Even though there are a lot of antivirus programs you can use to get rid of viruses and malware, sometimes you might need to deal with a suspicious file or folder on your own. It’s very important to know that the steps we’ll talk about later for using Command Prompt (CMD) in Windows 11 or 10 are meant for dealing with specific suspected files in certain folders, not for scanning your whole computer for viruses.
This method is just an extra step, not a replacement for regular virus scans. You should always use Windows Defender or a good third-party antivirus software to check your entire system first. With that in mind, let’s look at how to use CMD to remove suspected viruses manually in Windows.
Page Contents
Why use Command Prompt for manual virus removal
Command Prompt lets you talk directly to the Windows OS and work with files. If a virus is messing with your antivirus software, or if it’s a new virus that your antivirus software doesn’t know yet, CMD can come in handy. It allows you to go straight to the file and change things so you can delete it more easily.
But you need to know what you’re doing with CMD because a wrong command can cause serious problems with your PC.
Also see: How to Scan an .exe File for Viruses to Check If It’s Safe
Things to consider before using CMD to delete infected files
There are some important things that you should know first before you proceed:
- This method is not about guessing where viruses might be; it’s about dealing with specific suspicious files or folders. Make sure you know which files might be causing trouble, maybe because your computer is acting weird or another scanning tool gave you a clue.
- It’s often a good idea to start your computer in Safe Mode when trying to get rid of infected files. Safe Mode runs with just the basic stuff your computer needs, which makes it tough for stubborn viruses to hide or protect themselves.
- Make sure you have administrator rights on your computer. You’ll need this to run certain commands and change file properties.
- If you’re not sure about a command or a step, stop and look it up or ask someone who knows.
Common virus: What is Trojan:Win32/Casdet!rfn and How to Remove it
Remove virus files using CMD in Windows 11 or 10
Now that you know what we’re trying to do and know the risks, below are the steps to get rid of a virus file using CMD in Windows 11 or 10.
- Start CMD with administrator rights:
- Click on the Start button.
- Type “cmd” in the search bar.
- Right-click on “Command Prompt” from the search results and select “Run as administrator”.
- Handy guide: How to Run CMD, PowerShell or Regedit as SYSTEM in Windows 11
- Go to the folder you think has the virus:
- In CMD, you usually start in your user folder. Use the “cd” command to go to other folders. For example,
cd Downloadswill take you to your Downloads folder. Learn more: How to change directory or drive in CMD. - To go back up one level in the folder structure, type
cd ...
- In CMD, you usually start in your user folder. Use the “cd” command to go to other folders. For example,
- Show files and folders:
- Type “dir” to see all the files and folders where you are. This helps if you’re not sure of the file name you’re after.
- Use
dir /ato see all files, even hidden ones. Bad files often hide to avoid being seen.
- Change file properties:
- If you find a sketchy file, you might need to change its settings. Use the “attrib” command for this.
- For instance, if a file called “autorun.exe” is hidden and read-only, you can make it visible and editable by typing
attrib -h -r autorun.exe.
- This will make the file visible and ready for changes.
- Related resource: How to Unhide a File or Folder in Windows 11
- Delete the bad file:
- Once you’re sure the file is harmful and you’ve backed up important stuff, use the “del” command to get rid of it. For example,
del autorun.exe. - You can also use:
del /F /Q autorun.exe. Here, “/F” makes sure read-only files get deleted, and “/Q” means it won’t ask you before deleting.
- If a message says the file is being used, you might need to restart in Safe Mode and try again. Safe Mode stops most programs from running, which helps in deleting stubborn files.
- Learn more: How to Force Delete a File in Use by Another Program on Windows 11/10
- Once you’re sure the file is harmful and you’ve backed up important stuff, use the “del” command to get rid of it. For example,
- Check startup programs:
- Many bad programs try to start automatically when your computer turns on. You can see which programs these are with the “wmic” command.
- Type
wmic startup list fullto see all programs that start with Windows. If you see something suspicious, write down where it’s located.
- See also: How to Disable Startup Services on Windows 11 or 10
- Clean out temporary folders:
- Bad software often hides or keeps copies in temporary folders. It’s smart to clean these out now and then.
- Go to the temp folder with
cd %temp%. - Type
del *.*to remove all files. Be careful, this deletes all temp files, but it’s usually safe. However, it’s good to be cautious.
- Useful tip: How to Delete a Ghost File or Folder in Windows 11/10
Emphasizing again, although CMD can be a strong tool to delete files that are difficult to remove, it’s not actually a solid way to find malware on your system. Whenever in doubt about a possible infection on your computer, always do a full scan with either Windows Defender or a trusted antivirus program first.
