about Windows viruses in Recycler
 

Hi,
i did a scan using Symantec Antivirus in a Windows 2003 system and found some pretty interesting stuff living in the RECYCLER folder. They were all quarantined immediately. The "Delete Permanently" option however returned a message:
"Symantec Antivirus cannot perform this action on 1 file or the files selected. Possible causes:
-the files have been moved or deleted
-the computer they are located on has been turned off
-you are trying to clean files located in an e-mail message".


I know the RECYCLER is an NTFS folder created for deleted files -from the recycle bin.
Are these viruses install themselves in the RECYCLER directly? How have they been found there? What can i do to remove them from there?

Although there is plenty discussion on the Internet about that,some more specific and good links may help.

Thanks!

The obvious way to get rid of them is to empty the recycle bin.

Items which are in the recycle bin are not moved when you place them there. Only the directory entry is changed.

It sounds like there is a folder called "Recycler", I don't think he is talking about the recycle bin. Could you name some of the files or the location of this folder?

No, the obvious solution to this problem is to give Symantec its traveling papers!

"Anti-virus" vendors have made wads of money by calling the thing that they are fighting ... "viruses." It sounds so dammed biological. After all, we all fight-off "the common cold" every now and then, and we all know that those are caused by "viruses," so I guess we assume that somehow the contrivances of electrons and silicon that we spent far-too-much time in front of must somehow get snotty-noses too?

Well, all I can say is, the concept of it sure did make a pot-load of money for Mister Peter Norton!

But it ain't true.

Here's the bottom line: you cannot keep "rogue programs" from coming to your door. You cannot even stop them from wandering inside when you're not looking! But you can make sure that, if he tries to do anything nasty... he's dead.

In all these years, Microsoft Windows still clings to the idea that "everybody runs as Administrator," and I am cynical enough to be sure that Mister Peter Norton is a very big part of the reason why. I say this because, from an engineering point-of-view, it makes no damm sense at all. Which is precisely why Apple doesn't do it. Which is precisely why Apple (and Linux...) is having such a field-day with Windows. (An operating-system that, by the way, does not deserve this bad-rap.)

I think I'd rather want to get a virus on windows then type my root password whenever I want to do something in linux.

Too True
 

You keep coming up with these gems of wisdom. Do they grow them that way in Tennessee or is this an acquired skill?

Then you are part of the problem.

What problem? I'll just reinstall windows and not do what I did to get the virus again.

What you said was that you'd rather get a windows virus than type your root password when required in Linux.

I infer from this that you run as root routinely in Linux. If that is true, then you are part of the problem since it is running routinely as root that is the source of the success of most exploits, against both Windows and *nix.

Obviously it comes from the moonshine, which grows underneath toadstools around here.

Not using Vista, eh?

Yea, I know! That's how vista is now these days. XP all the way.

It is interesting that Vista is a departure from usual Windows behavior as Ubuntu is a departure from usual Linux behavior.

With the usual Windows paradigm a regular user and the administrator are totally separated. The Linux regular user "su -" option is heaven in contrast.

So why has Microsoft chosen the path they have for Vista. You must specifically choose to open the command interface as administrator in some cases and you will be notified to approve many other actions. Ubuntu is very similar in that the user is the administrator but must approve actions. Time will tell if the user as administrator/root is useful. It is simply an attempt to make clear some consideration is needed in some instances. Are you receiving a message to approve an action while installing programs or configuring you computer or out of the clear blue sky?

As you may guess I do not have a problem using "su -" on a classic Linux distribution, "sudo su -" on Ubuntu, or choosing to open a program as administrator or clicking a warning notice on Vista.
I fail to see the issue.

The issue is doing either of those, clicking a button or typing a command.
I use XP and I don't need to do either of those.

I fail to see why "I'm the problem".

I think if you are in control of your computer, you shouldn't need to continue to tell the computer you are going to be in charge. You should be in the state of control. You shouldn't need to reassure your computer or whatever the heck you want to call it.