Malwarebytes antimalware lists it as trojan.tdss, avg free edition will not remove it, even from safe mode. I also have a recurring problem with redirects, not sure if this is related or not. So far I have tried the following:
Several full scans in safe mode, it finds a couple files (see below) and says it has deleted them or will with restart but they just come back after restart.
Memory Modules Infected:
\\?\globalroot\systemroot\system32\geyekrocpuydwy.dll (Trojan.TDSS) -> Delete on reboot.
\\?\globalroot\systemroot\system32\geyekrocpuydwy.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
Several full scans in Safe Mode comes up with trojan.tdss and says removed but again shows back up on reboot.
Locked hosts file and ie settings
Several cleaner and registry scans done, every time I run the cleaner I get an error that says:
"The file or directory C:\Documents and Settings\Administrator\Local Settings\Temp\etilqs_oc3DtCL5ueKb2u1gyp80 is corrupt and unreadable. Please run the Chkdsk utility. "
Running chkdsk from command prompt shows several errors:
Running /f and rebooting does not fix the issue. chkdsk will not even run from the drive properties window in reg or safe mode.
Full protection enabled
All files in startup tab are disabled.
Several full system scans and removals from safe mode but everything keeps coming back.
When booting into normal mode I get a bunch of cmd prompt windows that pop up then immediately close, they go by too fast to really see what they say, its about 7-9 windows.
I am running on a t42 thinkpad with windows xp sp3 with all updates. All of the above programs have been updated to the latest version.
Thanks in advance for any help given, this issue has got me wanting to format but I thought I would try here first.