Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

i have a virus thats in a unknown file???? help please


  • Please log in to reply
3 replies to this topic

#1 Robfather360

Robfather360

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:16 AM

Posted 30 September 2014 - 10:41 PM

Ok so i have zone alarm and it keeps telling me that i have a couple viruses thats are located in c:\recycler\s-1-5-21-507921405-1993962763-725345543-1004\Dc59, but when i go to find the files there not even there. Can anyone tell me whats going on and how to find/fix the problem? it would be much appreciated 


Edited by Robfather360, 30 September 2014 - 10:43 PM.


BC AdBot (Login to Remove)

 


m

#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:16 AM

Posted 01 October 2014 - 04:57 AM

Are you saying Zone Alarm detected malware but was unable to remove it?

The Recycle Bin is a feature which provides a safety net when deleting files or folders in Windows. When you delete a file it immediately appears in the Recycle Bin and remains there until you empty it or restore the file. The Recycler folder is used only on NTFS partitions and it contains a Recycle Bin for each user that logs on to the computer, sorted by their security identifier (SID). Each drive has a Recycled folder where deleted files are moved to. Double-clicking the Recycle Bin icon displays the folder listing of deleted files available for restoration. For more information, please refer to:The actual location of the Recycle Bin varies depending on the operating system and file system used. On NTFS file systems (Windows 2000, XP, NT), RECYCLER is the name of the Recycle Bin Folder which can be found in each partition on your hard drive. On Windows Vista and Windows 7 it is called the RECYCLE.BIN. On older FAT file systems, the folder is named RECYCLED.The RECYCLED or RECYCLER folder contains a hidden master database file called INFO2 which stores information related to the deleted file that will be used when Windows tries to restore it. That information includes:
  • The file's original full path name.
  • The file's size.
  • The date and time when the file was moved into the recycle bin.
  • The file's unique ID number within the Recycle Bin.
When deleting a file, Windows will rename it to DC1. As more file are deleted, the number of the file will be increased by one (i.e. DC2). The number is an indexing number for the file which will read by INFO2. When the recycle bin is emptied, the INFO2 file will also be deleted and Windows will create a nwe INFO2 file which will reset the number counter into 0. This process works differently in Vista/Windows 7 where the operating system creates a separate record file for each file that is deleted. For more specific details as to how this works in Vista, please refer to:The RECYCLER folder contains a Recycle Bin directory for each registered user on the computer, sorted by their security identifier (SID). Inside this folder you will find an image of the recycle bin with a name that includes a long number with dashes (S-1-5-21-1417001333-920026266-725345543-1003) used to identify the user that deleted the files.
  • S - The string is a SID.
  • 1 - The revision level.
  • 5 - The identifier authority value.
  • 21-1417001333-920026266-725345543 - Domain or local computer identifier.
  • 1003 A Relative ID (RID). This number, starting from 1000, increments by 1 for each user that's added by the Administrator. 1003 means the 3rd user profile that was created.
For more specific informaton about SIDS, please refer to:Once the Recycle bins are empty, the legitimate directories should be empty as well. However, even after emptying the Recycler bin, the RECYCLER folder will still contain a "Recycle Bin" for each user that logs on to the computer, sorted by their security SID. If you delete the C:\RECYCLER folder, Windows will automatically recreate it on next reboot.

If you have never seen the RECYCLER folders on your hard drive and partitions before, you should not be alarmed. The Recycler folder is hidden by default unless you reconfigured Windows to show hidden files and folders by unchecking "Hide protected operating system files" in Tools > Folder Options > View.

Keep in mind that although the RECYCLER folder contains legitimate files, it is also a known hiding place for some types of malware since that folder is hidden by default. However, if your computer is infected with malware, there most likely will be other obvious indications (signs of infection) that something is wrong. Are you having any other issues?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Robfather360

Robfather360
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:16 AM

Posted 01 October 2014 - 09:34 AM

I was able to remove all the viruses. No, the viruses was the only problem with my computer, i appreciate the help thank you. 


Edited by Robfather360, 01 October 2014 - 09:38 AM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:16 AM

Posted 01 October 2014 - 12:10 PM

You're welcome.

:thumbup2: Best Practices for Safe Computing - Tips to protect yourself against malware infection
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users