Video Screencast Help

Virus Alert: C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\svchost.exe

Created: 22 Nov 2008 • Updated: 21 May 2010 | 1 comment

Hello,

 

I was wondering if you would have any idea what I should do about the virus alert I received when I connected a USB key to my computer running with Windows XP? I only receive these alerts when I connect a USB key.

 

Thanks.

GM

 

Scan type:  Realtime Protection Scan
Event:  Virus Found!
Virus name: Trojan Horse
File:  C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\svchost.exe
Location:  C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013
Computer: 
User: 
Action taken:  Clean failed : Quarantine failed : Access denied
Date found: Saturday, November 22, 2008  11:00:52 AM
 

Comments 1 CommentJump to latest comment

dhavalpandya's picture

Even latest Symentec Endpoint Protection MR4 is unable to delete it, the only way to delete this virus is

1> set your system to show hidden and system files.

2> open Taskmanager

3> kill all explorer.exe process 

4> click on newtask button and go the C:\

5> delete recycler folder ( you will not be able to delete this folder when explorer.exe is loaded)

6> if you have multiple drive do the same for other drives.

7> do not load explore.exe yet

8> open regedit from newtask button.

9> find key c:\recycler and delete it(you will find c:\recycler\s-????\svchost.exe or  service.exe)

10> find all the keys and delete it.

11> load explorer.exe now.

 

this will remove this virus from you PC but its temperary basis as no antivirus software is able to delete it.

Best way to save your PC from infection is never open drive by double click on it, because its loads autorun.inf file during this, insted open drive in folder view and select drive from leftpane to open it.

 

I hope this will solve your problem temperary...

Message Edited by dhavalpandya on 02-15-2009 12:23 AM