Share via

How to find malware on command prompt

Anonymous
2017-11-03T21:37:38+00:00

okay so, i think my asus laptop is infected with malicious malware. 

Ive been messingnaround with cmd trying to figure out how to find hidden malicious files, but i dont think im getting anywhere. 

When i type attrib on cmd it comes up with 11 lines, i will add a photo. I wanted to know what the log1 and log2 means, this all seems pretty innocent but i know viruses can trick you into thinking they are something they are not. 

Also, slimcleaner has been on the laptop for ages, i know this is one of the reasons its infected, along with this, skype pops up every time my laptop turns on, when i try to exit it, it just minimises itself and will NOT Go away? Why?? Could this be what someone is using to gain acess? I never downloaded or even use skype on my laptop so not sure why its even there. 

Another thing, it says theres a default getaway, subnet mask and temporary ipv6 addresses? Around 2 of them. Im sorry if im sousong stupid here and these are all just things a laptop needs, i have not much experience in this and only doing this as i think my laptop is infected. It also says 'wireless LAN adapter local area connection 2' then media disconnected? There are soo many other suspicious files on my laptop, too many to list on here, like setup64, igfxcui, loadssss of .exe files. How can i determine whether the hidden file is something i need or a virus? Can i do this through CMD? So how can i find all these camoflauged malware through CMD?

Windows for home | Windows 10 | Security and privacy

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2017-11-04T02:47:18+00:00

    Please answer-by-number, preferably without quoting my post:

    1. When (approx. date) did you purchase the ASUS computer?
    2. Did the computer come with Win10 preinstalled, did you do a clean install of Win10, or did you upgrade a Win7 computer or a Win8.1 computer [<=PICK ONE!] to Win10?
    3. Has a Norton application or a McAfee application EVER been installed on the computer since you bought it?
    4. Have you ever run the Norton Removal Tool, the Norton Remove and Reinstalltool, and/or the McAfee Consumer Products Removal Tool?
    5. What Version & OS Build of Windows 10 is currently installed?
    • Press & hold the Windows Key and press theR key. In the RUN dialog, type WINVER and press the Enter key.
    1. Do you have backups of ALL the changes Slimcleaner and every other "registry cleaner" have EVER made to the computer?
    • Injudicious use of registry cleaners may be playing a role here. TIP: If you ever again think your Registry needs to be cleaned, repaired, boosted, tuned-up, cured, tweaked, fixed, maximized, "swept" or optimised (it doesn't),

    read this article and **this older**  (but still valid) **one** (and related links cited therein) then draw your own conclusions. Also related => http://support.microsoft.com/kb/2563254

    3 people found this answer helpful.
    0 comments
  2. Anonymous
    2017-11-04T16:51:29+00:00

    We don’t really have any built-in malware detection or remediation capabilities in either the Windows Command Prompt or the PowerShell Prompt, since these apps essentially just provide an alternative interface for controlling and configuring applications that are built into Windows, or that are installed by a user. Only people with skills comparable to those of Mark Russinovich actually have the ability to remove malware by using the file system access that’s provided in the Command Line Interface.

    For the rest of us, the Command Line Interface only provides us with the option to use an AV app without opening its Graphical User Interface. So, for example, we can initiate a Windows Defender Quick Scan by running the Start-MpScan command at the PowerShell Prompt:

    But for Windows Defender, the PowerShell Interface plays a much more important role; because the only access that we have for setting Defender’s preference options is via the Windows Defender PowerShell cmdlets:

    https://docs.microsoft.com/en-us/powershell/module/defender/?view=win10-ps

    With these cmdlets, we can actually move into a realm that’s totally inaccessible in the GUI, and this gives us the ability to configure the behavior of Defender (and also to gather information) in ways that simply aren’t available in the familiar interface. For example, enabling Defender’s PUA Protection feature is an important change that users should be making to the default preferences configuration. Some of the other changes that I’ve previously recommended in this forum include enabling the scanning of removable drives, and setting the CPU limit for scheduled scans at 100 percent, in order to make scheduled scans run faster. Here’s a screenshot that shows how to check the settings for these options with the Get-MpPreference command, and then set your own preference with the Set-MpPreference command:

    To make this easy, you can just copy and paste these lines at the Administrator PowerShell Prompt:

    $Preferences = Get-MpPreference

    $Preferences.PUAProtection

    Set-MpPreference -PUAProtection 1

    $Preferences.DisableRemovableDriveScanning

    Set-MpPreference -DisableRemovableDriveScanning $False

    $Preferences.ScanAvgCPULoadFactor

    Set-MpPreference -ScanAvgCPULoadFactor 100

    GreginMich

    5 people found this answer helpful.
    0 comments
  3. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more