Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

boot.ini deleted every time Windows boots

Posted on 2009-05-05
4
Medium Priority
?
3,174 Views
Last Modified: 2012-08-13
AVG and Kaspersky don't see any infections. Nothing suspicious in startup/Hijackthis. Bootcfg /rebuild will recreate the boot.ini then Windows will boot once, but when I get into Windows there is no boot.ini. So of course if I reboot I get the HAL.DLL error due to no boot.ini. Even made a boot.ini on another system with only read permissions and still got deleted. Anyone seen a virus that does this or know where the line might be that is deleting it? Searched registry, win.ini, and system.ini.
0
Comment
Question by:DominionTech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 7

Accepted Solution

by:
spamster earned 1500 total points
ID: 24306360
I've never ran across this, but I would try disabling all non-Microsoft services and startup items (msconfig) and then reboot to see if it still gets deleted. That would rule out a rogue service or most startup apps.
0
 
LVL 2

Expert Comment

by:FatManc
ID: 24306512
Have you checked the event log for hardware errors? Perhaps run a chkdsk to ensure the integrity of the drive too.

Thanks
John
0
 
LVL 15

Expert Comment

by:tntmax
ID: 24306615
Yeah, we just had someone who kept losing a different file each boot, and it was due to a dying hard drive.
0
 
LVL 2

Author Comment

by:DominionTech
ID: 24306850
Found it! ASKUpgrade service. Was hiding itself from Hijackthis. Disabled it in msconfig(thanks spamster) and now boot.ini is still there when I reboot. Couldn't find very much information on the service, even reported as non-malicious toolbar... But after svchost spiked the CPU to %100 I knew it had to be a service. Going to see if Spybot or Malwarebytes detects and traces of it. Why would spyware toolbar want to delete boot.ini? Sort of defeats the purpose if you can't boot....
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Migration of Exchange mailbox can be done with the ExProfre.exe tool. But at times, when the ExProfre.exe tool migrates the Exchange Server user profile, it results in numerous synchronization problems. Synchronization error messages appear in the e…
Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

661 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question