[jay_sohhn]

Well, we're making progress this time. Upon exiting, the computer seemed to start windows (though, it did seem to take quite a long time). I reached what appears to be my desktop, except that it's just the "wallpaper" for the desktop. No icons, no start menu or system tray, or anything. Let me know what to do next.

[Advertisements]

Please press Ctrl+Alt+Del and see if the Task Manager opens. If so, click File>New Task (Run) then type explorer and hit Enter.

Let me know what happens and we'll go from there.

[noahdfear]

Please press Ctrl+Alt+Del and see if the Task Manager opens. If so, click File>New Task (Run) then type explorer and hit Enter.

Let me know what happens and we'll go from there.

[jay_sohhn]

Task manager opened up. I hit File>New task (run). I typed in explorer. The following message appeared:
"The application failed to initialize properly (0xc000007b). Click on OK to terminate the application."

[noahdfear]

Open Task Manager again and click File>New Task then click Browse.
Navigate to c:\windows\system32\dllcache
If explorer.exe is present, right click on it and select copy.
Back up to C:\Windows then right click explorer.exe and select rename.
Name it explorer.exe.vir then click off in a blank space.
Now right click in a blank space and select Paste.
Select the copied explorer.exe then click open, then click OK on the Run dialog.
Let me know the results.

[jay_sohhn]

I navigated to c:\windows\system32. However, I did not find dllcache. The closest was dllhost or dllhst3g. But no dllcache.

[noahdfear]

Just means hidden files and folders are not set to show - not a problem. Reboot to the Recovery Console and execute the following commands.

cd system32\dllcache
copy explorer.exe c:\windows

When/if prompted to overwrite, answer yes then type exit to restart.

[jay_sohhn]

I typed in the recommended commands, typed exit to restart, and navigated again to c:\windows\system32. However, I still did not find dllcache.

[noahdfear]

Hi Jay,

The purpose of the last exercise was not to make the dllcache folder visible, but to replace the c:\windows\explorer.exe file in hopes that your taskbar and such would be visible again. Using Task Manager again, type the following in the Run dialog then hit Enter.

c:\windows\explorer.exe

If you see no change, please click the processes tab in Task Manager and list what you see there.

[jay_sohhn]

OK, here's what happened: After typing in the recommended command, I got the message "The application failed to initialize properly (oxc00000tb). Click on OK to terminate." This was displayed in an error message box that was labeled "explorer.exe."

I clicked on the Processes tab and the following are listed:
ccEvtMgr.exe
svchost.exe
SavRoam.exe
mdm.exe
jqs.exe
iviRegMgr.exe
wscntfy.exe
DefWatch.exe
mscorsvw.exe
ccSetMgr.exe
spoolsv.exe
svchost.exe
svchost.exe
wuauclt.exe
svchost.exe
svchost.exe
update.exe
taskmgr.exe
svchost.exe
lsass.exe
services.exe
winlogon.exe
csrss.exe
smss.exe
System
System Idle Process

Thanks again!

[noahdfear]

Processes list looks pretty good. Let's see if you have internet. Type iexplore in the Run dialog and let me know what you get.

[jay_sohhn]

I typed in iexplore into the run dialog box and Internet Explorer opened up but could not display the webpage. My wireless is on (at least the LED light for the wireless is on). I hit "diagnose connection problem" but got an error message in a dialog box labeled "xpnetdiag.exe - Application Error." The message said: "The application failed to initialize properly (0xc000007b). Click on OK to terminate the application."

[noahdfear]

Use Task Manager to browse to and select ComboFix on the desktop, then click OK to run it.
If it runs it should try to update, which may fail. Continue to allow it to run anyway.
If you still have no connection when it finishes, do you have a flash drive that you can transfer the log to for posting?

[jay_sohhn]

I ran combofix. After it did its thing it spit up a log file. I tried to save it to my flash drive, but when I plugged it in, I got an error message. The message box was called RUNDLL and the message said "Error loading newdev.dll. %1 is not a valid win32 application." I clicked OK and tried to navigate to my flash drive. No luck. Only drives showing are the two partitions of my hard drive (c and d).

[noahdfear]

Did your taskbar and desktop load properly?

Reboot once with the flash drive attached and see if you can access it once logged on.

[jay_sohhn]

No, desktop and taskbar did not (and have not) loaded properly. I did try to reboot with flashdrive attached. No luck.