What level of protection do the hidden/non accessible folders have?

Hi

Running Vista Ultimate 32bit.

As far as I can see, there exists a number of folders on my computer which I
as administrator do not have permission/ownership of sufficient to open or
view the contents. Indeed, as an example, my Documents and Settings folder
properties doesn't even tell me if there are any contents in this/these
folders.

Question 1: Can this (or other similar folders) be exploited by malicious
software?
Question 2: Do virus scanners have access to these type of
folders/contents?
Question 3: Do other normal malware detection programs have sufficient
access to these folders/files?
Question 4: Why is it thought necessary to hide the contents of these
folders?

I have read elsewhere on these newsgroups, that an administrator has no need
to access these folders! Why? An administrator, by definition, *does have*
the *rights* to full access.

The Administrator word has been corrupted now. It doesn't give the
privileges needed. It has introduced a new higher level of authority, which
I have read described as 'super-administrator' - this whole debacle is
laughable. Why could the authority of administrator not have remained so?

I have also read that MS are trying to combat the situations where normal
users were made administrators just to lessen the support needed if their
authority was less! If this is the case, then MS are barking up the wrong
tree in my opinion as what is to stop those users from being elevated to the
'super-administrator' authority just to lessen the support?

As may be obvious, my knowledge/understanding is very limited. I speak only
as a home user, the only user on my computer, who is annoyed by some of the
new security ideas introduced. I had to redirect an installation to my User
folder so that I didn't get the constant UAC warnings which occurred if I
installed into the Program Files folder. I feel the 'big brother' approach
does not and never will prevent security problems - the security problems
will just become more sophisticated to deal with - I don't really want a set
of folders which may provide nice hiding places for malicious software. The
old fashioned 'look for file xxxxx.by in the zzzzz folder' to see if you
have a malicious software program on your computer no will longer be valid
when these 'no-access' folders exist.

OK, rant over - went slightly off topic, but couldn't help myself. The
initial questions do stand though.
--
regards,
Les Hay, Livingston, Scotland



---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 000736-0, 25/04/2007
Tested on: 25/04/2007 16:27:12
avast! - copyright (c) 1988-2007 ALWIL Software.
http://www.avast.com

"Les" <> wrote in message
news:...
> Hi
>
> Running Vista Ultimate 32bit.
>
> As far as I can see, there exists a number of folders on my computer which
> I as administrator do not have permission/ownership of sufficient to open
> or view the contents. Indeed, as an example, my Documents and Settings
> folder properties doesn't even tell me if there are any contents in
> this/these folders.
>
> Question 1: Can this (or other similar folders) be exploited by malicious
> software?
> Question 2: Do virus scanners have access to these type of
> folders/contents?
> Question 3: Do other normal malware detection programs have sufficient
> access to these folders/files?
> Question 4: Why is it thought necessary to hide the contents of these
> folders?
>
> I have read elsewhere on these newsgroups, that an administrator has no
> need to access these folders! Why? An administrator, by definition, *does
> have* the *rights* to full access.
>
> The Administrator word has been corrupted now. It doesn't give the
> privileges needed. It has introduced a new higher level of authority,
> which I have read described as 'super-administrator' - this whole debacle
> is laughable. Why could the authority of administrator not have remained
> so?
>
> I have also read that MS are trying to combat the situations where normal
> users were made administrators just to lessen the support needed if their
> authority was less! If this is the case, then MS are barking up the wrong
> tree in my opinion as what is to stop those users from being elevated to
> the 'super-administrator' authority just to lessen the support?
>
> As may be obvious, my knowledge/understanding is very limited. I speak
> only as a home user, the only user on my computer, who is annoyed by some
> of the new security ideas introduced. I had to redirect an installation to
> my User folder so that I didn't get the constant UAC warnings which
> occurred if I installed into the Program Files folder. I feel the 'big
> brother' approach does not and never will prevent security problems - the
> security problems will just become more sophisticated to deal with - I
> don't really want a set of folders which may provide nice hiding places
> for malicious software. The old fashioned 'look for file xxxxx.by in the
> zzzzz folder' to see if you have a malicious software program on your
> computer no will longer be valid when these 'no-access' folders exist.
>
> OK, rant over - went slightly off topic, but couldn't help myself. The
> initial questions do stand though.
> --
> regards,
> Les Hay, Livingston, Scotland



Les,

A number of the folders you are concerned about are not actually real
folders - but links (reparse points) to provide backward compatibility for
older applications now that the locations of certain folders have been moved
such as Users is the new replacement for Documents and Settings and so on.
They are hidden so you do not need to see them and confuse yourself about
them (as you have done so).
As they are links to the real locations ,AV software, backup software etc
will use them if it is legacy software that is not aware of the new
locations or knows how to make the appropriate calls to find them.

Go into your Documents (C:\Users\<username>\Documents) folder in an
administrative command prompt and run dir /a and you will see the ones
that are real folders and the ones that are other things and what they point
to
--

Mike Brannigan

"Mike Brannigan" <Mike.Brannigan@localhost> wrote in message
news:73FA7D25-7D25-4BB0-89C2-...
> "Les" <> wrote in message
> news:...
>> Hi
>>
>> Running Vista Ultimate 32bit.
>>
>> As far as I can see, there exists a number of folders on my computer
>> which I as administrator do not have permission/ownership of sufficient
>> to open or view the contents. Indeed, as an example, my Documents and
>> Settings folder properties doesn't even tell me if there are any contents
>> in this/these folders.
>>
>> Question 1: Can this (or other similar folders) be exploited by
>> malicious software?
>> Question 2: Do virus scanners have access to these type of
>> folders/contents?
>> Question 3: Do other normal malware detection programs have sufficient
>> access to these folders/files?
>> Question 4: Why is it thought necessary to hide the contents of these
>> folders?
>>
>> I have read elsewhere on these newsgroups, that an administrator has no
>> need to access these folders! Why? An administrator, by definition, *does
>> have* the *rights* to full access.
>>
>> The Administrator word has been corrupted now. It doesn't give the
>> privileges needed. It has introduced a new higher level of authority,
>> which I have read described as 'super-administrator' - this whole debacle
>> is laughable. Why could the authority of administrator not have remained
>> so?
>>
>> I have also read that MS are trying to combat the situations where normal
>> users were made administrators just to lessen the support needed if their
>> authority was less! If this is the case, then MS are barking up the wrong
>> tree in my opinion as what is to stop those users from being elevated to
>> the 'super-administrator' authority just to lessen the support?
>>
>> As may be obvious, my knowledge/understanding is very limited. I speak
>> only as a home user, the only user on my computer, who is annoyed by some
>> of the new security ideas introduced. I had to redirect an installation
>> to my User folder so that I didn't get the constant UAC warnings which
>> occurred if I installed into the Program Files folder. I feel the 'big
>> brother' approach does not and never will prevent security problems - the
>> security problems will just become more sophisticated to deal with - I
>> don't really want a set of folders which may provide nice hiding places
>> for malicious software. The old fashioned 'look for file xxxxx.by in the
>> zzzzz folder' to see if you have a malicious software program on your
>> computer no will longer be valid when these 'no-access' folders exist.
>>
>> OK, rant over - went slightly off topic, but couldn't help myself. The
>> initial questions do stand though.
>> --
>> regards,
>> Les Hay, Livingston, Scotland
>
>
>
> Les,
>
> A number of the folders you are concerned about are not actually real
> folders - but links (reparse points) to provide backward compatibility for
> older applications now that the locations of certain folders have been
> moved such as Users is the new replacement for Documents and Settings and
> so on.
> They are hidden so you do not need to see them and confuse yourself about
> them (as you have done so).
> As they are links to the real locations ,AV software, backup software etc
> will use them if it is legacy software that is not aware of the new
> locations or knows how to make the appropriate calls to find them.
>
> Go into your Documents (C:\Users\<username>\Documents) folder in an
> administrative command prompt and run dir /a and you will see the ones
> that are real folders and the ones that are other things and what they
> point to
> --
>
> Mike Brannigan


Thanks Mike, that has eased my concerns over those folders (links).

However, far from hiding them to avoid confusion, I suspect that many, or
perhaps even most home users who want to at least try to manage their
computer, will see these and become confused if it were not for good
explanations given by people such as you.

--
regards,
Les Hay, Livingston, Scotland



---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 000736-0, 25/04/2007
Tested on: 25/04/2007 19:01:14
avast! - copyright (c) 1988-2007 ALWIL Software.
http://www.avast.com

"Les" <> wrote in message
news:%...
> "Mike Brannigan" <Mike.Brannigan@localhost> wrote in message
> news:73FA7D25-7D25-4BB0-89C2-...
>> "Les" <> wrote in message
>> news:...
>>> Hi
>>>
>>> Running Vista Ultimate 32bit.
>>>
>>> As far as I can see, there exists a number of folders on my computer
>>> which I as administrator do not have permission/ownership of sufficient
>>> to open or view the contents. Indeed, as an example, my Documents and
>>> Settings folder properties doesn't even tell me if there are any
>>> contents in this/these folders.
>>>
>>> Question 1: Can this (or other similar folders) be exploited by
>>> malicious software?
>>> Question 2: Do virus scanners have access to these type of
>>> folders/contents?
>>> Question 3: Do other normal malware detection programs have sufficient
>>> access to these folders/files?
>>> Question 4: Why is it thought necessary to hide the contents of these
>>> folders?
>>>
>>> I have read elsewhere on these newsgroups, that an administrator has no
>>> need to access these folders! Why? An administrator, by definition,
>>> *does have* the *rights* to full access.
>>>
>>> The Administrator word has been corrupted now. It doesn't give the
>>> privileges needed. It has introduced a new higher level of authority,
>>> which I have read described as 'super-administrator' - this whole
>>> debacle is laughable. Why could the authority of administrator not have
>>> remained so?
>>>
>>> I have also read that MS are trying to combat the situations where
>>> normal users were made administrators just to lessen the support needed
>>> if their authority was less! If this is the case, then MS are barking up
>>> the wrong tree in my opinion as what is to stop those users from being
>>> elevated to the 'super-administrator' authority just to lessen the
>>> support?
>>>
>>> As may be obvious, my knowledge/understanding is very limited. I speak
>>> only as a home user, the only user on my computer, who is annoyed by
>>> some of the new security ideas introduced. I had to redirect an
>>> installation to my User folder so that I didn't get the constant UAC
>>> warnings which occurred if I installed into the Program Files folder. I
>>> feel the 'big brother' approach does not and never will prevent security
>>> problems - the security problems will just become more sophisticated to
>>> deal with - I don't really want a set of folders which may provide nice
>>> hiding places for malicious software. The old fashioned 'look for file
>>> xxxxx.by in the zzzzz folder' to see if you have a malicious software
>>> program on your computer no will longer be valid when these 'no-access'
>>> folders exist.
>>>
>>> OK, rant over - went slightly off topic, but couldn't help myself. The
>>> initial questions do stand though.
>>> --
>>> regards,
>>> Les Hay, Livingston, Scotland
>>
>>
>>
>> Les,
>>
>> A number of the folders you are concerned about are not actually real
>> folders - but links (reparse points) to provide backward compatibility
>> for older applications now that the locations of certain folders have
>> been moved such as Users is the new replacement for Documents and
>> Settings and so on.
>> They are hidden so you do not need to see them and confuse yourself about
>> them (as you have done so).
>> As they are links to the real locations ,AV software, backup software etc
>> will use them if it is legacy software that is not aware of the new
>> locations or knows how to make the appropriate calls to find them.
>>
>> Go into your Documents (C:\Users\<username>\Documents) folder in an
>> administrative command prompt and run dir /a and you will see the
>> ones that are real folders and the ones that are other things and what
>> they point to
>> --
>>
>> Mike Brannigan
>
>
> Thanks Mike, that has eased my concerns over those folders (links).
>
> However, far from hiding them to avoid confusion, I suspect that many, or
> perhaps even most home users who want to at least try to manage their
> computer, will see these and become confused if it were not for good
> explanations given by people such as you.
>
> --
> regards,
> Les Hay, Livingston, Scotland

Les,

One other quick thing is that the default setting is not to show "hidden
files and folders" so again a regular use will not even see the reparse
points as they are not displayed by default.
Obviously if you go turn on display of OS system and hidden files you will
be exposed to more of the guts of the system and this may raise questions
that would not normally have occurred to the end user.

--

Mike Brannigan