invalid boot.ini

[sanju786]

we have a network of 40 pc withxp and 2k installed our application one day stuck as ntvdm file needed to run application was not showing application page on screen.
we took a shut down on pcs - after lot of scanning and investigation we found that unknown profile created at the w2k machine with name lm4ku.. we deleted it immediately and some system files appeared on c drive msdos.sys/io.sys/pagefile.sys/ntldr/netdetect.com .
on deleting them from c system says ntldr missing we copied from w2k cd on c and restarted it says invalid boot.ini file .
can some body help??
no virus detected by 11.0/10.1 symantec.
please help

 

[mflynn]

Ok the ntvdm means your App is a 16 bit app. That should not be the issue.

Your issue is:

1. You have someone trying to damage the system either an employee or from outside hacked in.

Did you translate what lm4ku migh mean?

(I am Fu*king you) sorry I don't know from what country you are from.

Just wanted to know if you caught that.

You should unplug the network cable on this station so it don't boot up when fixed and send Malware across the network.

Below is steps to fix it. But you need to know that your entire system may be compromised and take steps to look for this logon plus deep inspection on all stations.

Update all Firewalls Virus scanners and other security measures you have and increase the security.

There are 2 steps to try.

First there may be a boot.int backup in the root of C: boot.bak if so it can be copied to boot.ini.

If the above don't exist or don't work do the below.

Secondly boot from 2K cd choose Recovery console and run Fixboot.

When it boots then you need to use a CD or Flash drive to get Malware repair tools on this computer and check it thoroughly before connecting it back.

We will help you with that.

Let me know.

Mike

EDIT: Saw introduction and now know where you are from!

 

[sanju786]

can i get the malware and virus removal

thanks for advice , i m from india
i need the support or links for the malware and virus removal tool.

if u can help me out please.
also none of antivirus detected any thing , qheal/nod32/symantec 10.1/11

please advise
regards

sanju