Virus, malware, trojan! These can be harmful to your file/folder, storage as well as the operating system of your computer. Typically these types of malicious files enter your computer through internet browsing, USB drives, nulled or unknown software installation and phishing email links, etc. Viruses wreck your PC by absorbing computer memory and disk space and thus make the OS lazy. Not only that, infected files can spoil crucial operating system files. System files are the most important for an Operating System and its related installed programs. Missing or damaging these files means the programs will fail to run as the OS. Some viruses are capable of stealing your personal information and credit card details. Whatever the loss, keeping your computer safe from such calamities is extremely important. We all install antivirus software or use default windows security (in Windows OS) in our system to protect the PC against these viruses. Antivirus scans the system for malicious files in real-time and reports to you immediately; if found such files, take action. But there is another way to remove viruses from your PC using the command prompt. It’s not a plug and plays method to scan for viruses and delete them from your PC in one button click. Instead, you will need to understand the sequence of commands and apply them accordingly. In this post, you will read how to remove virus using cmd without utilizing the installed antivirus software on your PC.
Is it a good idea to remove virus using CMD?
Antivirus tools are great but also eat a lot of CPU and memory resources while running in the background. Also, removing the virus using CMD is manual, but once you master it, it can be a great alternative to your Antivirus tool. Apart from that, Tip: the primary purpose of the attrib command is to remove and set file attributes such as hidden, system, read-only, or archive. Canceling viruses’ “hidden” attribute will make them visible inside folders. Once visible, your next task would be deleting them from the directory.
Step 1: Scan virus using CMD
To scan your computer for viruses using the command-line tool, you need to follow these steps:
Step 2: Remove virus using CMD
2.1 Start command prompt with admin privilege
On the windows search bar, type cmd and then right-click on the command prompt and start it as administrator. Running the command prompt with administrator privilege is essential because you need to access the system files that are not visible to guest users. Once the command prompt starts, you must select a drive from where you want to remove a virus.
2.2 Set the drive letter from where you want to remove virus
Type the partition’s drive letter from where you want to remove the virus followed by “: “and press Enter. It will alter the target drive in the command prompt. The command is: This means any task you will be performing onwards will remain inside that partition. You will also notice that the drive will be set to your preferred driver letter (representing that drive) in the command prompt. Check in the image below; You can check the root directories in the current drive by typing dir [Drive letter]: in command prompt. For example,
2.3 Use the ‘attrib’ command to display hidden files
Now to display all the hidden files on your system drive or external drive, use this command dir [drive letter]: attrib -s -h /s /d . without colons. For example, Then press Enter. This command will explore the selected drive and display all the hidden and system files. You will notice lots of file info scrolling through the command prompt window like this image below.
2.4 Remove/rename virus files on your computer
If your computer has a virus, you will notice them in this list. With a larger disk size, this list might grow; you might need to spend some time on it. On the other hand, the observation process takes less time in small disks such as Pendrive. If you find any unusual file in this list, you can either rename it or remove the virus from your system. For example, you have found an infected file called autorun.inf you need to use this format for renaming the file: rename [filename].[extension][new file name] And if you want to remove virus using cmd use this format: del[filename][extension] or del: [filename]. Both ways work perfectly.
How to remove shortcut virus using cmd
You might have noticed that sometimes files in your drive or pen drive become a shortcut. This is a common virus; you can remove it from your PC using the steps below. The parameters and switches used in this command are: ‘+ / –’: To set or cancel the specified attribute.‘attribute’: check in the attribute section.‘/S’: Searching the entire path that includes the subfolders.‘/D’: Cover any process folder.‘pathname ‘: Address where the target file or folder is located. Basic attributes: R – it represents the “Read-only” attribute of a directory. Read-only suggests the file cannot be written on or executed.H – it represents the “Hidden” attribute.A – this stands for “Archiving” which prepares a file for archiving.S – the “System” attribute modifies the selected files/folders from user files into system files.I – stands for “not content indexed file” attribute. Step 1: Start cmd as administrator. Step 2: Go to the drive you want to scan for the shortcut (autorun.inf) virus. Either use [drive letter] or cd.. to go to your drive. For example: go to “d” drive using. And if you want to go to the root of c drive, use this: Step 3: Now type this command to search for autorun.inf virus files. Suppose Windows is unable to find autorun.inf file, then cmd will display File Not Found -autorun.inf. Otherwise, proceed to the next step: remove the virus from your directory. Step 4: Type del autorun.inf the command to delete those files. Step 5: To delete all the shortcuts, type del *.lnk the command and Enter. Step 6: Now open windows explorer and check whether those files are deleted or not.
Alternate way to remove virus using cmd
Earlier all you did was go to a directory and expose all the files, and then try to check if you could find any viruses or suspicious files. But what if you want to scan a particular folder and remove the virus using cmd while ensuring it does not lose important files? Follow the steps below: Now open the command prompt as administrator and propagate to the folder you want to delete : Tip: replace username with your current logged-in user (also use your folder address, including a virus). Then execute this del command: If you add a folder name, it will force delete all the files in the folder. To delete individual files, including the file name in the directory address. Switch between folder and file deleting commands to find out which one can delete the infected folder/file. If you unintentionally delete files from your computer and want to recover those files, then follow this procedure.
How to recover deleted files using CMD
📝 Similar Articles: if you liked this post, you might be interested in some of the following: “\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy2” = this is the shadow copy volume address collected from the shadow list.
