Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 71
  • Last Modified:

Missing C:\Windows\system32 in Path but everything is working

Lately around the office I am seeing that C:\Windows\system32 is missing from the path on my desktops.  I do not even see any symptoms, except when I as an admin try to run "ping, nslookup" or other command line stuff.  I have seen it 3 times now.  It is easy to fix, I just add it.

I have looked and run some virus scans, and nothing appears out of the ordinary.  Does anyone have any thoughts on this?  Should I be concerned?
0
loftyworm
Asked:
loftyworm
  • 4
  • 3
  • 2
3 Solutions
 
John HurstBusiness Consultant (Owner)Commented:
Open cmd.exe with Run as Administrator and type PATH. It may be there from a command line.

The PATH does not remove entries on it own, so it not there by Command line, the try the following:

1. Run SFC /SCANNOW from an admin command prompt, shut down, start up and test.

2. Run another full virus scan followed by a scan with Malwarebytes.
0
 
McKnifeCommented:
The path variable is saved to the registry. So you can easily audit the registry key to see who/what changes it and when.
The location is HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Environment
0
 
loftywormAuthor Commented:
I have searched more of my network and found a box that I have not fixed.  I will try the sfc now....
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
loftywormAuthor Commented:
I have more information.  It appears this was a legacy security setting from an earlier time.  

I do find it extremely interesting that windows will run at all, with almost no impact with those variables removed.  Even wonder if it is actually a good idea to leave it that way
0
 
John HurstBusiness Consultant (Owner)Commented:
Thanks. It is useful to upgrade legacy software as it usually causes issues. If it is all working, leave it until you can upgrade the software.
0
 
McKnifeCommented:
"It appears this was a legacy security setting from an earlier time" - can you provide details, please?
0
 
John HurstBusiness Consultant (Owner)Commented:
I find older software (older versions of new software) can cause problems. I keep things up to date and have few issues as a result.  Anti Virus and VPN are two prime examples.
0
 
loftywormAuthor Commented:
What John says is true, but in this case it was deliberately removed (I believe as a security measure) by the previous admin.
0
 
loftywormAuthor Commented:
It was the solution
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now