Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Boot critical file is corrupt


21 Jul 2012   #1

MS Windows 7 Home Premium 64-bit
 
 
Boot critical file is corrupt

The problems started yesterday when my computer went to blue screen and automatically shut down and restarted. This happened twice, then I did an AVG scan in Safe Mode. It placed several infections and a few malwares into the virus vault. However, it "did not test" dozens of files because they were "locked". There were Boot directeries that were listed among the locked files.

I restarted in Normal Mode, and got a message that Windows found a malicious file and "partially removed" it. When I clicked on the message to find details about the file, this webpage popped up: Encyclopedia entry: TrojanOS/Alureon.A - Learn more about malware - Microsoft Malware Protection Center
So the infection was TrojanOS/Alureon.A (edited to add: the smiley face appears where : D [without the space] is in the trojan filename)

About an hour later, the computer crashed and restarted again, then again a few minutes later. I did another scan and no malicious files were found.

When I turned the computer on 20 minutes ago, I got a screen telling me that the computer was unable to start, and Windows was searching for solutions. It apparently worked because I'm using the computer now. However, when I clicked to see the details of what happened, I saw this: "Boot critical file c:\windows\system32\kdcom.dll is corrupt".

So I don't know if it fixed the file or if it's still corrupt. I'm concerned my computer will have trouble rebooting. Thanks for any help in advance. What do I need to do to fix this problem?

Should I download Windows Defender Offline? If so, would I need to uninstall AVG to get it to work properly?





My System SpecsSystem Spec
.

21 Jul 2012   #2
Microsoft MVP

 

Yes, use bootable Defender. I would later replace AVG crapware with Microsoft Security Essentials.

Work through Troubleshooting Windows 7 Failure to Boot.

If the infection doesn't clean up then post it up in our Security forum for expert help with specialized scans.
My System SpecsSystem Spec
21 Jul 2012   #3

Windows 7 Professional x64 Service Pack 1
 
 

You need to run startup repair to repair the corrupt file: Startup Repair
If that doesn't work, run System Restore to a time before you got this virus and replace AVG with Microsoft Security Essentials as Greg said above.

How to run System Restore: System Restore
My System SpecsSystem Spec
.


21 Jul 2012   #4

MS Windows 7 Home Premium 64-bit
 
 

Thank you, I'll give those a try. AVG tech support told me they think Windows needs to be reinstalled, and they graciously offered to do that for $129.
My System SpecsSystem Spec
21 Jul 2012   #5
Microsoft MVP

 

No one has recommended AVG for 10 years since it bloated up and became a problem more than a solution.

Use MSE with Windows 7 Firewall.

There are steps as a last resort to get a Perfect Reinstall in the Troubleshooting tutorial.
My System SpecsSystem Spec
21 Jul 2012   #6

MS Windows 7 Home Premium 64-bit
 
 

I can't find my Windows 7 installation discs , so I can't run the startup repair yet.

So I started working through the Troubleshooting list. I did a malwarebytes scan, and it found several dozen malware files and infections. While it was scanning, AVG popped up with a notice that it found two Trojan horses. When malwarebytes was done, I removed all the malicious files it found. Then I tried to get AVG to delete the Trojan horses, and it froze (it did warn me after I clicked the Remove button that it could cause a system crash). Out of desperation, I did a ctrl-alt-del and got a black screen.

I did a hard shut down, then rebooted in Safe Mode and ran the SFC /SCANNOW command. It ran through the "verification process" which ended when the DOS screen disappeared. It apparently found nothing. I then did an AVG scan and it also found nothing--not even "locked" files, of which there were dozens last night when AVG said it "did not test" them because they were locked.

My computer boots up just fine now. I don't know if c:\windows\system32\kdcom.dll was fixed or not. With every reboot, however, Malwarebytes gives a message about svchost.exe, which apparently has a Trojan Agent that AVG never caught, and it quarantines the file. I've found other forums where trojans in svchost.exe are discussed, but if anyone would like to offer advice on that, it would be appreciated.

Actually, would it be worth a try to run "sfc /scanfile=c:\windows\svchost.exe" to fix it? Should I try "sfc /scanfile=c:\windows\system32\kdcom.dll" as well?

I am wondering about #5 in the Troubleshooting list: "5. If you need an installer for your licensed version to boot to run Repairs or possible Clean Reinstall, download the latest official Win7 installer w/SP1 ISO, burn to DVD or write to flash stick using Windows 7 USB-DVD Download Tool. "

Should I download that Windows 7 installer to run the startup repair? Would it wipe out my hard drive? (There's one more place where I might find my Windows 7 installation discs, but it's an hour's drive away.) If I'm not mistaken, I could order new copies on monday from Microsoft if I can't find them...

Thanks again for the advice, including that regarding AVG; I'll remove it sometime soon...
My System SpecsSystem Spec
21 Jul 2012   #7

Windows 7 Pro. 64/SP-1
 
 

If I understand correctly what I have read. You got a bunch of things. I dough if the infections will let you download and install any more anti virus help. AVG I don't think will be any help. At this point I would jump right to
Windows Defender Offline
My System SpecsSystem Spec
21 Jul 2012   #8
Microsoft MVP

 

I would uninstall AVG now and install MSE, run a full scan. Do another scan with Malwarebytes to make sure it got everything.

Make a System Repair Disk now in case you lose the boot, in which case use Defender to disinfect more thoroughly from booted CD.

Run SFC as given in the steps until it tells you whether it finds damaged System files or not. It should say clearly after the scan. Are you paying attention?

Continue with the steps in the tutorial.
My System SpecsSystem Spec
21 Jul 2012   #9

MS Windows 7 Ultimate SP1 64-bit
 
 

Regulus Leonis,

First you must have a virus-free system in order to do anything.

This is the reason I concur with Layback Bear.

Now after you follow the procedure I give, then:
UNINSTALL AVG
INSTALL MSE

The link of MSE is in my signature.
Here is a link for removing AVG. Before removing, disconnect from the internet.
Download tools and utilities | AVG Worldwide

=========================================
HOW TO USE WINDOWS DEFENDER OFFLINE ON A USB STICK
Windows Defender Offline
· is a free standalone, bootable malware and virus remover from Microsoft.
· performs an offline scan of an infected PC to remove viruses, rootkits and other advanced malware.

Download Windows Defender Offline (about 764 kB)

You will have the choice of downloading the 32bit version (x86) or the 64 bit version (x64).
The link will help you determine whether you are running a 32 bit version or 64 bit version of Windows

NOTE!! You can download and prepare a 32 bit version using a 64 bit version of Windows
NOTE!! You can download and prepare a 64 bit version using a 32bit version of Windows.

You run the 32 bit version on a 32 bit version of Windows.
You run the 64 bit version on a 64 bit version of Windows.

The 32 bit download file name is: mssstool32.exe
The 64 bit download file name is: mssstool64.exe

For the curious, this program was originally name Microsoft Standalone System Sweeper.


INSTALLATION:
You will need an Internet Connection.
Insert 512 mB (Microsoft’s 256 mB is no longer accurate) or larger USB stick into a usb port.
Run the downloaded program--mssstool64.exe or mssstool32.exe
NEXT button
Choose the option On a USB flash drive that is not password protected
NEXT button
NEXT button
.
The install program will format the usb stick using the NTFS format.
The install program will download about 210 mB.
The install program will name the USB stick WDO_Media32 or WDO_Media64
The WDO_Media32 usb stick will have used space of 255 mB (268,140,544 bytes)
The WDO_Media64 usb stick will have used space of 282 mB (296,165,376 bytes)
You can expect the number of mB to increase as more malware appears.

UPDATE Windows Defender Offline USB stick:
· reinsert the usb stick
· run the installation program, mssstool64.exe or mssstool32.exe, again.
· the update will download about 66 mB (mssstool32.exe) and 68 mB (mssstool64.exe).

Since the malware database is sometimes updated several times in a day, always update before running.

PERFORM AN OFFLINE SCAN
Bootup your computer from the USB stick
Windows Defender Offline will automatically perform a quick scan.
After the quick scan finishes, Choose Full Scan
Select all of your drives

The initial, full scan can easily take several hours, but
Remember, your computer is being very thoroughly checked for all types of malware.
My System SpecsSystem Spec
21 Jul 2012   #10

MS Windows 7 Home Premium 64-bit
 
 

Thank you, Karlsnooks. I haven't worked on this for the past few hours because I'm stuck on how to boot from cd.

I actually downloaded and installed MSE, and uninstalled AVG. The initial scan MSE did immediately after its installation found just TrojanOS/Alureon.A. It finds this and "suspends" it automatically every time I boot up now.

Also downloaded Windows Defender Offline and installed it on cd. So I'm trying to reach ASUS for them to tell me which function key to hit on startup to get in to temporarily change the BIOS or Boot Setup, then to hopefully get them walk me through it if it's not self-explanatory. I'm assuming I would need to change the the Boot Setup if I installed Defender Offline on a USB drive, as well.

I just did another sfc /scannow, this time from the DOS screen instead of from the command field in the start menu. In the system32 folder, the result was: "Windows Resource Protection did not find any threats to the integrity of this system," or something to that effect.
My System SpecsSystem Spec
Reply

 Boot critical file is corrupt




Thread Tools



Similar help and support threads for2: Boot critical file is corrupt
Thread Forum
Solved Boot Critical File BSOD Help and Support
Solved Boot Critical File c:\\ci.dll Corrupted - HELP! BSOD Help and Support
Computer won't restart: "Root cause found: Boot critical file D:\CI.dl BSOD Help and Support
Windows 7 boot file is corrupt? Second time this has happened!? BSOD Help and Support
Critical file sharing issue Network & Sharing
Corrupt Boot File Installation & Setup
Boot File for Windows 7 Corrupt, please help Installation & Setup

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 10:01 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33