Cannot remove recycler/S-1-5-21-25.....

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

First a question, did you install Timbuktu Pro. It is considered malware. See the following.

http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453076680

You should really look to see if it can be uninstalled via Add/Remove programs.

 

It could be a security risk but it is up to you!

Try the below procedure.

If you are using WinXP or WinMe, make sure you have system restore disabled (per the tutorial).
For all OS types, make sure viewing of hidden files is enabled (per the tutorial).

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O4 - HKLM\..\Run: [Key2] C:\WINDOWS\system\serve.exe
O4 - Startup: I.url

After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to delete:
C:\WINDOWS\system\serve.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\I.url

You should look in each user account for the I.url file. So replace the All Users in the above with each actual user account ID.

If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. If it is, uncheck it and try again. Other wise open Task Manager and kill the process if running then delete the file.

Now run Ccleaner (installed while running the READ ME FIRST).
Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

You did not post the follow up HJT log I requested.

Recycler is you Recycle Bin. The place where all deleted files go. Have you tried using the double clicking on your Recycle Bin icon on your Desktop and then select Empty Recycle Bin. Do this for wach user account if necessary. If this does not work, there could be another hidden problem.

If you cannot empty the Recycle Bin, follow the steps below:

Download: Generic Detection Tool - NT/2000/XP

Extract all the files from the Generic Detection Tool into its own folder.
Then run find.bat. Post the log it creates back here as an attachment. Wait long enough for it to complete. It does take awhile. A notepad window will pop up when finished with the log in it.