How to Bulk Delete Read-Only and Hidden Files Implanted by Hackers

08-01-2024 02:19:30

Here's the professional and fluent English translation of the provided text, with appropriate use of technical terms from the computer and cloud computing industry:

A common tactic used by hackers when attacking websites is to implant a large number of read-only and hidden files. These files pose significant risks; some are used for outbound packet sending, others for hosting malicious content, and some serve as backdoor programs left by the hackers. Since these files are set to read-only and hidden attributes and often contain special characters in their filenames, they are typically hard to detect and difficult to delete. We can use the following batch commands to remove these troublesome files.

First, we need to adjust system settings to expose these hidden files. The specific steps are: Open "My Computer," click on "Tools" in the menu bar, select "Folder Options," and open the "View" tab. Then, uncheck the options for "Hide protected operating system files" and "Hide extensions for known file types." This way, we can easily see the hidden files implanted by the hackers.

Individual Deletion

Create a new .txt text file on the desktop, the filename can be arbitrary. The content is as follows:

DEL /F /A /Q "\\?\%1"
RD /S /Q "\\?\%1"

Then, save it as a .bat file. Dragging the files you wish to delete onto this bat file will remove them.

Bulk Deletion

If the hacker has implanted numerous hidden files, it's impractical to delete them one by one. In this case, use the following bulk deletion script. Similarly, create a .bat file on the desktop. For instance, to delete hidden files in the D:\wwwroot directory, the content is as follows:

@echo off
cd /d D:\wwwroot
for /f %%i in ('dir /arh /s /b') do echo %%i
pause

The purpose of this program is to list all the read-only and hidden files. After verifying the file list is correct, execute the following batch processing to delete them en masse. This approach helps to prevent accidental deletion.

@echo off
cd /d D:\wwwroot
for /f "delims=" %%i in ('dir /arh /s /b') do(
  DEL /F /A /Q "\\?\%%i"
  RD /S /Q "\\?\%%i"
)
pause

If you have many files, it may take some time to find all the read-only and hidden files. Please be patient.

Search

Latest

What are the differences between cloud servers and dedicated servers?
23-02-2024 02:02:07
How to Test the Bandwidth and Speed of Your Cloud Server?
22-02-2024 03:19:32
Regarding IP Address Allocation, Changing IP Addresses, and Testing IPs in Cloud Server IP Address Management
22-02-2024 03:16:03
How to Change the DNS Server on a Linux Cloud Server?
22-02-2024 03:14:03
How to Install cURL on a Linux Cloud Server?
22-02-2024 03:11:58