Greetings. Been reading and researching all day to get to this point. I am asking where to start so as not to get in trouble with powerful tools.
In a (very large) nutshell:
Dell Dimension 4600 XP Home tower. (Has bad reputation, but power supply voltages fine, all hardware, network, perfect under PCLOS live CD).
Could not follow beginning steps here or other forums, I.E. run spybot, hijack this logs etc., as desktop locked to blue/yellow even in safe mode. Right click inop.
ctrl-alt-del brings up task manger. Run from tab gives cli field, but no commands accepted. I.E. cmd.exe gives "module could not be found" same with explorer.exe, sfc.exe etc, even when typing full path.
Recovery console from cdrom gives c:\windows prompt after blank admin password entered. CHKDSK worked, SFC did not.
Found but did not clean many viruses with TRK3.3 virusscan using AVG, F-prot, clamav, others.
To add to fun, both dvd and cdrom pair would not read my cdr/rw discs. Would read dell setup disk ok. Installed another cdrom on their secondary ide cable for now.
Ran dell setup, using install, not recovery as first choice. After a few mins, it said install fresh or repair. I chose repair.
It went to bsod at 34 minute mark after this dialog box kept popping up. "rundll c:\documentsandsettings\ausername\localsettings\temp\kbitkbilcfe.dll could not be found".
BSOD said: "Stop 0x000000C2 BAD_POOL_CALLER" error message .
Googling it, I found "take out modem in Dell Dimensia 4600 when running setup". After that I still got the rundll file complaint many times, but it finally installed. Left modem out for now, will use cat5 when ready.
Before reboot, ran PCLOS live cd and found all user data ok!.
Boot to XP, missed timing of f8 to start safe, it booted to icons/taskbar for a second, then right to locked up yellow/blue malware.
Rebooted in safe mode, I now have black desktop, all user's icons, right click, taskbar and start button.
I have on usb key: spybot s/d with latest update files, hijackthis, autoruns, combofix, smitfraud, and dss. Ready to run those and online tools at your advice. (will start now with Spybot).
P.S. I registered yesterday and made your training waiting page my home page. I am a hardware and PCLOS geek, but so many friends and family ask me to wipe their windows, I should help here for others.
[Tired of windows]
no go. burned usb files to cdr as system won't read usb yet. spybot wants online access so won't install, start, run cmd brings up rundll line again: c:blahblah\temp\kbitkbilcfe.dll, as doe most any right mouse click.
loaded recovery disk to look for recovery installation, most clicks on disk buttons bring up the rundll error.
This happens on safemode or regular mode. I tried killing some active processes as soon as seeing the desktop, and managed to avoid the locked screen, but it mat as well be. Now I ask for help.
I cannot run any tools such as hijack this, dss etc.
unless there is a way to do it from a bootable floppy, I am out of luck it seems.
Edited by Orange Blossom, 09 August 2008 - 10:59 PM.
Move to more appropriate forum. ~ OB