This wikiHow teaches you how to locate and delete a known virus on your Windows computer using the Command Prompt. The process involves opening Command Prompt with administrator privileges, navigating to the infected directory, revealing hidden files with the attrib command, identifying the virus, and deleting it permanently. This method works if you already know the virus filename, such as common ones like “autorun.inf” or “New Folder.exe”. Be cautious, as it requires precise identification to avoid deleting legitimate system files.

Before you start: You need a Windows computer (Windows XP or later), administrator access, and the exact name of the known virus file. This guide does not apply to Macs or other operating systems.
Warning: Incorrectly deleting files can cause system instability, data loss, or require a full system restore. Always verify suspicious files by searching online before deletion, and consider running antivirus software first.

How to locate and delete viruses using the attrib command

Follow these steps to open Command Prompt as an administrator and safely remove the known virus from your system.

Part 1: Opening Command Prompt

  • Open the Start menu by clicking the Windows logo in the bottom-left corner or pressing the ⊞ Win key.
  • Typecommand prompt into the search field to find the app, which appears at the top of the results.
    • If using Windows 8: Move your cursor to the top-right corner, then click the magnifying glass icon.
    • If using Windows XP:Click the Run app on the right side of the Start menu.
  • Right-clickCommand Prompt, which looks like a black box icon, to open the drop-down menu.
    • If using Windows XP:Typecmd.exe into the Run window instead.
  • SelectRun as administrator near the top of the menu. Click Yes to confirm the User Account Control (UAC) prompt.
    • If using Windows XP:Click OK to launch it.
    • Note: Administrator mode may not be available on restricted public or networked computers like those at libraries or schools.

Part 2: Locating and deleting viruses

  • Type the drive letter for your directory, such as C:, and press Enter to switch to that location.
  • Typeattrib -r -a -s -h *.* and press Enter. This reveals hidden, read-only, archived, and system files while removing those attributes from suspicious ones—legitimate files will show “Access Denied”.
  • Scroll up through the list to find your virus by its known name. Look for unfamiliar .inf or .exe files like autorun.inf or New Folder.exe. Warning: Double-check any suspect file by searching its name online before proceeding.
  • Typedel [virus name], replacing [virus name] with the exact filename (e.g., del autorun.inf), and press Enter to delete it.
  • Close Command Prompt once the deletion is complete—the virus should no longer impact your system, and you may notice improved performance.
Pro tip: After deletion, immediately run a full scan with trusted antivirus software like Windows Defender to detect and remove any remaining threats or related malware.

Once the virus is deleted, restart your computer to ensure changes take full effect and monitor for any unusual behavior like slow performance or pop-ups. Install or update comprehensive antivirus software and enable real-time protection to prevent future infections. Regularly back up important files to an external drive or cloud storage in case of future issues.

You Might Also Like
Accessing copied text on your Android's clipboard with ease
How to find copied text on your Android clipboard
How to rejoin a Telegram group that you have left?
How to rejoin a Telegram group that you have left?
Instagram launched its Convert to Reel feature, if don't know how to create highlight Reels on Instagram you will find your answers below.
How to create highlight Reels on Instagram using Convert to Reel feature?

If problems persist, consider a professional IT service or using built-in tools like Windows Security for deeper scans. Avoid downloading files from untrusted sources, and keep your Windows and apps updated to patch security vulnerabilities. This proactive approach helps maintain a secure and efficient system long-term.