• Blogging
  • Freebies
  • Freeware
  • How-To
  • Make Money Online
  • Mobile
  • Home >> Microsoft >> How to Remove C:\resycled\ntldr.com worm

    How to Remove C:\resycled\ntldr.com worm

    Last week, i was searching for a tool on Google and found one site. The tool on that site appeared to be a valid one. I downloaded and executed it because, i had confidence on Kaspersky Antivirus.

    But that decision was very bad. Kaspersky Anti-virus didn’t catch this worm and i paid the price for nearly 2 days.

    The very next day, i was confronted with a wierd problem. Whenever i tried to access drives from my computer, I was getting the following error:

    c:\resycled\ntldr.com is not a valid Win32 application


    Cannot open all you drive using double click

    I knew that this problem is because of that tool i installed. I also knew that autorun.inf files were created on root folder of all my drives. The autorun.inf had an entry to execute c:\resycled\ntldr.com.

    This worm spreads when any type of removable drive is inserted into a computer.

    My Laptop was immediately infected because, Samsung HM320JI External Hard Drive is always connected.

    How to get rid of C:\resycled\ntldr.com error / virus / worm

    There may be several ways to remove this worm, but i will list two methods here. I followed the first method to remove the worm. I advice you to use the first method. If it doesn’t work then go for the second method.

    First Method to remove C:\resycled\ntldr.com error / virus / worm

    1. Please Download MalwareBytes from any of the locations:MalwareBytes 1 MalwareBytes 2

    2. Install Malware Bytes
    3. During the installation process, it will ask you to Update Malwarebytes ‘Anti-Malware and Launch Malwarebytes’ Anti-Malware, Check that option and then click Finish.
    4. If an update is found, it will download and install the latest version
    5. After the tool is installed, open the tool and select “Perform Quick Scan”, then click Scan.
    6. Wait for the scan to complete, when completed check the results.
    7. Make sure that everything that is detected is checked for Removal.
    8. After malwares are removed, a log is generated and is opened in Notepad and you may be prompted to Restart. If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.
    9. The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

    I was able to remove C:\resycled\ntldr.com using Malwarebytes

    Second Method to remove C:\resycled\ntldr.com error / virus / worm

    1. Boot Windows using safe mode (when computer is booting. Press F8 and select Safe Mode)
    2. After desktop Appears, Open Task Manager and Kill ntldr.com process
    3. Check for the following files and folders and delete them C:\resycled\ntldr.com
    4. Open the Registry ( Click Start->Run… and type Regedit.exe and hit Enter )
    5. Remove or Delete following Registry Values: ntldr.com,

      To easily find the key, Please Use ‘Ctrl+F’ and search all the keys.

      Make sure you are sure of what you are doing. If you delete some other valid key, your System may become unstable

    I hope that you were able to “Remove C:\resycled\ntldr.com worm”.

    If you have any doubts or more suggestions, please leave a comment. I will be happy to assist you.

    IMPORTANT: This blog welcomes Guest Bloggers, Writers to also contribute by writing Guest Posts and also Make Money!. Check out our Revenue Sharing Program
    1924 readers are already subscribed to this blog! Why don't you be one of them? Subscribe to this blog via your favorite RSS feed reader or by entering your email address on the form below:


    1. Paul says:

      My girlfriend had this on her computer, and I had to try to get it off for her. It was a huge pain in the ass.

    2. I’m glad you were able to remove it, Nihar. It seems that this will be difficult for non-tech types to remove as both set of instructions are a little scary.

      Would using a restore point from before you had installed the crack have also worked?

    3. I reduce the space devoted to restore points to only about 4% but I don’t disable them. I’ve only needed to use it once though so maybe I don’t really need them.

    4. Nice trick, I’ve tried this trick, It worked. Thanks Nihar 🙂

    5. Donace says:

      …so what crack was this :p

      But yes restore points are very useful and while all AV’s are not ‘fool proof’ due diligence is also a very good ‘protection’ mechanism.

    6. Jonny says:

      You could have tried the tool from here also:

      Malware Bytes is a great tool though- it has removed lots of stuff from computers I have fixed. 🙂

    7. visayasdarts says:

      How about the files afected by this malware, which became invisible or masked? Did you able to make it visible again? How did you do it?

    8. LANlord says:

      Restore points don’t cure everything. (in fact they dont cure much at all). it is easy for a virus to corrupt them. i once had to get rid of a virus that actually his in the restore point files.

    9. Nihar says:

      @visayadarts, Malware takes about this.

      @LANlord, I don’t use restore points. It slows down the computer. I disable it.

    10. Vikram says:

      My friend had this virus – he finally formatted his drive to remove it. neways thanks for the post. ya i gree restore points slows pc and keep eating MB’s on every software install/install.

    11. Just wondering if any other antivirus programs could remove that worm/virus?

    12. Atul says:

      thnx for this post. I faced this issue once in mine frnds pc. dnt remember what we did 🙂

    Leave a Reply

    page counter
    NiharsWorld on Twitter NiharsWorld on Facebook NiharsWorld RSS Feed