Get FCIV to scan hidden files within a batch script

Question

I am attempting to hash all or most of the files off of a machine using a batch script. What I thought would be straight forward was of course not as FCIV will not scan hidden files. I attempted to make a for loop that would scan the individual files themselves but what works in the command line does not work in the batch file.

I would go to the root of my drive and attempt this:

FCIV -r -both c:\

However I noticed that quite a few files were missing (even as admin) with most of them being hidden files.

Thanks, Any help would be appreciated.

Answer 1

I use this snippet of the code for CertUtil, it might also work for FCIV

cd /d %targetDir%
for /r %%e in (*) do (
    if exist "\\?\%%e" (
        FOR /F "tokens=* USEBACKQ" %%F IN (`certutil -hashfile "\\?\%%e" %hashType% ^| findstr /v "certutil hash"`) DO (SET var=%%F)
        echo !var! "%%e" >> %hashDatabaseOutput%
        SET /A fileCount += 1
    ) else (
        echo ERROR 1 - Failed to Hash file, File or Directory contains special characters >> %errorlog%
        echo %%e >> %errorlog%
        echo.>> %errorlog%
    )
)
cd /d "%workingDir%"

I have a similar issue as you, I'm scanning some files in C:\ but those aren't hidden files.

EDIT: Seems that using this method makes no difference because even when the file path that is feed to FCIV, the hashing will fail because it cannot find the file. you can look at my question here https://stackoverflow.com/questions/62111957/fciv-fails-to-find-some-files-when-hashing-c-drive

EDIT2: Found the root cause, it's caused by redirection when you attempting to scan files in C:\Windows\System32. One guy explained it clearly here The system cannot find the path specified

Since FCIV only have 32bit mode, the only solution is to use other hashing program like rHash with 64bit.