I then re-started again, using an alternative account. I was then able to run 'Malwarebytes Anti-Malware' which reported 5 infections: Trojan.Agent.RDN (2 x Registry Keys); Trojan.Agent.RDN (File); Trojan.Agent.TPL (2 x Files). The software offered the option to delete these, which I selected and did a re-start as instructed.
I then re-started again using my normal (‘administrator’) log-on account. Unfortunately, I was eventually greeted with the fake notice again! I then used the alternative log-in with the intention of deleting the offending files. However, I could not gain access to the ‘User’ folder or delete the relevant Registry Keys as they were all protected by the ‘administrator’ password.
I then tried to boot-up in ‘Safe Mode’ but during the scrolling display of drivers being loaded I was presented with the instruction: “Press Esc to cancel loading SPTD.SYS”. Regardless of my choice, the pc just kept recycling back to the same point and I realised that I would not be able to solve the problem in this way either.
I should point out that I have had this particular virus once before and was able to delete the relevant files and registry keys, after finding their location with 'Malwarebytes Anti-Malware'.
Consequently, I have now run out of ideas and respectfully ask for some help.
My problem requires two answers:-
1. How can I delete the ‘protected’ offending files;
2. What do I need to do to get ‘Safe Mode’ to work.
The operating system is Windows XP Pro SP3, having 2 log-in profiles – one with ‘Administrator Rights’. There are also 3 external hard-drives for data storage only. At the time of the infection, 'Malwarebytes Anti-Malware' & ‘AVG’ were running.