Windows 7 Fails to Start After Malware Removal

I've come here from the Malware forum where TimW helped me rule out ongoing malware issues. Prior to coming here I ran some scans and fixes on my own, and I think my registry may have been damaged in the process.

Here's that thread: http://forums.majorgeeks.com/showthread.php?p=1862580&posted=1

Right now I can only load my OS using SafeMode. Windows gets to the login screen, I can enter the password, but the desktop almost never loads. If it does, Windows Explorer is immediately unresponsive, and I can't access the task manager at all. I'm always forced to hard boot, and start up in Safemode.

Any help is very much appreciated!

 

Hi my friend , do you try repairing the installation ? :wave

http://pcsupport.about.com/od/toolsofthetrade/ss/windows-7-startup-repair.htm

 

Hmm not seeing any "major" issues in those logs, just your common junkware type of things.

Let's start with a few things.

Are you familiar operating RegEdit?

If so, open Regedit and check the following locations.

HKLM\Software\Microsoft\Windows NT\Currentversion\Win Logon\
Look for the key called "Shell". What do you see listed? It should *only* have Explorer.exe in there for the value.


HKCR\Software\Microsoft\Windows NT\Currentversion\Win Logon\
You *may* not see a key listed here called Shell, but if you do, same thing it should only have Explorer.exe in it for the value.


Moving away from the registry, you should check what sort of startup programs are scheduled to run. I would recommend using Auto Runs to look through all startup items, services and scheduled tasks.

Try unplugging *all* un-needed devices. For example, I once was troubleshooting an issue where explorer would constantly hang and desktop boots slow for 3 days with someone, turns out it was a bad USB mouse that was sending causing it.

Have you created a new user profile and tried to see if the same thing happens? This will tell us if it is a localized issue or something corrupted with the OS itself.

Let me know what ya find out.

 

Thanks guys, I'm running windows repair from the CD now, then I'll check into the registry and advanced startup options after that.

 

I'm not overly familiar with RegEdit - I can't seem to locate the directories you mentioned. I only see:

HKEY...
CLASSES_ROOT
CURRENT_USER
LOCAL_MACHINE
USERS
CURRENT_CONFIG

 

Ah my fault

HKLM - HKey_Local_Machine

HKCU - HKey_Current_User

Also, typo, it shouldn't be HKCR but should be HKCU

 

I saw explorer as the only value under 'HKLM - HKey_Local_Machine', and shell wasn't present in the other directory you listed.

I ran Auto Runs, but it didn't appear to do much. I checked my startup options, and everything is currently unchecked. No USB devices are attached.

I'll go ahead and create a new user profile to see if that changes anything.

 

The same thing happens when I try to load Windows from the new user account (administrator).

 

Any further assistance would be greatly appreciated - the laptop is still out of commission!

 

I might be far fetched but it sounds to me you need to do a clean install of the OS as it sounds like its completely damaged files.

 

I think you're probably right. If I don't get other feedback soon I'll go ahead and do that.

Thanks!