Virus Recycler.exe

picked up this virus..... saw many vairing posts....
Is there anyone who has had experiance with this virus...? It opens a hidden file on my C drive and could not be found by Symantec c:recycler ? Any help would be appereciated..!!
quertenAsked:
Who is Participating?
 
Mohammed HamadaConnect With a Mentor Senior IT ConsultantCommented:
If you can restart your computer to Command Prompt Mode
You can just Delete the file manually by typing
cd\
del /f /s recycler.exe        (First Command)
RD /q c:\RECYCLER

The first command will delete the recycler.exe file from all your Directories.
The second one will delete the Recycler bin folder from your C:\ drive and it will just be empty from any files.

Try this and hope it works

0
 
jckingjcCommented:
Hi querten,

All you need to remove Recycler.exe.

http://www.greatis.com/appdata/d/r/recycler.exe.htm
0
 
jckingjcCommented:
0
 
rpggamergirlCommented:
Try any of these tools and show us the logfiles.

1.  Download and run this tool and follow the prompts:
http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe 

2.  Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

 
Or, MalwareBytes:
Download Malwarebytes' Anti-Malware to your desktop. check for Updates before scanning.
http://www.malwarebytes.org/mbam.php
0
 
bRvOCommented:
we had this one , you want to check your system32 drive for 3 hidden alpha numerical folders and remove

check to see if there's an alphanumerical process something like 1EDF2K.EXE running and end task.

also check %userprofile%\Local Settings\Temp\E_N4\ and delete this folder.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.