How is a virus different from any other file on Windows? A virus may be present in your PC as a file format which has the following properties:
- A virus can be a file hidden from a user
- A virus can be present in the form of an ‘autorun’ or ‘Autoexec’ file
- A virus can be an exec file
- A virus can be a file with different attribute permissions
Some of the well-known examples of the above kinds of the viruses are:
- Autorun.inf
- Ravmon.exe
- New Folder.exe
- svchost.exe
- Heap41a
Remove Virus Using CMD from USB
To remove a virus using cmd from windows 10, we will use a great famous cmd command called ‘attrib‘ command.
It can be easily guessed from its name that the ‘attrib’ command represents different attributes of a file, folder or a directory. This command is mainly responsible for displaying, setting and removing the different attributes like read-only, archive, system, and hidden attributes of a file or folder.
See also : 50 Amazing PC Hacks Which You Don’t Know
Using that command, we will try to change the attributes assigned to a file and then recover our file.
the basic attributes of the ‘attrib’ command which we will use later:
- R – R represents the “Read-only” attribute of a file or folder. Read-only means the file cannot be written or executed.
- H – H stands for the “Hidden” attribute.
- A – Similarily, A stands for “Archiving” which prepares a file for archiving and,
- S – S attribute changes the selected files or folders into a system file from a user file by assigning the “System” attribute to that particular file.
“attrib” Syntax:
ATTRIB [+ attribute | – attribute] [pathname] [/S [/D]]
In the above command, let’s see what the different parameters and switches are:
‘+ / –’ : To enact or to cancel the specified attribute.
‘attribute’ : As explained above
‘/S‘ : Searching throughout the entire path including subfolders
‘/D’ : Include any process folder
‘pathname’ : Path where the target file or folder is located.
‘attribute’ : As explained above
‘/S‘ : Searching throughout the entire path including subfolders
‘/D’ : Include any process folder
‘pathname’ : Path where the target file or folder is located.
Here is the proper syntax for attrib command
ATTRIB [+R | -R] [+A | -A ] [+S | -S] [+H | -H] [+I | -I] [drive:][path][filename] [/S [/D] [/L]]
Let’s get start the process :
we are going to transfer an ‘autorun.inf‘ virus from my USB drive to my D: drive and delete this virus from my D: drive.
- Run command prompt as an administrator
now we will change that drive to D
Now , type attrib and press enter. as you can clearly see the autorun.info virus listed below ,
To remove Virus using CMD, type into your cmd attrib -r -a -s -h *.* and press Enter. It will remove the Read Only, Archive, System and hidden file attribute from all the files.
- -r is for removing the read-only files
- -a is for removing the archive file
- -s is for removing the system file
- -h is for removing the hidden file
- *.* for all the files with all different types of file extensions
Comments
Post a Comment