Here's my problem. Yesterday, while I was working with MS Excel, suddenly my Win7 (64 bit, Professional) rebooted itself, and after restart it failed to boot again. Just after showing the loading screen it jumped to error page:
Info: The boot selection failed because a required device is inaccessible.
Booting to safe mode also failed. I tried to work it out with the Windows installation disc utilities. Running chkdsk (with /b, /r or /f parameters) from the command line did no justice. I also tried to do the automatic recovery at least 8 times and the results were mixed. It either said that the problem has been fixed, but after restart I got the same booting error, or it said that the problem is beyond its repair capabilities.
So my next step was to check the logs of these repair attempts and they've shown that the problem lies within C:\Windows\System32\ci.dll file. I read somewhere over the internet that it's probably the result of TDSS infection and it requires to start windows with driver signature enforcement disabled and run TDSSkiller.exe. That way, I was finally able to boot my system, but there was another surprise - I was unable to open any application (including TDSSkiller.exe, of course). I've tried everything without any success:
- changing the name of the file or its extension to .com
- fixing my registry entries related to .exe and .com extensions
- running file from different drives and directories
- running other malware and rootkit detection/removal utilities, including FixTDSS.exe, GMER, etc. None of these apps would ever run.
What's surprising, I managed to open my 64-bit Internet Explorer 9 (Opera or Chrome cannot start up, like the other 32 bit apps. I've also managed to run 64-bit Windows Media Player, so maybe the problem only affects 32-bit apps?), so my first reaction was to try out some online virus scanners. Unfortunately, most of them could not run. The only one that worked was BitDefender and it found a few minor infections, which I promptly removed, but they didn't seem related to the problem, as it changed nothing.
I don't know if it's anyhow related, but last week I've been infected with Windows Antivirus 2012 malware, but I got it removed and had no further symptoms of it.
Any help would be greatly appreciated.
EDIT: My typo: it was of course ci.dll, not ai.dll, just changed that.
Edited by ironlemon, 15 July 2011 - 02:13 PM.