Multiple Programs – BOOT.EXE and BOOT.INI

When you turn on your computer, you start a process of loading and launching files. This is often referred to as "booting up". So files called boot.exe and boot.ini are most often responsible for loading or launching Windows or another program.

If you run WinPatrol 10.x or later, you may see a file called "boot.ini" listed in the Hidden Files folder. It will be located in the root folder of your hard drive, usually c:\. This file is safe normally runs as part of your system's boot up process.

Unfortunately we also found many malicious instances of boot.exe:
Boot.exe installs with Troj/Puppet-A. This virus places files called boot.exe and rtl60.bpl into your Windows\System folder. These files run on system startup and can allow a remote user to access your system via an IRC chat channel. More information can be found at http://www.sophos.com/virusinfo/analyses/trojpuppeta.html.

Boot.exe also installs with the W32.Elem.Trojan. Files called element.txt and element.ico may also appear on your system. This file is often installed with the KaZaA P2P service software. It may also try to pass itself off as a key generator. This Trojan overwrites Windows operating system files with zero byte files using the same names. A complete list of files and clean-up instructions can be found at http://securityresponse.symantec.com/avcenter/venc/data/w32.elem.trojan.html.

We'd recommend removing these files using WinPatrol. First, kill them under Active Tasks then remove them from your Startup Programs. If running WinPatrol 8.x or later, right click each file and select "Delete file on Reboot".

Remove if Virus