I remoted into my computer last night to do work and noticed a new unfriendly looking porn icons on the desktop. I deleted these and immediately started running scans. Spybot wouldn't open, started avg. Got home and everything was screwed up. I rebooted into safemode received a non stop onslaught of errors, the first being something that said unable to run app as dll tell microsoft about this problem, click dont send. then drwatsn32 has failed send message to microsoft. This repeated, was unable to get the task manager up so i could open explorer or programs. It just kept repeating these two messages. I then rebooted back into regular mode. Downloaded combofix, malwarebytes, and mcafee's sdat for dos scan. In regular mode i was unable extract the sdat file. I was able to install malwarebytes, however upon opening and trying to update the files suddenly went missing and now i have broken links. Same thing happened with spybot. It kills any processes of security software. I installed spyware doctor by changing the filename to r.exe. i can only get the program to run when i first log in to regular mode and get all those "cannot run dll as app" error messages before explorer initializes, however it says it cannot find the databases and doesn't click. I can run combo fix from there as well, however it states that it must reboot, upon reboot nothing happens. Each of my two users are at different levels of intensity, however my second user has no admin rights so i'm pretty restricted in there.
Rundll32.exe few entries running as user
Iexplore.exe will not close
Firefox.exe will not close
Trying to enter any version of Safe Mode gives me blue screen of death
each time i log into one of my users the problems increase.
Any idea how to get around the blue screen of death to get into safe mode?
i have dual boot puppy linux installed, is there a virusscan for the ntfs file system that would work from the puppy boot?
Thanks for your help
Edited by SkratRadder, 24 September 2009 - 02:11 AM.