Solved

Unknown file in WINDOWS\system32\Microsoft\Protect\S-1-5-18\

Posted on 2009-05-06
2
3,391 Views
Last Modified: 2013-11-08
Some new files appeared on one of our servers the other day and I am trying to identify what it is.  The file is C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\5fb8c11a-4409-4d41-b8b6-5d53311eebe1.  It is a hidden file and the contents are unreadable.  Does anyone know what goes in this protect folder?  Thanks.
0
Comment
Question by:delmarvamonkey
2 Comments
 
LVL 22

Expert Comment

by:Christopher McKay
ID: 24316981
Hi  delmarvamonkey,
That would be the system restore files.

To turn off system restore:

o disable System Restore: Start=>Control Panel=>Performance & Maintenance=>System Applet=>

1. On the System Applet, Click the System Restore tab,
2. Check the Turn off System Restore box,
3. Click OK, then click Yes. This will initiate the restore point purging process.
4. To re-enable System Restore, clear the Turn-Off System Restore check box from the same location

Hope this helps!

:o)

Bartender_1
0
 
LVL 31

Accepted Solution

by:
Paranormastic earned 500 total points
ID: 24317190
From http://support.microsoft.com/kb/818171:
The folders ... are used by the Data Protection API (DPAPI) and can be used by applications and services.

"In a new install, these folders will typically contain only a single key, or they may not contain any keys. Keys are recreated every 90 days. They are also recreated if DPAPI cannot decrypt the preferred master keys. If you have more than one key in these folders, you are not running a new install of your operating system, or your operating system has had modifications that caused multiple keys to be created."

The SID referenced is the local system account.  These files can be from other processes in addition to system restore - e.g. .net framework. http://msdn.microsoft.com/en-us/library/bb968830(VS.85).aspx

In short - don't worry about it unless it shows up in a virus scan.  These are encrypted files and shouldn't be messed with.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question