DELTREE (short for delete tree) is a command line command in some Microsoft operating systems that recursively deletes an entire subdirectory of files.
Contents
Background
When IBM and Microsoft introduced PC-DOS 1.0 / MS-DOS 1.0, subdirectories were not yet supported. This state of affairs was remedied with the release of DOS 2.0, which introduced support for subdirectories and directory nesting; however, it had no built-in facility for deleting entire subdirectory trees. Through the release of MS-DOS 5.0, removing nested subdirectories required removing all of the files in the lowest subdirectories, then removing the subdirectory itself, then repeating the process up the directory tree. By 1991 at least one competing product, DR-DOS, had introduced a well-received utility that enabled recursive file deletion. With the introduction of MS-DOS 6.0, Microsoft regained parity by adding the DELTREE command.
Implementation and use
DELTREE was implemented as an external command, with its functionality kept in a separate file outside of COMMAND.COM. Normal operation prompted the user for verification that the specified directories were indeed intended to be removed, but this safeguard could be suppressed with a command-line option. Unlike most other commands that operated on the file system, multiple directories could be passed to the command at one time. An undocumented feature allowed the user to append a trailing "/" character to a directory name in order to preserve the directory but remove everything underneath it. In theory, deleted material could be recovered.
Use in malware and sabotage
DELTREE was designed to ignore all file and directory attributes, such as hidden, read-only and system. The command was described as "potentially dangerous" and "capable of wiping out hundreds of files at a time". Combined with the PURGE command (which prevented data recovery), it became an example of a worst-case payload for malware as well as figuring in one of the early computer sabotage trials.
Obsolescence
DELTREE was retained throughout all Windows versions based upon MS-DOS, including Windows 95, Windows 98, Windows 98 SE and Windows ME. (For Windows versions before Windows 95, the presence of DELTREE depended on the version of the MS-DOS that was already present on the machine.)
DELTREE was not shipped in Windows NT-based operating systems, including Windows NT, Windows 2000, Windows XP, Windows Server, Windows Vista, Windows 7, and Windows 8. Instead, the RD or RMDIR (remove directory) command removes a subdirectory along with all its files if the /S command-line switch is given, and does so without prompting if the /Q command-line switch is given as well.