Most computer users today have never seen, or had occasion to use, the Command Prompt. Originally known as the MS-DOS Prompt, this was our only way to communicate with the Operating System and the Directory and File structure before Microsoft Windows® converted us all to the Graphical User Interface.
Most IT Support technicians are at least aware of this arcane, text-based interface and use it on rare occasions. But to effectively deal with today's sophisticated malware, the savvy tech must be intimately familiar with at least a dozen of these commands.
If the GUI of Windows is working properly and you are not restricted in your ability to open a Command window, you will normally do so by entering "cmd" from the Run command or the Search box provided by the Operating System on the infected computer.
In cases of more persistent malware infections, you may need to boot into Safe Mode Command Prompt only. This approach will usually allow most of the basic functionality that may be blocked when the GUI is loaded.
In either case, here is the short list of commands you need to be prepared to use, along with the purpose of each:
- Attrib - Used to view and/or change the attributes of a directory or file
- Cd or Chdir - Used to navigate through the directory structure
- Copy - Copy files and/or folders (directories) from one location to another
- Del or Erase - Delete or erase files
- Dir - View the contents of a directory
- Find - Search for a file or folder by name or partial name
- Md or Mkdir - Create a new directory in the current location
- More - Allow viewing of on-screen output one page at a time
- Rd or Rmdir - Remove a directory
- Ren or Rename - Rename a file or folder
- Tree - View the structure of a directory
- Xcopy - Copy files and/or folders from one location to another; gives you additional options beyond those offered by the Copy command
To see a complete list and a brief description of all available commands, you may enter "help" from a Command Prompt. For more detailed information on the options and parameters associated with each command, enter "[command] /?" and they will all be listed.
If you haven't studied the syntax of these commands in a while (or ever), you may want to invest some time in becoming familiar with them before you need them. If you deal with cleaning up malware on a regular basis, it's a safe bet you'll be using these commands frequently.
Bonus research: What's the difference between entering "cmd" or "command" from the Run command or the search box? And why do you need to know? Send your response to firstname.lastname@example.org.