Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win 7 boot error


  • Please log in to reply
3 replies to this topic

#1 ironlemon

ironlemon

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 15 July 2011 - 02:00 PM

Hi there,

Here's my problem. Yesterday, while I was working with MS Excel, suddenly my Win7 (64 bit, Professional) rebooted itself, and after restart it failed to boot again. Just after showing the loading screen it jumped to error page:

“Status: 0xc0000225
Info: The boot selection failed because a required device is inaccessible.”

Booting to safe mode also failed. I tried to work it out with the Windows installation disc utilities. Running chkdsk (with /b, /r or /f parameters) from the command line did no justice. I also tried to do the automatic recovery at least 8 times and the results were mixed. It either said that the problem has been fixed, but after restart I got the same booting error, or it said that the problem is beyond its repair capabilities.

So my next step was to check the logs of these repair attempts and they've shown that the problem lies within C:\Windows\System32\ci.dll file. I read somewhere over the internet that it's probably the result of TDSS infection and it requires to start windows with driver signature enforcement disabled and run TDSSkiller.exe. That way, I was finally able to boot my system, but there was another surprise - I was unable to open any application (including TDSSkiller.exe, of course). I've tried everything without any success:
- changing the name of the file or its extension to .com
- fixing my registry entries related to .exe and .com extensions
- running file from different drives and directories
- running other malware and rootkit detection/removal utilities, including FixTDSS.exe, GMER, etc. None of these apps would ever run.

What's surprising, I managed to open my 64-bit Internet Explorer 9 (Opera or Chrome cannot start up, like the other 32 bit apps. I've also managed to run 64-bit Windows Media Player, so maybe the problem only affects 32-bit apps?), so my first reaction was to try out some online virus scanners. Unfortunately, most of them could not run. The only one that worked was BitDefender and it found a few minor infections, which I promptly removed, but they didn't seem related to the problem, as it changed nothing.

I don't know if it's anyhow related, but last week I've been infected with Windows Antivirus 2012 malware, but I got it removed and had no further symptoms of it.

Any help would be greatly appreciated.

EDIT: My typo: it was of course ci.dll, not ai.dll, just changed that.

Edited by ironlemon, 15 July 2011 - 02:13 PM.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:10 PM

Posted 15 July 2011 - 06:00 PM

Welcome aboard Posted Image

With the information you have provided I believe you will need help from the malware removal team.
Please make sure that you read the information about getting started first.
Then start a new thread HERE and include or required logs.
Including a link to this thread will be helpful.

Good luck and be patient. Help is on the way!

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 ironlemon

ironlemon
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:10 PM

Posted 16 July 2011 - 06:29 AM

Hi,
Thanks for the reply :) I guess I was a little to quick with asking for your help, as it looks like I've managed to solve the problem. I've downloaded Kaspersky Recovery Disk and it detected and removed TDSS rootkit right away. All systems go :)

Anyway, this is my first time posting on this board and I'm very surprised with how quick you respond, so I'll surely know where to look next time I have any issues!

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,707 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:02:10 PM

Posted 16 July 2011 - 10:46 AM

Very well :)

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users