How to Use CMD to Remove Virus from Any Drive in Windows 10

Know what damage a virus could do to you

We loathe virus, undoubtedly. Do you know how viruses can damage your computer exactly? There are many types of viruses, and they behave in many differentiated ways. To sum up, a computer virus is simply a type of program that causes your computer to act in an undesirable way. It can be dangerous, to drag your computer down, erase very important files, or gives hackers access to your personal information...

Viruses are nuisance, unfortunately, it seems unlikely to avoid it. Some viruses like Locky virus and CryptoLocker, also known as ransomware, delete computer files, encrypt them, even change the file extension to .locky or .encypt, while some virus hide files, making users find nowhere to unhide them. If you happen to be a victim who's looking for .locky file recovery and .crypt file recovery, then click the links.

General knowledge about commands

In this page, we're going to offer you solutions to remove viruses from your USB drive, memory card, in fact, any drive in a Windows 10 computer using CMD. In order to remove a virus using CMD, we will use a famous CMD command called 'attrib' command. So first, we'd better have some understanding about the commands we're supposed to use.

Here are the basic attributes of the 'attrib' command which we will use later:

R – R represents the "Read-only" attribute of a file or folder. Read-only means the file cannot be written or executed.
H – H stands for the "Hidden" attribute.
A – Similarily,  A stands for "Archiving" which prepares a file for archiving.
S – S attribute changes the selected files or folders into a system file from a user file by assigning the "System" attribute to that particular file.

"attrib" Syntax:

ATTRIB [+ attribute | – attribute] [pathname] [/S [/D]]

In the above command, let's see what the different parameters and switches are:

'+ / –': To enact or to cancel the specified attribute.
'attribute': As explained above.
'/S': Searching throughout the entire path including subfolders.
'/D':  Include any process folder.
'pathname': Path where the target file or folder is located.

Here is the proper syntax for attrib command:

ATTRIB [+R | -R] [+A | -A ] [+S | -S] [+H | -H] [+I | -I] [drive:][path][filename] [/S [/D] [/L]]

How to remove/delete virus using CMD in Windows 10/8.1/8/7

Warning

Please be careful while using CMD command line to resolve your current issue. Improper use of CMD may cause serious results.

Just give you an example. I am going to transfer an 'autorun.inf' virus from my USB drive to my D: drive and delete that virus from my D: drive.

Step 1. Open Command Prompt from search and run as an administrator.

Step 2. Type D: and press Enter.

Step 3. Type attrib and press Enter. You'll see autorun.inf virus listed.

Step 4. To remove virus using CMD, type into your command prompt attrib -r -a -s -h *.* and press Enter. This will remove the Read Only, Archive, System and hidden file attribute from all the files. (*.* for all the files with all different types of file extensions).

Step 5. Type del autorun.inf and enter, to delete the files.

If you are infected by other viruses, replace autorun.inf with other virus extenstion such as *.ink or *.exe so to respectively delete those suspicious files.

More tips for virus removal in Windows 10

Don't forget data recovery process if the virus deletes, hides your important files on USB and other drives. EaseUS file recovery software does well in virus file recovery in simple three steps. Using commands can only help remove the virus but can do nothing to restore the damaged and lost files. Get hurry to bring disappeared files back by yourself.

Learn from the 3-step file recovery in the video guide.