Examining and Recovering Files in the Recycle Bin
Raz-Lee has implemented a recycle bin for the IBM i. Files that are to be deleted are copied first to another location on your system where they are temporarily preserved. This provides an added layer of protection against some (but not all) ransomware variants that delete files before replacing them with encrypted versions.
Anti-Ransomware must be active for the Recycle Bin to work.
Enabling the Recycle Bin
To use the recycle bin, enter 25 from the AntiVirus & AntiRansomware (ATP) Configuration screen (STRAR > 81). The Anti-Ransomware Protection Setting screen appears.
| Anti-Ransomware Protection Setting 11/02/25 12:37:09 RLDEV Recycle bin active . . . . . Y Y=Yes, N=No Anti-Ransomware must be active for this operation. Objects on IASP cannot be recycled. No warnning message is provided. Keep data in Recycle bin for. 4 Days, 9999=*NOMAX The Recycle bin may not help against Ransomware. Ransomware often use methods to prevent this. It is strongly recommended that you always keep good backups. F3=Exit F12=Cancel |
To activate the recycle bin, set the Recycle bin active field to Y.
To deactivate the recycle bin, set the Recycle bin active field to N.
The Keep data in Recycle bin field determines the number of days for which files are kept in the bin. To keep them indefinitely, set the field to 9999.
NOTE: Keeping too many files in the bin for too long a time can consume a large amount of disc space.
Viewing the Recycle Bin
To view the contents of the recycle bin, select 12. Work with ReCycle Bin from the Anti-Ransomware main screen. The Work with Recycle Bin Files screen appears:
| 595 Files, sorted by TIME Work with Recycle bin files Subset . . Type options, press Enter. 1=Select 2=Restore 4=Delete 5=Display 8=Display attribute Opt Time User Object Path 13/08/20 14:58 SLAVA 2016.xlsx /atptest/2016.xlsx 13/08/20 14:58 SLAVA Budget.xlsx /atptest/Budget.xlsx 13/08/20 14:58 SLAVA Business.xlsx /atptest/Business.xlsx 13/08/20 14:58 SLAVA 2016.xlsx.wncri /atptest/2016.xlsx.wncri 13/08/20 14:58 SLAVA Business.xlsx.wncri /atptest/Business.xlsx.wncri 13/08/20 14:58 SLAVA Budget.xlsx.wncri /atptest/Budget.xlsx.wncri 13/08/20 14:59 SLAVA CLIENT.docx /atptest/CLIENT.docx 13/08/20 14:59 SLAVA codes.csv /atptest/codes.csv 13/08/20 14:59 SLAVA cust.php /atptest/cust.php 13/08/20 15:00 SLAVA CLIENT.docx.wncry /atptest/CLIENT.docx.wncry 13/08/20 15:00 SLAVA codes.csv.wncry /atptest/codes.csv.wncry 13/08/20 15:01 SLAVA cust.php.wncry.WNCRY /atptest/cust.php.wncry.WNCRY 13/08/20 15:01 SLAVA CLIENT.docx.wncry.WNCRY /atptest/CLIENT.docx.wncry.WNCRY 13/08/20 15:01 SLAVA codes.csv.wncry.WNCRY /atptest/codes.csv.wncry.WNCRY 13/08/20 15:01 SLAVA cust.php.wncry /atptest/cust.php.wncry 13/08/20 15:01 SLAVA c_main.php /atptest/c_main.php 13/08/20 15:02 SLAVA c_main.php.WNCRI /atptest/c_main.php.WNCRI More... Recycle Bin cannot be considered a method to use against Ransomware. Keep backups. F3=Exit F13=Repeat F14=Clear repeat F16=Resequence (by cursor position) |
The body of the screen shows information on each file that is currently in the recycle bin.
For each file, it shows:
Time
The date and time that the original file was deleted.
User
The user who deleted the file.
Object
The name of the file.
Path
The path to the original location of the file.
To sort the list by a different field, place the cursor in that field on any line and press the F16 (Shift-F4) key.
To restore a deleted file from the recycle bin, enter 2 in the Opt field for that line and press Enter. The Confirm Restore Recycle bin Files screen appears. Press Enter to confirm restoring the file or the F3 key to exit without restoring it.
To permanently delete a file from the recycle bin, enter 4 in the Opt field for that line and press Enter. The Confirm Delete Recycle bin Files screen appears. Press Enter to confirm deleting the file or the F3 key to exit without deleting it.
To display further information about a file from the recycle bin, enter 5 in the Opt field for that line and press Enter. The standard Work with Object Links screen appears.
To display the attributes of a file from the recycle bin, enter 8 in the Opt field for that line and press Enter. The standard Display Attributes screen appears.
Processing Multiple Files
As with most screens with lists of items preceded by Opt fields, you can select multiple files and work on them as a group. For example, you could enter 2 in the Opt fields for multiple files, then restore them together.
To select groups of items that appear sequentially in the list by using the F13=Repeat and F14=Clear Repeat keys:
- Sort the list by the field (Time, User, Object, or Path) by placing the cursor in that field on any line and pressing the F16 (Shift-F4) key.
- Scroll to the first line where the field by which you sorted is within the range of files that you would like to process together.
- Enter the number for the command that you would like to perform in the Opt field for that line.
- Press the F13 (Shift-F1) key to mark the beginning of the group.
- Scroll to the last item in that range.
- Press the F14 (Shift-F2) key to mark the end of the range.
- Press Enter to perform the action.
- The appropriate screen appears, showing all the items.
- Press Enter to confirm the action or the F3 key to cancel it.
For example, to restore all files that had been deleted by the user BOB:
- Sort the list by the User field by placing the cursor in that field on any line and pressing the F16 (Shift-F4) key.
- Scroll to the first line where the User field has the value BOB.
- Enter 2 in the Opt field for that line.
- Press the F13 (Shift-F1) key to mark the beginning of the group.
- Scroll to the last line where the User field has the value BOB.
- Press the F14 (Shift-F2) key to mark the end of the group.
- Press Enter to restore the files.
- The Confirm Restore Recycle Bin Files screen appears, listing all the files deleted by BOB.
- Press Enter to confirm restoring them.