use "attrib" to check for Viruses or Malware
"attrib" is a very useful tool to check if your hard drives even your usb disks have been infected by a virus.
You will know if a Malware is inside your hard drive just by looking at the attributes of each files and the file that has the attributes of +s +h +r
The function of attrib is to set and remove file attributes (read-only, archive, system and hidden).
start attrib
To start attrib
Go to Start Menu > Run
Type cmd (cmd stands for command prompt)
Press Enter key
The Command Prompt will appear showing us where is our location in the directory.
using attrib
To use attrib
Go to command prompt
1 then Go to the root of the directory first by typing cd\ then press enter.(because this is always the target of Malware / Virus)
2. Type attrib and press Enter key
+s - meaning it is a system file (which also means that you cannot delete it just by using the delete command)
+h - means it is hidden (so you cannot delete it)
+r - means it is a read only file ( which also means that you cannot delete it just by using the delete command)
Now we need to set the attributes of autorun.inf to -s -h -r (so that we can manually delete it)
Type attrib -s -h -r autorun.inf in command prompt and press enter.( be sure to include -s -h -r because you cannot change the attributes using only -s or -h or -r alone)
Type attrib again to check if your changes have been commited
If the autorun.inf file has no more attributes, you can now delete it by typing del autorun.inf
Repeat these steps for removing virusus from the other partitions,external hard disks or usb drives.
NOTE : when autorun.inf keeps coming back even if you already deleted it, be sure to check your Task Manager by pressing CTRL + ALT + DELETE ( a virus is still running as a process. that’s why you cannot delete it. KILL the process first by selecting it and clicking End Process.use process killing softwares like runscanner or autoruns to view suspected process.you can find these softwares in here
