> For a start, don't have 2 AVs on your computer at once.
> Have you tried installing Spybot search & destroy and Malwarebytes in
> SafeMode with Networking.
> Download to the Laptop, copy to Flash Drive. Then install on XP one.
> And scan with Trend in that Mode as well.
> I'll include links for you, even though you say you have them.
> The Programs get updated all the time.
> And update them in SM with Networking before scanning.
>
>
http://www.spybot.info/en/index.html>
> Spybot Search & Destroy 1.6 is a very good, FREE Anti-Spyware Program.
> Download, install, update, and immunize your System with it.
> Then SCAN with it.
> Update it, and scan your System once a fortnight.
>
>
http://www.malwarebytes.org/mbam.php>
> Malwarebytes is as the name says, a Malware Remover!
> For the Free version scroll down their page to either download from
> Download.com, or Major Geeks.com
>
> Download, install, and update.
>
> Important re: Safe Mode
> If you happen to find a problem that you can’t uninstall / delete, reboot
> the computer, and go into Safe Mode.
> To get into Safe mode, tap F8 right at Power On / Startup, and use UP arrow
> key to get to Safe Mode from list of options, then hit ENTER.
> RESCAN your computer with your Anti-Virus, Malwarebytes and Spybot S & D
> while in Safe Mode.
>
> If unable to install above Programs in Normal Mode:
> Sometimes Trojans, Viruses, Malware, etc stop you installing and/or updating
> Programs to remove them.
> If that happens, reboot into Safe Mode with Networking, and install, update
> and scan from there.
>
> --
> Mad Mike
>
>
> "rankind15" wrote:
>
> > Hi - I a looking for help to clean my infected XP system. I am actually on a
> > different computer now as my infected system (desktop - wireless) can't
> > access security sites.
> >
> > The problem started Dec 2nd, 2008. I'm running XP SP 3. The system was set
> > up to autodownload MS updates once per day, and AV every three hours. Somehow
> > it got infected with a nasty malware program - I'm guessing via human
> > interaction of a family member clicking something they shouldn't have. The
> > system has TendMicro Internet Security 2008 running on it and had it running
> > at the time of infection too. I've spent about 10 hours trying to clean it so
> > far with little luck. I'd appreciate any help anyone can provide.
> >
> > Symptoms:
> > -Running a little slow, to very slow at times, especially when downloading
> > files. Not consistent though.
> >
> > -Originally it wouldn't boot past the loading windows screen, but that has
> > stopped now
> >
> > -Trendmicro found GetModule, Adload, and Generic12.KAO but couldn't clean
> > them. Adload and Generic aren't found anymore, and I cleaned GetModule via
> > instructions on the TrendMicro site
> >
> > -I cannot surf to any security sites (including this one) nor can I get to
> > windowsupdate, but I can surf to msn, yahoo, etc
> >
> > -tried loading AVGFree AV by downloading it to my clean laptop, burning it
> > to cd, and then transfering it to the desktop, but it runs with errors and
> > ends up doing nothing
> >
> > -Also transferred over mbam-setup, HJTInstall, spybot, but they won't run. I
> > click on them, get the waiting cursor for a short moment, then nothing.
> >
> > -Found dihjmevt and hsfxpeqgkaukg in the startup, I've since disabled them
> > from starting and deleted their dlls and registry entries
> >
> > -/etc/hosts file is normal
> >
> > -Finally opened a chat session with TrendMicro,but they couldn't help
> > (session ID: 584407 if interested)
> >
> > -TrendMicro had me turn off my system restore, and now I can't restore to a
> > previous date as none exist anymore
> >
> > -Tried gmer (www.gmer.net) but it also wouldn't execute
> >
> > -Checked (known to me) registry keys for disabling my ability to run
> > programs without any success
> >
> > -
> > HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
> > - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
> > - HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System
> >
> > -Ran RootkitRevealer from sysinternals and found the results listed below,
> > but can't find them in my registry to delete/modify
> >
> > -
> > HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\ -dated 2/25/2007
> > - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\tdssdata -dated 12/2/2008
> > - HKLM\SOFTWARE\TDDS -dated 12/5/2008
> > - HKLM\SYSTEM\ControlSet001\Services\TDSSserv.sys -dated 12/6/2008
> > - HKLM\SYSTEM\ControlSet002\Services\TDSSserv.sys -dated 12/6/2008
> > - HKLM\SYSTEM\ControlSet003\Services\TDSSserv.sys -dated 12/6/2008
> >
> > -ran ccleaner and cleaned everything found - ran every option and fixed
> > everything it suggested with success
> >
> > -Ran AntiVir Removal Tool 3.0c but it didn't find anything
> >
> > -Ran windowsdefender but didn't find anything
> >
> > I've tried all of the above items in normal mode, safe mode, and safe mode
> > with network support with no difference in results. I've also tried booting
> > to last known good state without any luck (boots to state I used this AM).
> > I'm a few years removed from my old sys admin days, but "back in the day" I
> > could create an av recovery disk to boot from to clean up the disk drive
> > without the OS running, but can't find a way to do that now when I don't have
> > a floppy drive. Also, my laptop has vista and trend doesn't have (that I can
> > find or the chat person knew of) a vista version to sw to make a boot cdrom
> >
> > Any suggestions/help would be greatly, greatly, greatly appreciated!
> >
> > Thanks,
> > Dave
> >