Solved Virus on C:\$Recycle.Bin

BryanJames16

BryanJames16

New member
Member
VIP
Local time
3:06 PM
Messages
78
Location
Philippines
Hello! I run an In-Depth scan on my laptop using my ESET Smart Security. And it found suspicious object in [C:\$Recycle.Bin]. The full path for the virus is:
Code: 
C:\$Recycle.Bin\S-1-5-21-2700874334-3120927317-1481833869-1000\$REAV2RD\NERO20131016143800644\ISSetupPrerequisites\opencandy\OCSetupHlp.dll - Win32/OpenCandy potentially unsafe application - action selection postponed until scan completion
After scanning, it didn't clean or quarantine the object. So I have to show hidden and protected files and folders to delete the virus. Unfortunately, I can't go the $Recycle.Bin because the system prohibits my access. What is this file and what should I gonna do to delete this file?
 

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Ultimate 64-bit
CPU
Intel Mobile Core 2 Duo SP9400
Motherboard
Dell Inc. 0MR506 (Microprocessor)
Memory
4.00GB Dual-Channel DDR3 (7-7-7-20)
Graphics Card(s)
Intel Mobile Intel 4 Series Express Chipset Family (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic PnP Monitor (1280x800@60Hz)
Screen Resolution
1280x800
Hard Drives
232GB Western Digital WDC WD2500BEVT-75ZCT2 ATA Device (SATA)
Case
Dell
Keyboard
Dell
Mouse
Dell
Antivirus
ESET NOD32 10
Browser
Google Chrome, Mozilla Firefox, Internet Explorer
Something to try

Open an elevated Elevated Command Prompt: http://www.sevenforums.com/tutorials/783-elevated-command-prompt.html

Type:

RD /S /Q C:\$Recycle.bin

Press Enter

Then right click desktop and choose "Refresh"

That should do the trick but you might need to reboot for it to take effect.


Other than that you might want to start another thread on how to remove all trace of OpenCandy from your machine if you suspect that it hasn't been fully removed.
 

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
Thanks! I tried it! But what happened is it was gone. I mean the folder C:\$Recycle.Bin was now gone on my drive C. I enabled view of hidden files and folders. But it's gone. I try to tick it's folder on my Antivirus. But the folder's really really gone..
I didn't make a restart yet. Will it be back when I restart my PC? Thanks!
 

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Ultimate 64-bit
CPU
Intel Mobile Core 2 Duo SP9400
Motherboard
Dell Inc. 0MR506 (Microprocessor)
Memory
4.00GB Dual-Channel DDR3 (7-7-7-20)
Graphics Card(s)
Intel Mobile Intel 4 Series Express Chipset Family (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic PnP Monitor (1280x800@60Hz)
Screen Resolution
1280x800
Hard Drives
232GB Western Digital WDC WD2500BEVT-75ZCT2 ATA Device (SATA)
Case
Dell
Keyboard
Dell
Mouse
Dell
Antivirus
ESET NOD32 10
Browser
Google Chrome, Mozilla Firefox, Internet Explorer
Refresh Desktop

Did you refresh your desktop?

Refresh Desktop.jpg

Other than that just reboot and a new (empty and reset) recycle bin should be created - unless the problem lies within the recycle bin for a different user!

As for the detection by your AV - just run another scan. If you want help on checking if all remnants of OpenCandy have been removed you'll need to start another thread in Security section where you'll get advice on the tools needed.
 

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
ASUS
OS
Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
CPU
AMD C-60 APU with Radeon(tm) HD Graphics
Motherboard
ASUSTeK COMPUTER INC. X501U
Memory
4.00 GB
Graphics Card(s)
AMD Radeon HD 6290 Graphics
Sound Card
(1) AMD High Definition Audio Device (2) Realtek High Defi
Screen Resolution
1366 x 768 x 32 bits (4294967296 colors) @ 60 Hz
Hard Drives
Hitachi HTS545050A7E380 SATA Disk Device
Antivirus
Comodo CIS & FW, SecureAplus App Whitelisting, Threatfire
Browser
Cyberfox 64bit, Opera 64bit, Airfox
Other Info
Spy-The-Spy, HitmanPro.Alert, Norton Connect Safe, MJRegWatcher, BitDefender TrafficLight, Voodoo Shield, Zemana AntiMalware
I tried refreshing many times earlier but didn't show up. Anyways it's back! Thanks You very much!!
 

My Computer

Computer type
Laptop
Computer Manufacturer/Model Number
Dell
OS
Windows 7 Ultimate 64-bit
CPU
Intel Mobile Core 2 Duo SP9400
Motherboard
Dell Inc. 0MR506 (Microprocessor)
Memory
4.00GB Dual-Channel DDR3 (7-7-7-20)
Graphics Card(s)
Intel Mobile Intel 4 Series Express Chipset Family (Dell)
Sound Card
IDT High Definition Audio CODEC
Monitor(s) Displays
Generic PnP Monitor (1280x800@60Hz)
Screen Resolution
1280x800
Hard Drives
232GB Western Digital WDC WD2500BEVT-75ZCT2 ATA Device (SATA)
Case
Dell
Keyboard
Dell
Mouse
Dell
Antivirus
ESET NOD32 10
Browser
Google Chrome, Mozilla Firefox, Internet Explorer
You must log in or register to reply here.

Similar threads

M
Real time anti-virus that works on r3dfox?
Replies
1
Views
1K
michael diemer
M
R
automatically changes in Drive C free space
Replies
5
Views
2K
DavisHill
D
M
Someone asked on Reddit about my setup, I'm sharing here too :)
Replies
0
Views
1K
midnightrun
M
R
Recovering from a Virus - some advice
Replies
2
Views
2K
Snick
Snick
B
C drive keeps filling up on its own
Replies
13
Views
7K
Paul Black
Paul Black
Back
Top