Thread: [Question] Recycler Virus
View Single Post
  #11 (permalink)  
Old 07-20-2012, 03:24 PM
mhookem's Avatar
mhookem mhookem is offline
Moderator
 
About:
Join Date: Dec 2006
Location: Chesterfield, UK
Posts: 387
mhookem will become famous soon enoughmhookem will become famous soon enough

Default


Boot into safe mode by pressing F8 during the boot process and select the 'boot into safe mode' option.

When your computer has finished booting, hold down ctrl+alt+delete together and select 'start task manager'.

Click on the processes tab and look for recycler.exe.
Right click and choose to end the process.

Go to My Computer and then go on to your root drive ( ususally the C drive )
( windows 7 ).

Near the top left corner of the window, you should see a button labelled 'Organize'.

Click here and then select the 'Folders and Search' option.

You should have a small window open titled 'Folder Options'.

Click on the view tab and scroll down until you see 'Show hidden files, folders and drives'. Check this button.

Scroll down a little further and you will see 'Hide protected operating system files'. Uncheck this box.

Go into the root drive and look for a folder named 'recycler'.
Open the folder.

If you see any suspicious .exe files that you were unaware of using, delete them, including the recycler.exe file and autorun.inf file.

Hold down the windows logo key and press 'r', this will open the run window.
type in regedt32 to open the registry editor.

Go to 'Edit' and choose 'Find'.

***Enter NoDriveTypeAutoRun and search. You should find the entries in HKEY_LOCAL_MACHINE\SOFTWARE\ and HKEY_CURRENT_USER\SOFTWARE.***

Once you've found the entires you need to right click and modify the data in the right hand window.

This is where you put in 33ffffff and click Ok

Reboot and complete a full virus scan.

If you can remember when you first got the virus check any cd/usb or external drive for the infection as well otherwise you'll get infected again.

Any problems and I'll have my pc on for the next hour or so.



Reply With Quote