• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 10338
  • Last Modified:

c:\resycled\boot.com is not a valid win32 application

when I click on any drive in "my computer", It does not open but I get this message "c:\resycled\boot.com is not a valid win32 application" I am however, able to right click on them and use the explore feature.
this is a fresh windows install. XP sp3.
0
jazzymel
Asked:
jazzymel
  • 2
1 Solution
 
JoWickermanCommented:
Hi jazzymel,

This is a virus:

resycled/boot.com is a worm that propagates on local fixed and removable USB drives. resycled/boot.com may infect drives via autorun.inf file it created that runs a command each time the drive is accessed. Malicious files will be copied to a drives attached on infected computer.

Aliases:
Trojan Horse SHeur.CODS

Risk Level: Low

File Size: Varies

Affected System: Windows

Symptoms:
1. Appears a message resycled/boot.com is not a valid Win32 application
2. Presence of autorun.inf files on root of drive

How to remove:

1. Download Malwarebytes Anti-Malware (mbam-setup.exe) and save it on your Desktop.
2. After downloading, double-click on mbam-setup.exe to install the application.
3. Follow the prompts and install as default only
4. Before the installation completes, check on the following prompts:
- Update Malwarebytes Anti-Malware
- Launch Malwarebytes Anti-Malware
5. Click Finish. Program will run automatically and you will be prompt to update the program before doing a scan. Please update.
6. Scan your computer thoroughly.
7. When scanning is finished click on the Show Results
8. Make sure that all detected threats are marked, click on Remove Selected.
9. Restart your computer.
0
 
rpggamergirlCommented:


Run either one of these tools, it will delete the bad autorun inf in each partition..
1.  Download and run this tool and follow the prompts:
http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe


2.  Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
0
 
jazzymelAuthor Commented:
Great, it worked!!!!!!!!
0
 
rpggamergirlCommented:
Glad to know the issue is now resolved.
Thanks for the points and the grade!
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now