check malware in windows using cmd

check malware in windows using cmd

• 
  
• Since you cannot see this file nor delete it (because the attributes that was set on these files are +s +h +r)
• +s - meaning it is a system file (which also means that you cannot delete it just by using the delete command)
• +h - means it is hidden (so you cannot delete it)
• 
  
• +r - means it is a read only file 

Microsoft Windows [Version 10.0.10240]
(c) 2015 Microsoft Corporation. All rights reserved.

C:\Users\admin>..
'..' is not recognized as an internal or external command,
operable program or batch file.

C:\Users\admin>cd..

C:\Users>cd..

C:\>attrib
A  SHR       C:\bootmgr
A  SH        C:\BOOTNXT
A            C:\HaxLogs.txt
A  SH   I    C:\hiberfil.sys
A  SH        C:\pagefile.sys
A  SH        C:\swapfile.sys

C:\>attrib +s
Not resetting hidden file - C:\bootmgr
Not resetting hidden file - C:\BOOTNXT
Access denied - C:\HaxLogs.txt
Not resetting hidden file - C:\hiberfil.sys
Not resetting hidden file - C:\pagefile.sys
Not resetting hidden file - C:\swapfile.sys

C:\>attrib +h
Not resetting system file - C:\bootmgr
Not resetting system file - C:\BOOTNXT
Access denied - C:\HaxLogs.txt
Not resetting system file - C:\hiberfil.sys
Not resetting system file - C:\pagefile.sys
Not resetting system file - C:\swapfile.sys

C:\>attrib +r
Not resetting hidden file - C:\bootmgr
Not resetting hidden file - C:\BOOTNXT
Access denied - C:\HaxLogs.txt
Not resetting hidden file - C:\hiberfil.sys
Not resetting hidden file - C:\pagefile.sys
Not resetting hidden file - C:\swapfile.sys

C:\>