xp_taskbar_desktop

my computer is missing task bar/start menu + desktop icons. all i see is the background image.
instead of explorer.exe running the start menu, task bar, and *desktop*, it simply opens a windows explorer of the My Documents folder, on startup

when trying to run the xp_taskbar_desktop_fixall.vbs, i get an error on

Code:

line 51

the remote server machine does not exist or is unavailable
800a01ce
microsoft vbscript runtime error

i have tried everything that was posted in english on google, and it doesn't look like anyone has been able to fix this problem without reformatting... so i was wondering if it was possible or not.

there was a topic involving a similar issue. http://forums.majorgeeks.com/showthread.php?t=200137

i have taken all of chaslang's advice, and he was requesting the other guy post up his logs, so i figured you would expect the same from me - so here they are

thanks in advance

 

opening explorer opens my documents.

 

is there any way i can use this with usb [i have a windows iso] :confused
my cd burner is not working right now

or is there any way to register the files manually?

i dont have the cd anymores:-o

 

You are likely going to need your Windows CD or can you borrow one that is the same as your Operating System?

I really don't see any malware but the OS is messed up. We can see what all we can do here but you might end up in the Software forum asking for help or worst case scenario be reinstalling Windows.

Could you get RootRepeal to run? If so please attach that log in the next reply and if not what happened when you tried to run it?

Also I see you ran a ComboFix Script. Where is the log it produced and where did you get the instructions for the CFScript? It is never a good idea to run fixes made for another computer. You can do great damage to your computer!

If you can I need you to go into MSCONFIG and set your startup option to Normal Startup Mode as stated in the READ ME. If you can't do this let me know why.



Next, go to Start > Run and type 'services.msc" without quotes and then click OK.

Scroll down to the Windows Management Instrumentation (WMI) service and make sure it is set to Automatic.

Right-Click on the service.
Click on 'Properties'
Select the 'General' tab
Click the Arrow-down tab on the right-hand side on the 'Start-up Type' box
From the drop-down menu, click on 'Automatic'
Click the 'Apply' tab, then click 'OK'
Exit the Services window.



Go to Add or Remove programs and uninstall:

• Viewpoint Media Player

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX Checked until you exit all browser sessions including the one you are reading in right now.

• O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
• O4 - HKLM\..\Run: [combofix] C:\ComboFix\CF7893.exe /c C:\ComboFix\Combobatch.bat
• O4 - HKLM\..\RunOnce: [combofix] C:\ComboFix\CF7893.exe /c C:\ComboFixCombobatch.bat

After clicking Fix checked, exit HijackThis.



Go to Start > Run and type notepad.exe then click OK

Copy and paste the below into Notepad and save as fixme.reg to Your Desktop

Code:

REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentVersion\Run]
"combofix"=-

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentVersion\RunOnce]
"combofix"=-

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentVersion\RunOnceEx\000]
"*combofix"=-

Locate fixme.reg on your Desktop and double-click it. Answer Yes when prompted to merge with the Registry.

Make sure that you tell me if you receive a success message about adding the above to the registry. If you do not get a success message, it did not work.

Delete the fixme.reg from the desktop and restart the computer.



Go to Start > Run and type "cmd" without quotes and press enter.

Then type:

cd C:\MGTools

Press Enter.

Next type:

GetRunKey.bat

Press Enter.

Attach the runkeys log that will be produced.



Next post I need the runkeys.txt, RootRepeal and ComboFix logs to be attached.

Also run a new MGtools scan and attach the MGlogs.zip.

 

if all else fails i will see if i can borrow the cd or reformat
but if there is another way around it would make my life easier


also i cant seem to find/uninstall viewpoint

 

I don't think this is a malware issue. You do need to cleanup your desktop. All of those files are a good, easy place for an attacker to begin.

You need to delete ComboFix from it's current location.

C:\\Documents and Settings\\Owner\\My Documents\\Downloads\\ComboFix.exe

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /u
     • Notes: The space between the combofix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
9. If you are running Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!