BleepingComputer.com: Boot critical file c:\ci.dll is corrupt

I was downloading a file from the internet, about half way through the download the computer shutdown and restarted.

On restart, the computer stated that Windows 7 could not load and started to do a startup repair, which did not succeed.

I opened Startup Repair and Diagnostics and the report log stated:

Boot critical file c:\ci.dll is corrupt.

I have tried system restore at several points and run sfc /scannow, which told me to reboot my computer, but I kept going round in a loop from there.

I suspect that I am infected and would appreciate your help and guidance on this.

Thank you.

Jan Soall

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.

• Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.
  
  
  
• Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.
  
  
  
• Please reply to this post so I know you are there.

The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks

Hi m0le

Really pleased to hear that you are going to help with my problem.

Look forward to working with you.

Jan Soall

Can you boot into safe mode at startup?

Hi m0le

I have pressed F8 on startup and when I selected Safe Mode, the computer did not go into Safe Mode, it said 'Windows is loading files' and then went into Startup Repair.

Startup Repair then reported 'Windows cannot repair this computer automatically'.

It gave two options:

- View diagnostic and repair details (which reported 'startup repair has tried several times but still cannot determine the cause of the problem').
- System Recovery Options (I have tried system restore at various different restore points and it does not make any difference).

Jan

Have you got the Windows 7 disk?

The problem is on a Toshiba Laptop, which did not come with a Windows 7 disk.

Jan

I have an idea that this is an infection which has stopped the PC booting. We have the option of booting the machine with an alternative operating system (a Linux one, called xPUD). The other option would be to go to the manufacturer and ask them how their own system works. The preinstalled operating systems all have different setups so you would need to go to them.

Let's try xPUD first

Try this please. You will need a USB drive.

Download GETxPUD.exe to the desktop of your clean computer

• Run GETxPUD.exe
  
• A new folder will appear on the desktop.
  
• Open the GETxPUD folder and click on the get&burn.bat
  
• The program will download xpud_0.9.2.iso, and upon finished will open BurnCDCC ready to burn the image.
  
• Click on Start and follow the prompts to burn the image to a CD.
  
• Next download driver.sh to your USB drive
  
• Remove the USB and insert it in the sick computer
  
• Boot the Sick computer with the CD you just burned
  
• The computer must be set to boot from the CD
  
• Follow the prompts
  
• A Welcome to xPUD screen will appear
  
• Click on File
  
• Expand mnt
  
• sda1,2...usually corresponds to your HDD
  
• sdb1 is likely your USB
  
• Expand your USB (sdb1)
  
• Confirm that you see driver.sh that you downloaded there
  
• Press Tool at the top
  
• Choose Open Terminal
  
• Type bash driver.sh
  
• Press Enter
  
• If succesful, the script will check all your drivers
  
• After it has finished a report will be located in the USB drive as report.txt

Attach the report.txt for my review

I have followed your instructions and had no problem with creating the boot CD and downloading the driver.sh.

I got as far as the Welcome to xPUD screen on the sick laptop, saw a flashing cursor in the top left-hand corner of the screen, the computer then flashed up a message about Starting Up (I could not read the rest) and then the screen went completely blank and stayed like that until I turned the computer off.

I repeated the whole set of instructions again and created another Boot disk, but it failed at exactly the same place.

I'm sorry but I do not have a report.txt for you to review.

Jan

Let's try an alternative boot disk and see if we get the same result

Let's try to boot your computer using the Ultimate Boot CD for Windows (UBCD4win).

Please print this guide for future reference!

You will need a blank CD, a clean computer and a flash drive.

Please follow the steps below and let me know if you were successful. If you were unable to create the UBCD4win, please tell me what error messages you got and/or what steps you got hung up on.

1. Download and Run Ultimate Boot CD for Windows

• Save it to your Desktop.
  
• Double-Click on the UBCD4Win.EXE that you just downloaded to your desktop.
  
• Follow all of the instructions/prompts that come up.
  NOTES:
  • Do not install to a folder with spaces in it's name.
    
  • Your Anti-Virus may report viruses or trojans when you extract UBCD4Win, these are "False-Positives." Read HERE for information regarding the files that normally trigger AV software.

2. Insert your XP CD with SP1/SP2/SP3 into a CD Rom drive

• Double-Click on UBCD4WinBuilder.exe located in your C:\ubcd4win folder.
  
• Click "I agree" to the Builders License.
  
• Click NO to Search for Windows Installation Files
  
• Make the following selections from the Main Screen that pops up:
  • Builder
    • Source:(path to Windows installation files)
      • Enter the path to the drive where your XP CD is located.
        
      • You can click on the "..." button on the right to navigate to the path as well.
      
      
    • Custom: (include files and folders from this directory)
      • No information is necessary, leave blank.
      
      
    • Output: (C:\ubcd4win\BartPE)
      • Keep the default BartPE
  • Media output
    • Choose Create ISO image
    • Do not choose Burn to CD/DVD
    
    
    
    Please note: If your XP install disc is SP1 then please .....
    
    
    • Disable- DComLaunch Service
      
    • Enable- LargeIDE Fix
      
      This can be done by pressing the "Plugin" button and checking or unchecking the appropriate selections
    
    
    Also note: If you have a Dell XP install disc you will need to follow the instructions here
    http://www.ubcd4win.com/faq.htm#dell
  
  
  3. Click on the "Build" button
  • You will see the Windows EULA message. Click on I Agree
    
  • You will now see the Build Screen. Let it run it's course
    
  • When the Build is finished you can click close, then exit
  
  
  
  4. Burn your ISO file to CD
  
  • Please see HERE on how to burn an ISO to CD.

==========

Next........

From your clean computer..

Please download OTLPE.zip and save it to a flash drive.
http://oldtimer.geekstogo.com/OTLPE.zip
http://www.itxassociates.com/OT-Tools/OTLPE.zip

Double click and unzip OTLPE.zip to its own folder on your flash drive. Name it OTLPE <-- Important!!

==========

Plug your flash drive into your sick computer now and do as instructed below..

==========

1. Restart Your sick Computer Using the UBCD4Win Disc That You Have Created

• Insert the UBCD4Win disc in to one of your CD/DVD drives.
  
• Restart your computer.
  • The computer should choose to boot from the UBCD4Win CD automatically. If it doesn't and you are asked if you want to boot from CD, then choose that option.
  
  
• In the window that pops up select Launch The Ultimate Boot CD For Windows and press Enter.
  • It may take a little longer for the Desktop to appear than it does when you start your computer normally. Just let the process run itself until the desktop appears.
  
  
• Once the desktop appears, you will receive a message asking: Do you want to start Network support?
  • Click on Yes if you want to use the PE environment to get online post your log and reply by way of an Ethernet connection.
  
  
• You should now have a desktop that looks like this:
  
  

==========

Single click My computer from your UBCD4W desktop to navigate to the OTLPE folder that you saved to your flash drive.

Open the OTLPE folder and double click Start.bat.

• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  
• OTLPE should now start
  
  Change the following settings
  • Change Services, Drivers, Standard and Extra Registry to All
  
  
  
  
• Copy and Paste the following code into the textbox. Do not include the word "Code"
  
  

  netsvcs
  msconfig
  safebootminimal
  safebootnetwork
  activex
  drivers32
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %SYSTEMDRIVE%\*.exe
  /md5start
  userinit.exe
  eventlog.dll
  scecli.dll
  netlogon.dll
  cngaudit.dll
  sceclt.dll
  ntelogon.dll
  logevent.dll
  iaStor.sys
  nvstor.sys
  atapi.sys
  IdeChnDr.sys
  viasraid.sys
  AGP440.sys
  vaxscsi.sys
  nvatabus.sys
  viamraid.sys
  nvata.sys
  nvgts.sys
  iastorv.sys
  ViPrt.sys
  eNetHook.dll
  ahcix86.sys
  KR10N.sys
  nvstor32.sys
  ahcix86s.sys
  /md5stop
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /90
  CREATERESTOREPOINT

  
  
  
• Push
  
• A report will open. Save that log to your flash drive. Copy and Paste that report in your next reply.

=========

With your next post please provide:

* OTLPE.txt

Are you having problems?

Yes I am having problems, which I think are related to the Dell Windows XP Professional SP2 disk, which is the only XP disk that I have.

I followed the instructions for using a Dell XP disk as per the link, which was attached 'What steps are necessary when building with a Dell CD'.

At Step 5 I ran the dellregfix.cmd.

The messages that I got from this were:

Running Dell Fix Script
The operation completed sucessfully.
'subinacl' is not recognized as an internal or external command, operable program or batch file.
The operation completed successfully.
Could not find c:\windows\system32\setupreg.hiv.log
Check output to see if there are any errors.

I ran the UBCD4WinBuilder.exe after this and got the following messages at the end


Builder has stopped because there are 2 build errors
ISO image is not created, you must fix the errors!
Building done...
There where 2 errors and 1 warnings

The warning was:
Warning: building from an OEM version of Windows can mean trouble...

The errors were:
Loading: C:\UBCD4WIN1\BARTPE\I386\SYSTEM32\setuphiv
Error: loadKey() failed:

Error: closeHive() failed: RegUnLoadKey (key="PEBuilder.exe-C:/UBCD4WIN1/BARTPE/I386/SYSTEM32/CONFIG/petmphive") returned error 0: Access is denied.
Error: DeleteFile() "C:\UBCD4WIN1\BARTPE\I386\SYSTEM32\CONFIG\petmphive" failed
Error: DeleteFile() "C:\UBCD4WIN1\BARTPE\I386\SYSTEM32\setuphiv" failed

I have a copy of the whole log file from UBCD4WinBuilder.exe, if you would like me to copy into a reply.

I have tried the above processes twice with the same results.

Quote

The utility we are trying is not compatible with Dell due to the way they build their machines. The OEM (Original Equipment Manufacturer) is their own preinstalled system and it doesn't work the same way as Microsoft originally built their systems to be installed when bought. Dell does request that you make a recovery disk - a box pops up semi-regularly - but if you did not make a recovery disk when the system repeatedly asked you to then your only way out of this has been blocked. I recommend that you contact them and ask them what alternatives you have.

The sick computer is a Toshiba laptop, not a Dell machine.

The reason why I was trying to use a Dell XP disk was because I have not got a Windows XP Service Pack disk that I can use. I may have misunderstood but the instructions that you sent gave the option to use a Dell XP disk.

I can access the Command Prompt on the Toshiba laptop, if that would be of any help.

Yes, you misunderstood. That's if you have a Dell.

Quote

The problem is that you haven't got an XP disk for the machine. The same problem applies though, without a XP disk or recovery disk you cannot repair the machine. You will still need to contact Toshiba and let them tell you your options. Some companies will send out disks while others will offer you a factory reset. Let me know what they suggest.