Windows 7 stuck at boot screen

[Retromatic]

I found a trojan on my system yesterday (a variant of Coolwwwsearch), found a program to remove it didn't show up in any virus/spyware scans after that. I'm not sure if this is the source of the damage seems likely, turned on pc this morning and the internet would not connect - all my other devices were working fine, so rebooted and now it gets stuck at the Windows loading screen.

I've put in my Win 7 DVD, gone into "Repair my computer" which eventually brings up a box (recovery tools), it shows an installation of Windows in the box but says it's on F:\ drive? Anyway, I would assume that is mine as it is the only installation I have of Win 7 on my HD's. Problem is, when I mouse over the box to click the next button (to repair) I just get the swirly circle thing as if it's doing something, in fact if I mouse over anywhere in the box the circle comes up.

So I'm kind of stumped. Any help appreciated please.

P.S - I have tried Safe Mode, Safe Mode with Networking and I think one other but they just load some Windows files and then don't do anything either

 

[Retromatic]

UPDATE : Okay I managed to get the DVD working and did a system restore that was sucessfull.

So, Windows booted up but took about twice as long as normal.

Now my problem is that this trojan is back also.

To be precise it is called : CoolWWWSearch.xmlmimefilter, any ideas on how to blast this thing into oblivion?

Edit - I've previously tried Spybot which detects the malware, but can't delete it, also Malwarebytes which doesn't detect it and Avast, which also doesn't detect it. Hijackthis, says that it has been denied access to the Hostfile, so can't post a log - I tried steps I googled to remove "Hijackthis" from the host file, but it made no difference.

 

[Van Diemen]

Boot into safemode with Networking, download and run ComboFix.exe

reboot in to Windows (normal) & run ComboFix again for good measure

 

[philds]

Did you run Malwarebytes? http://www.malwarebytes.org/

I use this the first time I come across any malicious software and it does the trick everytime.

As always, run Windows normally, install Malwarebytes and update the definitions (keep telling it to update until it says there are no updates). Then reboot into safe mode to run the full scan.

ComboFix mentioned above is great and saved me once when nothing else worked, but it gives a lot of warnings about it's use which makes me wonder how much deep fiddling it does with crucial Windows components, so try that after Malwarebytes.

 

[Retromatic]

Safe mode with Networking doesn't work. It loads a list of drivers, says "please wait" at the bottom but after 10-15 minutes, still hasn't done anything.

 

[Retromatic]

Did you run Malwarebytes? http://www.malwarebytes.org/

I use this the first time I come across any malicious software and it does the trick everytime.

As always, run Windows normally, install Malwarebytes and update the definitions (keep telling it to update until it says there are no updates). Then reboot into safe mode to run the full scan.

ComboFix mentioned above is great and saved me once when nothing else worked, but it gives a lot of warnings about it's use which makes me wonder how much deep fiddling it does with crucial Windows components, so try that after Malwarebytes.

Yes, as mentioned in the above post - I've always used Malwarebytes but it doesn't even detect it.

 

[Van Diemen]

Does the system boot in to Safemode without networking?

If it does, boot into Windows download ComboFix to the desktop and reboot into Safemode, then run ComboFix.

I have had similar issues before, ComboFix is the only one that sorted the issue

 

[Retromatic]

Does the system boot in to Safemode without networking?

If it does, boot into Windows download ComboFix to the desktop and reboot into Safemode, then run ComboFix.

I have had similar issues before, ComboFix is the only one that sorted the issue

None of the safemode options work. The pc just about boots normally but takes a lot longer than usual.

 

[Van Diemen]

In that case your best option is to run Combofix in normal Windows or re-format the system

 

[Retromatic]

In that case your best option is to run Combofix in normal Windows or re-format the system

Okay thanks for the suggestions, will give Combofix a go without safe mode and then failing that, as you said reformat looks like the only option. At least I can get in to Windows I suppose, last time I had something like this I couldn't even get in to Windows.

Anyway, thanks again.

 

[Retromatic]

Spoke too soon, can't get back into Windows now

 

[wazza300]

cant you restore to a time before you got the virus?assuming you can manage to get back into windows

 

[Retromatic]

Well I'm trying to use the dvd to restore again (as previously done) but IF this thing stops swirling and actually lets me click it, there were only two options available to restore from and they were yesterday. In other words, no there is no restore option before the virus unfortunately.

 

[Retromatic]

Just wanted to add to this, I managed to restore to a time just before I had the virus - so this seemed to get rid of that, but I was still having problems booting up and getting stuck at the Windows 7 logo.

A few months back I had a problem with my E:\ drive (500gb WD Black) where I couldn't access it in Windows (this was sorted in another thread). Anyway, I randomly got an error message flash up about repairing E:\ drive when I tried to boot Windows for the 1000th time, so I decided to unplug it.

Now Win 7 boots up perfectly and quickly every time. I'm confused.

So it looks like the virus was purely co-incidental with this boot problem?

Does anyone know why the E:\ drive would affect Windows 7 (which is on my C:\ drive) from booting? Also (sorry for all the questions) but should I ditch this E:\ drive? I can still access the data on it, if I plug it in once I'm in Windows or is the problem maybe something to do with too many drives on sata ports? I have 3 connected to different sata ports.

 

[soundesciple]

Just wanted to add to this, I managed to restore to a time just before I had the virus - so this seemed to get rid of that, but I was still having problems booting up and getting stuck at the Windows 7 logo.

A few months back I had a problem with my E:\ drive (500gb WD Black) where I couldn't access it in Windows (this was sorted in another thread). Anyway, I randomly got an error message flash up about repairing E:\ drive when I tried to boot Windows for the 1000th time, so I decided to unplug it.

Now Win 7 boots up perfectly and quickly every time. I'm confused.

So it looks like the virus was purely co-incidental with this boot problem?

Does anyone know why the E:\ drive would affect Windows 7 (which is on my C:\ drive) from booting? Also (sorry for all the questions) but should I ditch
this E:\ drive? I can still access the data on it, if I plug it in once I'm in Windows or is the problem maybe something to do with too many drives onsata ports? I have 3 connected to different sata ports.

I would take all important data off the E drive and format it then put your data back on. Reason for this is, if the E drive had an earlyer install of windows on it or that drive was connected when you installed on your C drive the E drive still may have some MBR (master boot records) file still on it so when you boot up windows is getting confused by two sets of MBR files.

 

[Retromatic]

I would take all important data off the E drive and format it then put your data back on. Reason for this is, if the E drive had an earlyer install of windows on it or that drive was connected when you installed on your C drive the E drive still may have some MBR (master boot records) file still on it so when you boot up windows is getting confused by two sets of MBR files.

Thanks, I'll give that a shot - I don't ever remember installing Windows on it, was just for data but worth a shot I guess.