Remove Virus and other Malware from PC using cmd [Quick Steps]

How to Remove Any Virus?

  Messing up with some virus ? Though your antivirus software removes virus and problem persists, searching google for the removal and you are into a perfect site for a solution. Here are perfect steps to remove 1. Autorun Virus, 2. Shortcut Virus, 3. Empty Folder Virus using CMD (Command Prompt)

Find the Type of the virus in your PC and follow the steps for the respective Virus,

What is Malware?

Malwares are the Malicious Softwares used to make unwanted actions in your PC, Virus, worms, Spywares are some kind of Malwares.

1. Autorun virus (autorun.inf):

 

            Autorun Virus Exploits into the Windows OS whenever an External device containing Autorun Virus is pluged in to Windows PC and Autorun is Performed, Then the Autorun.inf will be executed and replicates copies of this Autorun.inf file and .exe files too. This creates a serious mess with files, Follow the steps beow to remove this autorun virus from PC using CMD.

Steps to Remove Autorun Virus :

  • Press ( Start or winkey ) -> Run -> cmd.
  • If you are at the root directory ( C drive ) then do the following, else give cd.. and come to the root C:> and do the following. 
  • Type in ( attrib -h -r -s autorun.inf ), without brackets and press Enter.
  • Type ( del autorun.inf ), without brackets and press Enter.
  • Follow this for all other drives. 

2. Shortcut virus:

These Shortcut viruses are those which converts all your data inside your pen drive or Hard disk to shortcuts, and which are recoverable.

Steps to Remove Shortcut Virus : 

  • Go to Start -> Run -> cmd.
  • Go to your pen drive directory.
  • Type this command: del *.lnk and press Enter.
  • Type attrib -h -r -s /s /d e:*.*
  • And then press a gentle Enter.
          How to remove shortcut virus in Pen drives in Windows ?

Recover your files from Shortcut Virus: ( 2nd Method)

     You can recover your files through Winrar.


  •  Open WINRAR Application.
  •  Navigate to your Pendrive location or PC Folder location.
  •  Copy Files and Paste where you want.
  •  Format your Pendrive. 

3. Empty Folder virus:

   Got some Files in your pen drive but they are empty! Because of the virus in your pendrive malfunctions your drive. How to remove this empty folder virus and recover files?
Steps to Remove Empty Folder Virus : 
 
  • Start -> Run -> cmd.
  • Type this command: attrib -h -r -s /s /d x:*.
  • Here the letter “x” should be replaced with the drive alphabet of your pendrive that you have inserted into the computer.
  • If your pendrive shows the drive alphabet as “J“, then type  this command: attrib -h -r -s /s /d j:*.
  • And then press a gentle Enter.

4. Don’t know what the Virus is!!

If you can’t find the type of the Virus, you can follow these Steps to recover your Files.

  1. Turn ON Firewall
  2. Just Uninstall the Softwares that you have installed when your PC is normal.
  3. Run a BOOT time scan using Avast Antivirus.
  4. Run Microsoft Safety Scanner

Note: 

           After performing the following steps,  Do a restart!
 
 

52 comments

  1. Hey there. This is somewhat helpful. But in my opinion, in order to be fully secured and found an inner peace, a good software that could monitor any suspicious activities in your system and prevent malwares from attacking is one of the best effective ways to avoid these malwares. A good antivirus like ESET Antivirus could be the answer.

  2. it worked for me thnx but after doing this in folder options in view option both radio butttons are enabled.i.e for “show” and “do not show hidden files radio buttons”.can any one help me?

  3. I ran cmd to remove shortcut virus on drive D but when i typed the drive it said Access is denied. What can i do?

  4. hello, thank you for helping us. but i’m having trouble with mine.
    when i try your instruction on “How to remove Shortcut virus” and done typing “del *.lnk” it answers “the request could not be performed because of an I/O device error.”
    please help me with this 🙁

  5. Good day….thanks for the easy to understand explanation…i did follow your procedures/steps, however, the files or the “virus”is still there….i don’t know if it is a virus or not, but it still annoys me because all the files i am saving to my flash drive/pen drive are being renamed to “U¬U¬”….when i tried to delete it, i will get this error message “This system cannot find the file specified”.

  6. Hi, i have tried to follow your procedure,but i am getting an error message “attrib is not a recognised command” . Please,help

  7. Shit…i have done all the steps mentioned by u to remove shortcut virus from pd nd last step – format that pd…bt now my data is not recovering…:( what should i do? image files not opening and everytym i copy data in pd and it is not opening…:( now help me out

    1. Go to computer and tool(by Pressing Alt key) folder option then View, show hidden files , then unmark the Hide protected operating files then click “Yes” then press apply button all hidden files will open TQ

  8. Access denied – F:$RECYCLE.BINS-1-5-21-711698431-329572966-824906452-1005
    Access denied – F:System Volume Information
    it is showing this error

    1. H:>del *.Ink
      Could Not Find H:*.Ink

      H:>attrib -h-r-ssd H:*.*
      Invalid switch – -h-r-ssd

      H:>del *.Ink
      Could Not Find H:*.Ink

      H:>attrib -h-r-s/s/d H:*.*
      Invalid switch – -h-r-s/s/d

      H:>attrib -h-r-s/s/d H:*.*
      Invalid switch – -h-r-s/s/d

      H:>

  9. I know this if off topic but I’m looking into starting my own blog and was
    curious what all is needed to get setup? I’m assuming having
    a blog like yours would cost a pretty penny?
    I’m not very web savvy so I’m not 100% positive.
    Any tips or advice would be greatly appreciated.
    Many thanks

    Also visit my blog post; facebook smileys

  10. A virus I ran into modified the registry so executing an exe file would raise an exception by first trying to run some non-existent patch. Nothing on the computer worked at all, including regedit.

    I created registry snippet export from a like operating system that replaced the exe entry in the registry, copied it to a file using edit from the dos prompt and saved it to the Desktop folder using it’s 8 character truncated all cap abbreviation and the .reg extension. This way, when I rebooted the computer there was a .reg file on the desktop (Windows explorer also couldn’t be opened) that fixed the computer when I double-clicked it. Totally worked!

Comments are closed.