Getting to hidden files?

Discussion in 'malware problems & news' started by Tetrahedron, Jun 18, 2012.

Thread Status:
Not open for further replies.
  1. Tetrahedron

    Tetrahedron Registered Member

    Joined:
    Jun 18, 2012
    Posts:
    4
    I noticed Hitman Pro is listing these files as Suspicious...

    ntoskrnl.exe
    win32k.sys
    ntkrnlpa.exe
    ntoskrnl.exe

    I have tried to find them so I can check them out but they don't exist in Windows. How can I get them off the hard drive to upload onto VT?
     
  2. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Did you change folder options to view hidden files.folders and drives.However you should take care for example ntoskrnl.exe is a normal system process and needed for your pc to work properly.Check to see if it shows up in task manager,under normal circumstances it should not unless its been altered AFAIK.
     
    Last edited: Jun 18, 2012
  3. crofttk

    crofttk Registered Member

    Joined:
    May 15, 2004
    Posts:
    1,976
    Location:
    Eastern PA, USA
    In addition to what djohn said, I hope, by "get them off the hard drive," you mean get a copy of them from the hard drive rather than remove them. Removal at this point might be a bit premature and likely bork your system.
     
  4. Tetrahedron

    Tetrahedron Registered Member

    Joined:
    Jun 18, 2012
    Posts:
    4
    They are not hidden, they just don't exist (or at least as far as Windows is concerned) which is why I can't access them.
     
  5. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    did you untick hide protected operating system files?
     
  6. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    Well I searched for ntoskrnl.exe and I found it on my system Windows XP SP3, I would Google for what it does, copy it to a file before you "Get it off your Hard drive" just in case you do need it. I opened ntoskrnl.exe using sanboxie I got error message: 129 The %1 Application can't be run in win32 mode
     
  7. Tetrahedron

    Tetrahedron Registered Member

    Joined:
    Jun 18, 2012
    Posts:
    4
    Nope. I was able to access them after doing this.

    Thanks ;)
     
Loading...
Thread Status:
Not open for further replies.