For some reason all of the BIN folder in any IIS virtual servers are
being hidden automatically.  I don't mean hidden from the .net
application, but simply hidden.  They are visible only via FTP or
command prompt, but not explorer (regardless of folder options.)

There have been no changes made to IIS or directories in the past few
days, and it started this morning.

Any ideas as to what is going on here?  Sound like a virus?

also, if the bin directory is removed, and a new one created, the new
one is instantly hidden as well.

update:  ANY bin directory anywhere on the server is hidden instantly

windows 2003 server

For .net framework installed web, the folder is protected.
For ftp site, I can't repro you claim. I created a 'bin' folder and I can
see it via ftp.exe and my IE

Show quoteHide quote

a backdoor (hacdef) was found... so this is the result of someone with
malicious intent... so now the question is, how could they do that?

wow! so they configure the OS not to display /bin folder?
how? no idea. if you still have all the logging, firewall/proxy/IDS/event
viewer/iis/ etc log, then you can slowly analyze to see any suspicious
trace. but this would be quite tough

Show quoteHide quote

HTTP_AUTHORIZATION header
Anonymous Account not working
IIS 5 allows anonymous editing via Frontpage
IIS6 'forgets' "Connect As" password for Virtual Directory
Restricting IIS from serving static content
Passing form credentials to windows security
403 (Forbidden) after setting up SSL Redirect
IIS and enterpise sub CA on different machines
run cgi in localhost without SSL?
Single authentication for multiple IIS 6 servers