Recycled virus

March 14, 2007 at 20:21:45
Specs: all windows, all
In my pen drive there was a folder called Recycled. The right click open menu looked like open(0). After clicking on that open(0) all my hard partitions' right click open menu came like open(0). I want to get rid off this virus. Some body help me.

See More: Recycled virus

Report •


#1
March 15, 2007 at 09:04:08
What OS are you running? Have you tried a Restore? Is there any other strang behavior?

Life's more painless for the brainless.


Report •

#2
March 15, 2007 at 14:51:14
OS: all windows
CPU/Ram: all
Manufacturer/Model: all

... very helpful. Those fields are to be filled in with the specifications of the machine in question, for best results

The presence of a recycle bin on a Windows drive is pretty standard - have you performed any virus scans??

I'm not one of those who think Bill Gates is the devil. I simply suspect that if Microsoft ever met up with the devil, it wouldn't need an interpreter.


Report •

#3
March 19, 2007 at 07:58:34
I use XP. I tried all AVG,Norton,Mcafee. No use. It is not a recycle bin related stuff. It's name is shown as recycled. When you try to open a pendrive in an affected computer, this virus nicely get in to the pen. when you take it home and double click on the pen drive,your computer also affected. It seems harmless, But i dont think it is wise to let it be there. Thats why i needed your help. I can send you some of the screen shots.

Report •

Related Solutions

#4
March 20, 2007 at 06:35:52
I'd like to see the screen shots...

Life is more painless for those who are brainless.


Report •

#5
March 28, 2007 at 03:03:11
try scanning with Kaspersky


Report •

#6
May 16, 2007 at 07:45:32
Run 'regedit'
Search repeatedly for the string "open(0)" deleting ALL subkeys under
Software/Microsoft/Windows/Currentversion/explorer/MountPoints2
that contains the string "open(0)"

There will be one for each drive, flash stick, or network share that has this problem

Close and re-open explorer and you should find the problem has gone


Report •

#7
May 23, 2007 at 15:14:47
all my drives were infected by the open(0) virus..i could only open them by right clicking them and clicking on open since the default value was open(0).
i tried the regedit method mentioned above and the first time it ddnt work fine but when i patiently removed all files its working fine...also it is somehow related to ctfmon.exe trojan.


Report •

#8
June 1, 2007 at 22:14:59
Hi I have attached some screen shots in the following URLs I hope they can help a bit more!I tried above methods but not found helpful. In some affected computers I couldn't find "Software/Microsoft/Windows/Currentversion/explorer/MountPoints2"

So somebody help pls!

http://aycu31.webshots.com/image/15...
http://aycu31.webshots.com/image/15...
http://aycu16.webshots.com/image/17...
http://aycu37.webshots.com/image/15...

Have a nice time


Report •

#9
June 4, 2007 at 06:40:13
Hi! I found out the way to get rid of that virus. here you are....

1. Go to command prompt.
2. Type CD\ in drive C to go the root directory
3. Type DIR /AH and press ENTER key. This will display all hidden files in your drive C
4. If you see a file AUTORUN.INF and a folder Recycled, then your system is infected.
5. Try doing this to your USB drive and check if your USB stick contains the same folder and AUTORUN.INF, if it does then your system is really infected.

To remove it download and install a trial version of Trendmicro and scan your system.

To manually remove it follow the following steps (This is the step I take when i repair my computer without an internet connection. Note you should understand what you're about to do, you try it at your own risk!)

1. Boot your system in Safemode
2. Go to command prompt, in Drive C do the following commands.
3. Type -> ATTRIB -H -R -S AUTORUN.INF then press enter
4. Type -> DEL AUTORUN.INF then press enter
5. Type -> ATTRIB -H -R -S Recycled then press enter
6. In Windows Explorer in Safemode, remove the folder Recycled in drive C use Shift-Delete to delete the folder.
7. Repeat Step 3 to 6 for all drives of your system including the USB drive.
8. Search for CTFMON.EXE in your system using the Search of Windows found in Start Menu. If you find a file that is not located in C:\WINDOWS\SYSTEM32, delete it immediately. Dont forget to empty the recycle bin afterwards (Usually the virus will copy itself in the Startup folder of the Startmenu. Check if the file is present there and delete it then.)

To disable autorun of drives (i.e. everytime you double-click a drive or cd or usb, it is auto open) follow the following step:


1. Click Start->Run->type REGEDIT.EXE
2. Go to this key from the register HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
3. Look for the entry NoDriveTypeAutoRun, double click the entry
4. Type a new value : 03ffffff for the NoDriveTypeAutoRun and press ENTER
5. Reboot the system.

Good luck everyone!


Have a nice time


Report •

#10
June 18, 2007 at 08:51:31
hey dude please browse the link..
http://antivirus.about.com/library/...

the worm is named sircam and spreads through emails. even i had the same prob with my comp


-jebarson007@gmail.com


Report •


Ask Question