the recycler virus particularly come from pendrives,ipods,mp3 players etc.....which effects our folder's hidden and read only options....so to remove this virus I've got a lengthy,yet a very effective process..
1>restart your PC in safe mode {by pressing the F8 key constantly when the PC is restarted}
2>then run an anti-spyware check...for eg.download MALWAREBYTES ANTIMALWARE [its free]
3>run a complete anti-virus scan
4>clean up your system registry by downloading-- REG SEEKER
5>restart.....
[NOTE]:AFTER THIS PROCESS NEVER OPEN YOUR PENDRIVES OR ANY REMOVAL DRIVE,INSTEAD FORMAT THEM AND THEN OPEN......
Removing the Recycler.exe virus please follow the steps below…
Reboot your computer into Safe Mode, this is important as this is a memory resident virus. Do this by pressing F8 as the machine boots up and select safe mode from the DOS menu. Once in Safe Mode, press enter to stay in safe mode, you don't want to go to Recovery.
1. Open up windows explorer, Start>Programs>Accessories>Explorer
2. Go to (In Vista press ALT to display menus) Tools>Folder Options>View>uncheck the items below: 1>display the contents of system folders
2>hide extensions for known file types
3>hide protected operating system files(Recommended) Leave the other items as they are.
3. Press Apply>OK.
4. Leaving windows explorer open,
navigate to the root of the C:\ drive and remove AUTORUN.INF and any files that end in *.CMD and *.BAT excepting for AUTORUN.BAT and COMMAND.COM which are legacy files you may or may not have. Now go to C:\Recycler and remove anything located in the folders that look like recycle bins, if you are on a network there will be more than one.
5. Delete all instances of the virus on your disk. There are two or three variants of this virus, some put a file in the windows directory named SVHOSTE which is a hidden file - search for this and delete it.
6. Remove from Registry. Open Registry Editor.
Click Start>Run, type REGEDIT, then press Enter. In the left panel,
double-click the following: HKEY_LOCAL_MACHINE>SOFTWARE>Microsoft>Active Setup>Installed Components
In the left panel, locate and delete the key: {08B0E5C0-4FCB-11CF-AAX5-90401C608512} Close REGEDIT and click on Start>Run or on Vista just type in the search box MSCONFIG and press enter.
Click the startup tab and uncheck any misspelt entries such as Microssoft and Norrton, also take into account the command of this startup entry, navigate to where these files are located and delete them from your disk. Format any memory sticks you have used with this machine by going into explorer, right click on the disk and clicking format. Once Formatted reboot your virus free machine.
No comments:
Post a Comment