How To Remove Virus From Any Drive (USB PEN DRIVE)Using Command Prompt (CMD) In Windows

For starters a virus is a self- replicating computer program that infects your computer. These viruses are a menace and can spread across multiple computers via USB/flash drives, external media and other means. As we all know, there is a multitude of anti-virus software. To our dismay, not all of them can do the trick. Sometimes, even your antivirus can fail to detect some sort of viruses. Well, in such case, CMD prompt may be the solution to help you solve the virus issues. Most of us grapple with viruses like Autorun.inf, newfolder.exe, ravmon.exe, svchost.exe etc. They usually present themselves as files and sometimes they can even be files hidden from you.

To remove a virus using CMD, we shall use a CMD known as “attrib” command. Therefore first we have an obligation to know a few basics of the attrib command.

R – represents the read only attribute of a file or folder. Read only means the file can’t be written or executed.

H – H stands for the hidden attribute.

A – Similarly A stands for Archiving and this prepares a file for archiving.

S – This attribute changes the selected files or folders in a system file from a user file by assigning the “system” attribute of that particular file.

Here we have the “attrib” syntax à ATTRIB{+attribute/-attribute}{pathname}[/S[/D]}

And with the above command there are different parameters and switches so lets see what they are.

+/- à to enact or to cancel the specified attribute.

D à include any process folder.

S à searching through the entire path. Sub-folders inclusive.

Attribute à ( already explained above)

Pathnameà path where target folder is located.

This here is the proper syntax for the attribute command:

ATTRIB{+R/-R}{+A/-A}{+S/-S}{+H/-H}{+I/-I}{drive:}{path}{/S[/D][/L]}

After knowing all of the basics, now let’s give it a shot and try to see how we can remove a virus from USB, SD card etc. using CMD prompt.

For example, let’s transfer an autorun.inf virus from my USB to my D drive and delete the virus from the D drive.

Step 1. Open command prompt from search and run as administrator.

Step 2. Type D and hit enter

Step 3. Type “attrib” and press enter. This command lists out all files inside the current drive and you will clearly see autorun.inf virus listed.

Step 4. At this stage to remove the virus using CMD, type into command prompt “attrib –r –a –s –h . “ And press enter. This in turn will remove the read only, archive, system and hidden file attribute from all the files.

-r is for removing read only files

-a is for removing the archive file

-s is for removing system file

-h is for removing hidden file

. is for files with all different types of file extensions.

I hope this guide was informative to you. Your feedback is gladly appreciated. Please leave us a comment in the comments section if you have any other tips and tricks you want to share with us.