I did some reaches, and I know "Desktop.ini" and "Thumbs.db" files are hidden files for view customizations, and I know they should be safe files and I can delete them. Also, I know if I turn off "show hidden files" they will be gone (but we know they are not really gone, they are just invisible).
However, I never saw it before, until I installed a fake application. After that, almost every single file (even the subfiles) in my computer contains these two files, especially "Desktop.ini". Worse, these two files try to copy themselves to any plugin device and media. For example, when I insert a CD into my CD-ROM the system says "desktop.ini is ready to write into the CD," and almost every flash drives contain these two files after plugged into my computer.
I tried to use anti-virus software to kill and remove these two files such as Kaspersky and Mcafee, but both of them reported that my computer was good after I did a whole drive scan. But I was sure that these two files were the virus, otherwise, it would not copy them self to other file and I should see them before I installed that fake application. So, decided to reinstall my entire OS system (format the internal hard drive and reinstall again).
Now, these files are gone even I turn on "show hidden files." However, few days ago I insert a CD again, and the system still says "desktop.ini is ready to write into the CD," (but flash drives have not contained these files again after I plugged in) . So, after I turn on "show hidden files" and "Hide protected operating system files", "Desktop.ini" is showing up again (the "Thumbs.db" is in some of the files but not every file). This time, they are not in my every single file but the majority files such as "Desktop", "Downloads," and "My Documents"
Sorry, I write too much description, but it is really driving me crazy and I really want to make sure these two files are the virus or not now? If they are, how can I get rid of them? My computer is Windows 10.
Answer
Are these two files virusses? No. They're a byproduct of whatever you installed.
Desktop.ini is a file that contains extra information for that specific folder, such as its view settings and sort etc.
Thumbs.db is a small database containing all the thumbnails generated when you use one of the thumbnail views (thumbnails, extra large icons, large icons, medium icons, etc)
It is my conclusion that the program you installed alters explorer to show this info. You need to specify more about this fake application that you installed, but it could be a toolbar that nests itself into your explorer.
No comments:
Post a Comment