I've got lot's of notes - here are the highlights. More history at rootkit infection
Can run computer OK in safe mode.
In normal mode, sometimes it locks up at or shortly after the login screen. If it makes it far enough I get a popup window titled "Desktop" with the following message
It doesn't seem to matter whether I his "yes" or "no", I still get a "cleaning up personal settings" window.
rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxscom.inf,FaxUnInstall.PerUser has been removed from this computer. Do you want to clean up your personalized settings for this program?
If the system does not lock up, then I get a windows is shutting down bluescreen --
A problem has been detected and windows has been shut down to prevent damage to your computer. . . .
I have tried running the windows XP system file check - sfc /scannow, but it returns
Windows File Protection could not make the requested change.
The specific error code is 0x000006ba [The RPC server is unavailable.]
Many false leads and dead ends later .... most of them ended up at Microsoft KB 296241. This says the cause of "The RPC server is unavailable." is a missing certificate which is not missing on my computer. I've followed a few other threads about problems very similar to mine, but the causes for them are not what's causing them on my computer.
I have looked at event logs and researched problems. There is very little recorded in the event logs when the system crashes. One error code (1000008e) led to posts that indicated this might be a RAM problem, but one of the first things I tried was running the full system diagnotic from Dell and everything checked out.
Oh, yeah, this is a Dell Inspiron E1405 laptop with XP Service Pack 3 (Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1750 [GMT -7:00])
I'm about ready to reinstall Windows, but would like to avoid that if possible. I'll post more detail from my notes or rerun steps to make sure we have fresh data -- just let me know what you need.