C:\resycled\boot.com is not a valid Win32 application

I don’t have many encounters with computer viruses. Maybe because of my carefulness when surfing the net or download something. Or maybe it is because the anti virus software is not smart enough to detect the viruses.

I always thought that my anti virus (Avira Antivir Free Edition) had real time scanning, which will at least warn me if something weird happens probably caused by virus attack. I had once tell my friend, that full system scanning is redundant. Shame on me. He is actually right.

I don’t know exactly what virus had affected my system, but it prevented me to view the content of my hard disk from “My Computer”. Every time I double clicked on C:, the error message appeared:

C:\resycled\boot.com is not a valid Win32 application

I suspected that was a virus since “resycled” is wrong spelled. Luckily, it is not only me who had this problem. From the front page of Google Search, I found the solution.

It’s a virus, all right (as you might have suspected due to the misspelling
of “recycled”).

Start Windows in safe mode, then click Start -> Run. Type in regedit and
click okay.

Now at the top of the registry editor, click Edit -> Find. Type boot.com
and click Find Next. Every time it finds a new boot.com, press the delete
key and then enter. It should find a dozen or so copies.

Now, plug in any external drives or flash drives you have used with this
computer. Open My Computer. Click Tools -> Folder Options -> View and
select “Show Hidden Files and Folders” and click okay.

For each drive, open it and delete the “resycled” folder and autorun.inf.
Back up each autorun.inf before deleting them off external drives, because
they might be important.

Restart the computer and the problem should be gone.

Source:[link]

Strangely enough, I could not find any folder named “resycled” and autorun.inf file. I thought doing the registry part was enough, but it wasn’t. After the registry fix, I did a full system scan and Antivir did actually find four viruses. All of them were then deleted.

After restarting, the problem still was not solved. I looked at the registry again, the boot.com entries were still there. After repeating the steps for few times with no success, I decided to format my C: and do a fresh installation of Windows XP. Before that I need to make a copy of my important files on C:. While copying I noticed one more strange thing on my system. To copy 1GB files, it took about 30 minutes. That was crazy. I do have USB 2.0!!!. Even with USB 1.1 it would takes only about 11 minutes.

Having no patience to wait, I booted the computer to Ubuntu (fortunately, I still don’t get rid of Ubuntu from my system) and copied the files from there. While browsing the files, I did realize that the folder “resycled” and file “autorun.inf” did actually exist. But how can these two files be invisible in Windows XP? I did tick the option “Show hidden files” in Folder Options setting.

After those folder and file were deleted, I booted back to Windows and everything runs normally. Ubuntu did save my precious time from formatting and reinstalling Windows. Lesson of the day, always do a full system scan. Better safe than sorry.