Viruses may attack files/folders, storage devices, or Windows operating systems. To remove a virus from an infected USB drive, SD card, pen drive and more on a Windows 10 computer, you can use CMD to get things done. If the virus delete or hide your files, don't hesitate to use EaseUS Data Recovery Wizard to recover them with ease.
On this page, we include four practical methods to help you remove viruses and help you restore virus removed or deleted files with powerful EaseUS file recovery software. If you are in this dilemma, follow fixes here to clean up virus and bring your files back:
|Workable Solutions||Step-by-step Troubleshooting|
|Fix 1. Remove Virus with CMD||Run Command Prompt as Administrator or EaseUS M Tool > Clear virus with attrib -s -h -r /s /d *.* command...Full steps|
|Fix 2. Run Antivirus||Run installed antivirus software, execute clean operation if virus is detected...Full steps|
|Fix 3. Run Windows Defender||Go to Settings > "Update & Security" > "Windows Security" > "Virus & threat protection" ...Full steps|
|Fix 4. Format Infected Device||If the hard drive partition or external storage device was infected by virus, formatting it can help...Full steps|
|Bonus Tip. Recover Files||If files get hidden or deleted by the virus, run EaseUS Data Recovery Wizard > Scan device and recover...Full steps|
What Damage Could Viruses Do
We loathe computer viruses, undoubtedly. But do you know exactly how viruses can damage your computer? There are many types of viruses, and they behave in different ways. To sum it up, a computer virus is simply a type of program that causes your computer to act in an undesirable way. It can be a dangerous infiltration designed to drag your computer down, erase important files, track your habits, or gives hackers access to your personal information... A virus is a great nuisance. Some viruses like the Locky virus and CryptoLocker, also known as ransomware, delete computer files, encrypt them, even change the file extension to .locky or .encypt. Other viruses hide files and leave users with nowhere to unhide them.
It's certainly true that a virus is something you will want to remove once you find it. Among the multiple choices, many users attempt to remove viruses using CMD.
Why Can You Remove a Virus Using CMD
In fact, using command lines doesn't directly check and remove viruses from your computer or external storage device. CMD helps to achieve your goal of removing viruses by showing the hidden viruses on a partition or drive. Afterward, you can delete the suspicious files. Since viruses always conceal themselves, you need to make them appear and then delete the virus files. Then how can you show the potentially hidden virus files using CMD? All you need is the attrib command.
The attrib command is a Command Prompt command used to display, set, or remove the attributes of the files or folders in the selected location. By canceling the "hidden" attribute of the virus, you can see it appearing in the folder. And then you will know where to find and remove it.
How to Remove Virus Using CMD
Now, follow the steps below to delete viruses from your computer or storage device using CMD.
Step 1. Type cmd in the search bar, right-click "Command Prompt" and choose "Run as an administrator".
Step 2. Type F: and press "Enter". (Replace "F" with the drive letter of the infected partition or device.)
Step 3. Type attrib -s -h -r /s /d *.* and hit "Enter".
Step 4. Type dir and hit "Enter". Now you will see all the files under the assigned drive. (The dir command displays a list of a directory's files and subdirectories.)
Step 5. For your information, a virus name may contain words like "autorun" and with ".inf" as the extension. Thus, if you find such suspicious files, type del autorun.inf to remove the virus.
Here are the basic attributes of the 'attrib' command:
R – represents the "Read-only" attribute of a file or folder. Read-only means the file cannot be written on or executed.
H – the "Hidden" attribute.
A – stands for "Archiving" which prepares a file for archiving.
S – the "System" attribute changes the selected files or folders from user files into system files.
I - "not content indexed file" attribute.
The "attrib" Syntax:
ATTRIB [+ attribute | – attribute] [pathname] [/S [/D]]
In the above command, let's see what the different parameters and switches are:
'+ / –': To enact or to cancel the specified attribute.
'attribute': As explained above.
'/S': Searching throughout the entire path including subfolders.
'/D': Include any process folder.
'pathname': Path where the target file or folder is located.
Here is the proper syntax order for attrib command:
ATTRIB [+R | -R] [+A | -A ] [+S | -S] [+H | -H] [+I | -I] [drive:][path][filename] [/S [/D] [/L]]
- Be careful while using the Command Prompt. Improper use of cmd can result in system damage.
If you receive the message "Access denied", you should:
- Make sure you have run Command Prompt as an administrator
- Make sure the file/folder is not in use
- Check the permission of the current account and make sure you have full control over the file/folder (right-click the file/folder/partition and go to "Security")
- Use CHKDSK command to check for file system errors (run Command prompt and enter chkdsk /f [drive letter]:)
Manual input of the command line is suitable for computer professionals since wrong commands can cause more severe problems. Therefore, for security and usability, we strongly recommend you try an automatic command line alternative. EaseUS Tools M is a practical tool that enables you to check and fix files system error, enable/disable write protection and system update with one-click instead of typing intricate command lines.
Follow the simple steps below to show hidden files with this 1-click-fix software.
Step 1. DOWNLOAD EaseUS Tools M for Free.
Step 2. Start EaseUS Tools M, choose "File Showing" on the left pane. Next, choose the target drive for scanning.
Step 3. After the operation completes, click the View button to check the hidden files.
3 Other Ways to Remove Virus
In addition to using CMD, there are other methods available to remove a virus from your computer or storage device, like using antivirus software, Windows Defender, and formatting the storage device.
Method 1. Run Antivirus
Almost every computer has antivirus software installed. Whenever you find your computer is infected by a virus, running the antivirus software may help.
Method 2. Run Windows Defender Antivirus
Windows Defender Antivirus is the built-in antivirus protection in Windows 10. It provides protection against viruses, malware, and spyware for your computer and connected devices. If you don't have third-party antivirus software, using the built-in utility is advisable.
Step 1. Go to "Settings" > "Update & Security" > "Windows Security".
Step 2. Click "Virus & threat protection".
Step 3. In the "Threat history" section, click "Scan now" to scan for viruses on your computer.
Method 3. Format the Infected Device
The format is the process of erasing the existing files on the selected partition or drive. It will certainly remove the virus, too. Since formatting a partition/drive will cause data loss, make sure you don't have any important files stored on the device.
How to Recover Files Deleted/Hidden by Viruses
Don't forget to use a data recovery tool in case the virus deleted or hid your important files on USB and other drives. Using commands can only help remove the virus but can do nothing to restore damaged and lost files. EaseUS file recovery software is able to complete virus file recovery in just three steps.
Learn the 3-step file recovery in this video guide.
How to Prevent Virus or Malware Infections
Except for knowing how to cope with a virus attack, you should also know how to prevent virus infection on your computer or external storage device. For you to protect your computer or USB drives better, here are some feasible tips on virus prevention for you:
Install professional antivirus software on your computer and keep it updated
Be cautious with the origins of the programs you want to install
Avoid suspicious websites and think before you make a click
Make sure the network connection is safe
Besides, regularly making backups of your files with free backup software is also recommended to avoid complete data loss that may be caused by a virus infection.
The Bottom Line
Removing a virus using CMD is a roundabout solution. Yet it works in some cases. If the attrib command fails, try the three more tips provided to get rid of the malicious file. Besides, virus attacks are always accompanied by data loss. In that case, use the hard drive recovery software - EaseUS Data Recovery Software to rescue the lost files as soon as possible.
Was This Page Helpful?
Frequently Asked Questions
- 1. Why choose EaseUS Data Recovery Wizard?
"EaseUS Data Recovery Wizard is the best we've seen. It's far from perfect, partly because today's advanced disk technology makes data-recovery more difficult than it was with the simpler technology of the past, but it's fast and efficient..." —PCMag
"The first thing you'll notice about EaseUS Data Recovery Wizard Pro is that its interface is very clear and uncluttered, with only a small collection of self-explanatory controls. You won't find lots of extra options hidden in a system of hidden menus, either; what you see really is what you get." —techradar
"Recover lost files, even after deleting a partition or formatting your drive." —Macworld
- 2. Why cannot I recover 2GB data for free?
It is recommended to check the version installed is Free or Trial because they are different versions.
Trial has data preview function but cannot save any files, while the Free version enables to recover 2 GB files. The default free space is 500 MB and you may share the product on social media to get another 1.5 GB.
- 3. Why cannot the recovered files be opened?
A file is saved as 2 parts on the storage device: directory info (which is comprised by file name, time stamp and size info, etc.) and data content.
If the files with original file names and folder structures cannot be opened, one possible reason is the corrupted directory info. There is still a chance to recover the data content with the RAW Recovery method in our software.
- 4. Why isn't it suggested to recover the files back to the original drive?
The storage structure of the lost files would be altered or damaged by any changes on the drive. If you save the recovered files back to the same drive, the original data structures and data content would be corrupted or overwritten, which causes permanent data loss. So you should prepare another disk to save the files.
- 5. How can I check whether my data is recoverable or not before purchase?
The Free version helps you save 2GB files, so verify the recovery quality of our product before purchase.
- 6. How long does it take to scan the drive?
It strongly depends on the capacity of your hard drive and the performance of your computer. As reference,most drive recoveries can be completed in around 10 to 12 hours for a 1-TB healthy hard drive in general conditions.