Quickly Unhide All Files That Viruses Hide (System Check Virus And Clones)

April 18th, 2012

Home
/
Guides For Windows
/
Quickly Unhide All Files...

A lot of users lately told me that a System Check virus is hiding their files and icons. Here’s how you can quickly unhide all of your files with a few commands.

Click here to join Ultra.io - Rare NFTs and Play-to-Earn Games or Read my review first!

Tip: The following tutorial is intended for beginners. If you are new make sure to follow the links to get more detailed explanations. e.g. how to open a cmd prompt with elevated rights

You can use the Windows folder settings to unhide hidden system files (Unhides protected operating system files), but viruses use file attributes to hide files, so it’s a little more complicated to unhide them.

Using CMD To Modify System Attributes (Hidden + System)

1. Step Open an elevated command prompt – if you are new to cmd, read this guide how to launch a cmd prompt with admin rights

2. Step Next we are going to enter a command that will quickly unhide all files that the System check virus and many other clones hide from you

attrib -h C:\*.* /S /D

Enter it exactly as seen above. What it does is basically remove the attributes “hidden” from all files on your C: drive. If your main drive is not C: then replace C: with the drive letter of the partition where your Windows folder is e.g. D:, E:, F: and so on. This will make sure files that viruses like System Check hid on your hard drive will be visible again.

Your main drive is always the drive with a folder called Windows – in most cases this will be C:, however if the person that administrates your PC (if that is not yourself) decided to install Windows on D: then you will have to replace the letter. It would look like this:

attrib -h D:\*.* /S /D
attrib -h E:\*.* /S /D

If you are unsure, you can simply run them all. In some special cases, it is possible that the virus is also using the +s attribute on virus files, which means it’s trying to make the infected files “system files” to make you believe they may not be deleted .

If you want to remove the system attributes from all your files you can add the -s switch:

attrib -s -h C:\*.* /S /D

Tip: Testing How The Unhide Command Works

Before you run the commands above it might be a good idea to see how the attrib command works. Create a folder test on D: and run various queries on that and change the folder attributes. The paramters /S /D are there to process all folders and files in the path as well. As mention -s removes system file attributes and -h unhides files.

The System Check virus may have other clones that improved the hiding process or uses other ways to create fake files or remove icons.

Oliver SK.

Oliver is the founder and lead editor of this site. He is interested in finding new ways to break Windows, find common errors and help others to fix them. Aside from that, he loves to fully customize systems with Rainmeter and Dreamscene, find out more about ancient civilizations like the Chachapoya, sharpen his digital photography skills and create software with a small group of selected developers. If you would like to connect with him to discuss anything, send him a mail!

Referral: Join Ultra.io For NFTs and Play-To-Earn

Posts created: 2000

There are no comments yet No comments

Quickly Unhide All Files That Viruses Hide (System Check Virus And Clones)

Using CMD To Modify System Attributes (Hidden + System)

Tip: Testing How The Unhide Command Works

Oliver SK.

How To Access Your Router From Windows

Schedule Windows 7 Defrag To Make Your Disk Access Faster

Microsoft Previews The Calendar App For Windows 8: Here’s What You Need To Know

Beginner: Change Default Program To Open Files In Windows 8 Via “Open With” Option

Run command prompt in background silently (without opening a window)

AMD Six-Core CPU for AM3 next month! (less than $200)