Viruses can illegally "infiltrate" into users' computers through many different ways, such as while browsing the Web, or from USB devices or during the process of installing applications and software. . After entering your computer, viruses will reduce your system's performance, causing your computer to slow down, causing system errors and even "eating" valuable data. on your computer.
Therefore, the best way is to completely remove these annoying viruses to protect your system as well as keep the data on your computer safer, while improving performance and helping your computer run faster. than....
In the article below, Network Administrator will guide you through some ways to completely remove unwanted viruses on your computer without having to use or remember the support of any anti-virus program.
Things to consider before using Command Prompt to remove malware from your PC
Only use Command Prompt to remove viruses if you have a technical understanding of how computers work. Running specific commands with admin rights can be risky and you may lose data or system files if used incorrectly.
Additionally, there are limits to what Command Prompt can do to remove malware. You can use it to remove some common viruses, but you cannot do that with others. For example, it will struggle with tougher enemies like ransomware. For cases like this, you will need specialized tools that can decrypt your files.
How to scan your PC for malware using Command Prompt
Before removing any viruses from your computer using Command Prompt, scan your system with tools you already have, such as Windows Defender's own virus scanning utility.
Most viruses will hide in your system files or drives, changing their properties to stay hidden or undetected.
If you don't detect anything with your antivirus software, follow the steps below to scan for malware using Command Prompt:
Open Command Prompt with admin rights via the search bar or Run function. You will receive a prompt confirming that you want to use admin rights on your PC. Click Yes to continue.
A command line window will open. Type sfc /scannow and press Enter to start scanning.
Depending on your PC specifications, this process may take some time. Please wait until the scanning process is complete.
Windows will also attempt to repair any damaged files while this scan takes place. In some cases, this may solve your problem. Otherwise, you may have to search for and delete virus files from your drive.
Search and remove viruses from removable drives with the Attribute command
To remove viruses from a specific drive or partition, use the attrib command. This command can be used to root any files that have been set up for system use or hidden by deleting and revealing those attributes. This command is especially effective in USB drives, where viruses like to hide in certain files that Windows executes automatically.
Syntax “Attrib”
Here's a quick summary of how to use the attrib command. To run the command, you must call it with attrib:
- r represents the Read-Only attribute
- s represents the System property
- a represents the Archive property
- h represents the Hidden attribute
- + applies selected properties to a file or folder
- – delete selected attribute from file or folder
- /s searches the entire document path, including subfolders within the folder
- /d includes any process directories
This command can help you find many types of viruses, especially viruses that run from the autorun.inf file in a USB drive.
How to remove viruses using Attrib command
To get started, run Command Prompt with admin rights.
When Command Prompt opens, select the potentially infected drive using its letter (e.g., d:). This keeps all the functions you will run in one active partition. If you plan to run the attrib command on your main drive, change to the root directory instead: cd C:\.
Use the command attrib -s -h -r /s /d *.* to start removing all system properties, hidden and read-only files. Files provided with these properties by the Windows operating system will not be deleted. Instead, you will get an Access Denied error.
Rediscover the drive using Windows File Explorer. You will see new files that were previously hidden appear. Removing read-only attributes ensures that you are free to delete them at your discretion.
If you're not sure whether the file you find using this method is a virus or not, run it through a website like VirusTotal or Polyswarm to get full confirmation. Both of these sites match the individual files you upload based on a number of heuristic algorithms and anti-virus databases.
Once you have determined that the file you found is a virus, delete it from your system permanently! Restart Windows again and you're done.
Regain registry editing rights from viruses
Some viruses will completely disable your registry editing ability to prevent you from modifying any keys it has edited. If you find yourself in this situation, you just need to type one command.
Open the command line in Administrator mode.
Type the following and press Enter:
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System" /t Reg_dword /v DisableRegistryTools /f /d 0
This will restore the ability to edit your computer's registry. If you still cannot open the registry editor, you will continue to be infected with viruses or have larger problems affecting system integrity that can only be resolved by restoring the system using installation media. set Windows.
Good luck!
No comments:
Post a Comment