Remove Virus from Computer or USB Drive by Command Prompt
The word “Virus” is a threat to users of Windows. Users feel uneasy to connect others USB or pen drive to their Computer for the inflections made by Virus. Viruses spread in Computer to Computer through the pen drive or any removable disk drive. Mainly Autorun.inf or many .exe files like newfolder.exe, ravmon.exe etc affect the documents of your computer. If you try to delete the file from the directory they come back automatically every time and it easily spreads in the computer.
Tip: Clean Your Computer Removing Antivirus Live Application.
These Autorun or .exe files are written in such a manner that when we try to open or rename a drive a specific program starts as a result we can’t do those works.You can remove viruses from Task Manager. You have to stop the affecting process from “Task Manager” by choosing that process as “End Task” in Task Manager. But the virus programmer are much aware about that so when you want to open “Task Manager” by pressing “Ctrl+alt+del” you will see that the “Task Manager has been disabled by your administrator“.
Also read: How to make a folder undeletable 
In this situation there is another process to remove autorun.inf from Command Prompt. That seems more effective. You have go through some commands only. But the Command Prompt may be disabled by the virus. You can download a replacement of the Command Prompt.
However after getting the access of Command Prompt you can apply the following tricks to remove the virus from your computer.
Related: Remove Virus Manually From Your Computer.
First click the “Start” button and go to “Run“. You can also press “Windows+R“. Type “cmd” there.
Type the following commands in the Command Prompt
- Type “<Drive_name>:” in the command prompt and hit “Enter“. (“Drive_name” is where the problem occurs, it may be any USB drive)
- Type “attrib” and hit “Enter“. (This shows the files that are present in the currently working directory. You can also use the command “dir/w/o/a/p“)
- If there are any file named autorun.inf then go for next steps else the drive is not affected with any autorun.inf file.
- Type “attrib -h -r -s -a *.* ” then hit “Enter“. (This command removes the Hidden, Read Only, System and Archive attributes over any file)
- After unhiding and removing attributes you can see the files. So you can delete the file now.
- Type “del <filename>” in the Command Prompt and hit “Enter“. (As for example del autorun.inf)
Now your computer is virus free. Enjoy! Feel free to share your experience with us.
Reader Comments
nice guide.
Also, if your computer is infected with a RAT (Remote admin tool – that gives full access to the hacker… e.g. you see your mouse moving automatically. LOL )
Do this >
1. open CMD (Start > RUN > type: cmd )
2. Type in: netstat – ano
(it shows all ur network accessing process with their Process identification codes = PID )
3. if you see a Text like this > ESTABLISHED with a foreign IP, note down its PID.
It will also show the EXE accessing it.
4. go to TASK MANAGER (CLTR + ALT + DEL)
– then go to VIEW > Tick PID
5. in the Proccess TAB > just click that PID process EXE file.
6. now disconnect your internet & scan your whole Computer with SpyBot SD 1.6 & NOD32 v.4
7. your are virus free now.
NOTE: you will say why didnt i disconnected internet at Start !! thats cus teh RAT virus will also get exit, will come again whn u access the net & netstat needs internet connection ON to show PID.
@Ajinkya
Very nice tips. Thanks for sharing.