0
Microsoft Command Prompt "attrib" is a very useful tool to check if your hard drives even your flashdisks have been infected by a virus.
You will know if a Malware is inside your hard drive just by looking at the attributes of each files and the file that has the attributes of +s +h +r
The function of attrib is to set and remove file attributes (read-only, archive, system and hidden).
Launch attrib
To start attrib
1. Go to Start Menu > Run
2. Type cmd (cmd stands for command prompt)
3. Press Enter key
The Command Prompt will appear showing us where is our location in the directory.
command prompt showing the current location in the directory
Using attrib
To use attrib
1. Go to the root directory first by typing CD\(because this is always the target of Malware / Virus)
2. Type attrib and press Enter key
after typing attrib, all the attributes of all the files (excluding folders) will be shown
In this example, I have two files that are considered as malware.
Note that there are two files which I outlined in red (SilentSoftech.exe and autorun.inf). Since you cannot see this file nor delete it (because the attributes that was set on these files are +s +h +r)
1. +s - meaning it is a system file (which also means that you cannot delete it just by using the delete command)
2. +h - means it is hidden (so you cannot delete it)
3. +r - means it is a read only file ( which also means that you cannot delete it just by using the delete command)
Now we need to set the attributes of autorun.inf to -s -h -r (so that we can manually delete it)
1. Type attrib -s -h -r autorun.inf ( be sure to include -s -h -r because you cannot change the attributes using only -s or -h or -r alone)
2. Type attrib again to check if your changes have been commited
3. If the autorun.inf file has no more attributes, you can now delete it by typing del autorun.inf
4. Since SilentSoftech.exe is a malware you can remove its attributes by doing step 1 and step 3(just change the filename) ex. attrib -s -h -r silentsoftech.exe
a) I typed the attrib command with the -s -h -r setting b) the result after I pressed enter - autorun.inf has no attributes left
There you have it!!!!
NOTE : when autorun.inf keeps coming back even if you already deleted it, be sure to check your Task Manager by pressing CTRL + ALT + DELETE ( a virus is still running as a process that's why you cannot delete it. KILL the process first by selecting it and clicking End Process.
NOTE: You can also apply the attrib -s -h -r command to all the partition of your computer, drive D: drive E: drive F: (all of your drives). For example. for drive D, just type "D:" (minus the double quote) then you can see that your current drive is D.. type there the command "attrib -s -h -r *.exe" for exe files and "attrib -s -h -r *.inf" and then delete the file by "del autorun.inf".
Wiki User
∙ 12y ago
Add your answer:
Earn +20 pts
Where do you find run command in your computer?
On the KEYBOARD.
What is a computer virus and how does it work?
It is command /software generated and uploaded by a person.Particular command(virus) for particular operation.As we open the folder,Virus will ready to work which have command to do so
How do you use Task Manager to find the run-line command for many types of software?
How do you use Task Manager to find the run-line command for many types of softwar
Find out the Attributes of file?
Just run attrib command..
How do you find your ms dos version on your computer?
Go to the command prompt and run "ver" command..
How does one remove a virus that has sytxu.exe as its command?
This seems to be a random name of a file created by the virus Run Malwarebytes Anti-Malware Run the anti spyware removal programs spybot and Superantispyware Run a complete scan with free curing utility Dr.Web CureIt!
How do you delete virus that hidden files?
Download anit-virus software and run a whole computer scan and this will find the virus for you and get rid of it.
Virus attacked and when you open drives it opens in a new window what do i do?
Run Malwarebytes Anti-Malware Run the anti spyware removal programs spybot and Superantispyware Run a complete scan with free curing utility Dr.Web CureIt! Then run an online virus scan If the virus scan does not find any virus then it is some software settings which have to be changed
How do you find the command prompt?
Easy - follow these steps : Start Run cmd And it opens!
How do you run rarp from windows command prompt?
You cant windows does not come with a rarp command and I have yet to find one on the internet that actually works
How to detect a virus without using antivirus?
just go to run and type regedit.A dialogue box appears and find for file named virus (not for file virus but for name of the virus)and delete them. Also find for REGSVR or AUTO.EXE. BY PRABJOT SINGH MHOW (M.P)
How can you remove the virus-downloaderdluca from your computer?
you will have to dowload some virus software like avg virus search on google for it and get a free download you can then run the program and it will find and delete any viruses
