Issued an unintended command

Joined
May 15, 2020
Messages
33
Hi,
I issued an unintended command in my Windows 10 cmd console (non-admin account, non-admin cmd instance).

I accidentally right-clicked on the cmd window, which to my greatest concern copy-pasted and issued a command (there was actually a command and some Enters in the clipboard, that's why I guess pasting made the command being executed straight away).

Code:
C:\Users\[My NonAdmin Account Name]>attrib -s -h -r /s /d *.*

That command was from here:
https://www.easeus.com/resource/use-cmd-remove-virus-windows-10.html#1

I got the results:


Code:
The target of the symbolic link C:\Users\[My NonAdmin Account Name]\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_\python.exe does not exist
The target of the symbolic link C:\Users\[My NonAdmin Account Name]\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_\python3.exe does not exist
The target of the symbolic link C:\Users\[My NonAdmin Account Name]\AppData\Local\Microsoft\WindowsApps\Microsoft.MicrosoftEdge_\MicrosoftEdge.exe does not exist
The target of the symbolic link C:\Users\[My NonAdmin Account Name]\AppData\Local\Microsoft\WindowsApps\Microsoft.SkypeApp\Skype.exe does not exist
The target of the symbolic link C:\Users\[My NonAdmin Account Name]\AppData\Local\Microsoft\WindowsApps\Microsoft.XboxGamingOverlay_\GameBarElevatedFT_Alias.exe does not exist
The target of the symbolic link C:\Users\[My NonAdmin Account Name]\AppData\Local\Microsoft\WindowsApps\SpotifyAB.SpotifyMusic\Spotify.exe does not exist
The target of the symbolic link C:\Users\[My NonAdmin Account Name]\AppData\Local\Microsoft\WindowsApps\GameBarElevatedFT_Alias.exe does not exist
The target of the symbolic link C:\Users\[My NonAdmin Account Name]\AppData\Local\Microsoft\WindowsApps\MicrosoftEdge.exe does not exist
The target of the symbolic link C:\Users\[My NonAdmin Account Name]\AppData\Local\Microsoft\WindowsApps\python.exe does not exist
The target of the symbolic link C:\Users\[My NonAdmin Account Name]\AppData\Local\Microsoft\WindowsApps\python3.exe does not exist
The target of the symbolic link C:\Users\[My NonAdmin Account Name]\AppData\Local\Microsoft\WindowsApps\Skype.exe does not exist
The target of the symbolic link C:\Users\[My NonAdmin Account Name]\AppData\Local\Microsoft\WindowsApps\Spotify.exe does not exist
Access denied - C:\Users\[My NonAdmin Account Name]\AppData\Local\Temp\RarKDUER\packages
Access denied - C:\Users\[My NonAdmin Account Name]\AppData\Roaming\Microsoft\Installer\{}\icon.ico
Access denied - C:\Users\[My NonAdmin Account Name]\AppData\Roaming\Microsoft\Installer\{}
Access denied - C:\Users\[My NonAdmin Account Name]\AppData\Roaming\Microsoft\Installer



My question is did I broke something and how to resolve?
 
Last edited:

Midvalley

n00b
Joined
Jul 5, 2007
Messages
45
Run as a non-admin in that context? Probably not. The command you ran only removes hidden, read only, and system flags from files and directories under your user's folder. The majority of the stuff that would cause issues will be owned by Trusted Installer and you're not going to affect it from a non-admin account.
 
Joined
May 15, 2020
Messages
33
Nope, by the output and command you're fine :). Nothing changed.
Run as a non-admin in that context? Probably not. The command you ran only removes hidden, read only, and system flags from files and directories under your user's folder. The majority of the stuff that would cause issues will be owned by Trusted Installer and you're not going to affect it from a non-admin account.

Snap.
Something changed.
Now I am able to see "Desktop.ini" file right on my desktop!

Do not know whether should I cry or laugh.

I have just gave it a "hidden" and "system" attributes and it dissapeared.

Edit: Yep, all of the files in

C:\Users\[My NonAdmin Account Name]\

now do not have attributes system nor hidden. I checked that this command on non-admin account in non admin command prompt is able to remove the attributes in the whole folder.

I am wondering if I just did not make my system more vulnerable for attacks?
 
Last edited:

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,487
Snap.
Something changed.
Now I am able to see "Desktop.ini" file right on my desktop!

Do not know whether should I cry or laugh.

I have just gave it a "hidden" and "system" attributes and it dissapeared.

Edit: Yep, all of the files in

C:\Users\[My NonAdmin Account Name]\

now do not have attributes system nor hidden. I checked that this command on non-admin account in non admin command prompt is able to remove the attributes in the whole folder.

I am wondering if I just did not make my system more vulnerable for attacks?
LOL just either reinstall or ditch Windows. It sounds you were one of the million other Windows users infected today.
 
Joined
May 15, 2020
Messages
33
LOL just either reinstall or ditch Windows. It sounds you were one of the million other Windows users infected today.


Infected? What do you mean?


But you are about right, there is something not right with such consequences from a single right click.
 
Last edited:

pendragon1

Fully [H]
Joined
Oct 7, 2000
Messages
22,968
Infected? What do you mean?


But you are about right, there is something not right with such consequences from a single right click.
dont listen to the anti windows guys, making assumptions. in folder options turn back on hide os files
1596652300932.png
 
Joined
May 15, 2020
Messages
33
admin cmd > sfc /scannow > [enter]

Code:
Beginning system scan.  This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection did not find any integrity violations.
 

NesteaZen

n00b
Joined
Jul 22, 2009
Messages
7
so Hide protected files is ticked and desktop.ini still shows?
if yes then run a Repair install. win key > power button > shift-click restart

thing is, now thinking of it, I think attrib shows only errors but doesn't show succesfully processed files. so yea, you potentially screwed up a bit
run repair install if same shit then reinstall. hf
 
Joined
May 15, 2020
Messages
33
so Hide protected files is ticked and desktop.ini still shows?
if yes then run a Repair install. win key > power button > shift-click restart

No, it does not show, as I stated earlier, because I gave it the "system" and "hidden" attributes by hand.
Yet I have I estimate other 1500 files that have attributes "hidden" and "system" removed from them. My question is should that be a concern or not.

Sorry to have such nonstandard problems.
 

NesteaZen

n00b
Joined
Jul 22, 2009
Messages
7
you should be fine. the -r could be a little concerning if it had been done system-wide but this was just your user folder. you should be fine.
Probably sfc didn't fix anything cause it was just in your user folder. I'll be reinstalling windows in a few days and i'll run an attrib -shr on \windows. let's see if sfc will see this as an error
 
Joined
May 15, 2020
Messages
33
you should be fine. the -r could be a little concerning if it had been done system-wide but this was just your user folder. you should be fine.
Probably sfc didn't fix anything cause it was just in your user folder. I'll be reinstalling windows in a few days and i'll run an attrib -shr on \windows. let's see if sfc will see this as an error

I thought of deleting the profile and creating a fresh new one. I probably would have to reinstall most of things, but at lest no system reinstall would be needed.
 

pendragon1

Fully [H]
Joined
Oct 7, 2000
Messages
22,968
I thought of deleting the profile and creating a fresh new one. I probably would have to reinstall most of things, but at lest no system reinstall would be needed.
if you installed stuff "for all users" you shouldnt be missing anything.
 
Top