Recycle Bin claims it's empty, but it's actually not

Apr 17, 2008 12:54 GMT  ·  By

Antiviruses are surely some of the must-have software solutions these days when viruses are everywhere hunting for vulnerable computers and unprotected systems. However, there are cases when up-to-date antivirus can prove to be useless. And no, I'm not talking about the cases when an antivirus manufacturer didn't integrate protection for an infection but about those Recycle Bin infections which are totally hidden of the users' eye.

In case you don't know what I am talking about, find out that there are some viruses/variants of malware which are hidden in Recycle Bin. What's interesting is actually the fact that even a user enters Recycle Bin, he can't see a thing and all he gets is actually a message informing that "there are no items in the Recycle Bin."

"Microsoft Windows Explorer might make things look nice and easy to do, yet its trickery is often well utilised by malware authors. Take for example your typical SillyFDC worm. During installation one of the places it will copy itself to is the Recycle bin; now most anti-virus products will happily detect it there, however if you're hunting for an active infection you may be surprised to find the Recycle bin devoid of malware (despite it being there)!" Pete of Sophos explains on the security company's blog.

So, "how can we see the infection files?" you may ask. Well, the solution is easier than what you expected. All you need to do is to open Command Prompt, navigate to Recycle Bin, type "dir" and press enter. You should be able to see all the files hidden by the malware, which were actually hidden of the Windows GUI.

However, this doesn't reduce the need for powerful antivirus solutions because there are only a few infections which rely on Recycle Bin. So, keep your antivirus up-to-date and, in case you think that there may be something hidden in your Recycle Bin, don't forget to use the simple features Command Prompt has to offer.