the most important folders and files have their file attributes restored. Yehaaa...
My Question
Is this enough? All of my user specific AppData folders and files now are still without attributes. I also saw that Windows stores e.g. some certificates (probably SSL?) inside the AppData folder, which are still without attributes. Does this pose a security threat?
Addition
Just to be safe, I deleted all the credentials Windows saved for me (following Link) and emptied all the Microsoft AppData folders that seem to be security relevant, i.e.
It all began when I wanted to use PowerShell to set the attribute of some personal folders matching a specific regex to "Hidden". (For my defense of what follows: I was way overslept! I didn't even use the regex to begin with...)
I quickly found the following suggestion on a forum here, which I blindly executed ('.' here is my user directory)
Code:
Get-ChildItem -path "." -Recurse -Force | ForEach-Object { $_.Attributes += "Hidden" }
I noticed afterwards that this was just a troll, and all my files where hidden...
Well, I then tried to quickly fix it via
Code:
Get-ChildItem -path "." -Recurse -Force | ForEach-Object { $_.Attributes = "" }
I instantly realized that this was probably a stuuuupid idea... And well... Turns out it was.
My Current Fix
After some back and forth I decided that I could just create a new dummy user on my Windows machine and copy over the file attributes from there. For the following, my user directory is "seawe", the dummy user folder is "test".
Code:
cd "C:\Users\test\"
$x = Get-ChildItem -path "." -Recurse -Force | Resolve-Path -Relative
foreach ($y in $x){
if (Test-Path -Path "C:\Users\seawe\$y") {
$s = Get-Item -Force -Path $y;
$d = Get-Item -Force -Path "C:\Users\seawe\$y";
$d.Attributes = $s.Attributes
}
}
My Question
Is this enough? All of my user specific AppData folders and files now are still without attributes. I also saw that Windows stores e.g. some certificates (probably SSL?) inside the AppData folder, which are still without attributes. Does this pose a security threat?
Addition
Just to be safe, I deleted all the credentials Windows saved for me (following Link) and emptied all the Microsoft AppData folders that seem to be security relevant, i.e.
- AppData\LocalLow\Microsoft\Crypto
- AppData\Local\Microsoft\Crypto
- AppData\Local\Microsoft\Credentials
- AppData\Local\Microsoft\Vault
- AppData\Roaming\Microsoft\Crypto
- AppData\Roaming\Microsoft\Credentials
- AppData\Roaming\Microsoft\Vault
- All the certificates inside AppData\Roaming\Microsoft\SystemCertificates
- Windows Build/Version
- Windows 11 OSBuild 22000.434
Last edited:
My Computer
System One
-
- OS
- Windows 11