We’ve been seeing a ton of 0x80070005 (Access Denied)  and 0x80070002 (File not found) from Windows Updates lately.  Most of it seems to stem from the malware floating around right now, hiding user files and system files.  Most of the time, unhiding %systemroot% seems to fix both issues.  I can understand why unhiding the directory fixes “File Not Found,” but am a little perplexed why it fixes Access Denied too.  I suspect we maybe changing something else at the same time, but for the life of me cannot remember the other thing. 

The command we have been using to unhide C:windows is (from an Admin cmd prompt):  attrib -s -h %systemroot% /s /d

This command also works for unhiding the user profile data hidden by the malware floating around right now.

attrib -s -h c:usersUserName /s /d

Advertisements