How to Remove Virus Using CMD?

 Viruses and malware can slow down your computer, corrupt files, and compromise your privacy. While antivirus software is effective, Command Prompt (CMD) offers a powerful built-in way to manually detect and delete malicious files — no third-party tools required.

This guide explains how to use CMD to locate and remove a virus from your system using simple commands.

---

🛡️ Method 1: Remove a Virus Using the del Command in CMD

This method helps you manually locate and delete malicious files from an infected drive using Command Prompt.

---

✅ Step 1: Open Command Prompt as Administrator

1. Click the Start menu or Search bar.

2. Type CMD.

3. Right-click on Command Prompt and select Run as administrator.

🔐 This provides elevated permissions required to access and modify system files.

 

---

✅ Step 2: Select the Infected Drive

Type the letter of the infected drive, followed by a colon, and press Enter.
For example:

Replace E with the actual drive letter where the virus is suspected to reside.

---

✅ Step 3: Remove File Attributes

To make hidden and protected files visible and editable, type:

Command: attrib -h -s -r /s /d *.*

 

⚠️ After this step, you can now view and manage hidden or protected files that may be malicious.

 

---

✅ Step 4: Delete the Suspicious File

Common malware uses files like autorun.inf to auto-execute. To delete it, type:

Command: del ( Enter_the_Program_name_here )

 

Replace Enter_the_Program_name_here with the actual name of the file you suspect to be a virus. Be careful not to delete important system files.

If access is denied, ensure CMD is running as Administrator, and no other process uses the file.

🛡️ Method 2: Remove a Virus Using the taskkill Command

Another effective way to stop and remove malware is by terminating suspicious processes directly from the Command Prompt. Some viruses run as background tasks, so stopping them is an important step in removal.

---

✅ Step 1: Open Command Prompt as Administrator

Just like before:

1. Search for CMD in the Start menu.

2. Right-click on Command Prompt.

3. Select Run as administrator.

🔐 Running CMD as administrator ensures full control over system-level processes.

---

✅ Step 2: View Running Tasks

Type the following command to see all currently running programs and background processes:

Command: tasklist

This will display a detailed list of all active tasks, including:

• Program names

• Process IDs (PID)

• Memory usage

---

✅ Step 3: Identify Suspicious Programs

Carefully scan through the list for unfamiliar or suspicious processes. Look for:

• Random names (e.g., xvchost.exe, abc123.exe)

• Unnecessary background apps

• Duplicate system names (e.g., two instances of svchost.exe — one could be fake)

🧐 If you're unsure about a process, search its name online before taking action.

---

✅ Step 4: Terminate the Suspicious Program

Once you identify a suspicious or unnecessary process, terminate it using the following command:

Command: taskkill /F /IM ( Enter_Your_Program_Name_Here )

• Replace programname.exe With the actual name of the process.

• /F forces the process to terminate.

• /IM stands for Image Name (the process name you saw in the task list).

---

🔚 Conclusion

Using CMD to remove viruses gives you direct control over what’s running on your PC. By following Method 1 (del command) and Method 2 (taskkill command), you can:

• Unhide and delete malicious files

• Terminate suspicious running programs

✅ Pro Tip: After cleanup, always run a full antivirus scan to ensure no infection traces remain.