Microsoft Command Prompt "attrib" is a very useful tool to check if your hard drives, even your USB flash drives, have been infected by a virus.
You will know if malware or virus is inside your hard drive just by looking at the attributes of each file. The function of attrib is to set and remove file attributes (read-only, archive, system, and hidden).
To start attrib, follow these steps:
Go to Start Menu > Run
Type cmd (cmd stands for command prompt), then run as Run as Administrator
Press Enter key
Go to the root directory first by typing cd\ (because this is always the target of Malware / Viruses).
Type attrib and press Enter key. After typing attrib, the attributes of all files will be shown.
In this example, we have two files that are considered malware. Note that two files were outlined in red (SilentSoftech.exe and autorun.inf). Since we cannot see these files nor delete them (because the attributes that were set on these files are +s +h +r).
+s - meaning it is a system file (which also means that you cannot delete it just by using the delete command)
+h - means it is hidden (so you cannot delete it).
+r - means it is a read-only file ( which also means that you cannot delete it just by using the delete command)
Now we need to set the attributes of autorun.inf to -s -h -r (so that we can manually delete it).
Note: When the autorun.inf keeps coming back even if you already deleted it, check your Task Manager by pressing CTRL + ALT + DELETE (a virus is still running as a process, that's why you cannot delete it. Kill the process first by selecting it and clicking End Process.
PLACE YOUR ADS HERE
Join and Subscribe to my Newsletter.
Hi, I'm Ralph Gregore Masalihit!
An RFP Graduate (Registered Financial Planner Institute - Philippines).
A Personal Finance Advocate. An I.T. by Profession. An Investor. Business Minded. An Introvert. A Photography Enthusiast. A Travel and Personal Finance Blogger (Lakbay Diwa and Kuripot Pinoy).
Currently, I'm working my way toward time and financial freedom.
PLACE YOUR ADS HERE