I have the hacdef.sys returning to my Windows folder every time I re-boot. AVG finds it - heals it or puts it in the vault - back it comes. I have taken extreme cleaning measures and run Adaware. Why Adaware? It has made it impossible to install hijack this or Spybot. In fact it has made Spybot invisible. No kidding - on the drive or on a floppy - it is invisible when in this computer. Also msconfig is gone and invisible when I out it on a floppy to paste from another machine. Ran Trendmicro System cleaner too - it found nothing. I do not seem to have the HAcker Defender files either as I found a few references to this in my travels - probably should have come here first but my search here found nothing about this. I seem to have very little problem doing my normal computer tasks but. . I would really like to get Spybot back and operational - can't even download the new version now as it will not finish the download. Also need msconfig to get rid of whatever is starting this thing up in the boot. I have RegCleaner which does not see anything unusual in the start up menu. Also nothing untoward appears in the processes in taskmanger. I can run AVG - FrontGate - ZOneAlarm - RoboForm - NoAds - with no problem although I thought that ZOneAlarm disappeared a couple of times on me for no reason. All help, hints adn info appreciated. and yes I know - its probably time to reformat anyway. . Thanks in advance. Greaner

There is no mention in your post that you turned system restore off and then restarted your computer. Then enter the safe mode during the startup sequence and then try using your scans. Have you done these two essential steps?

Yup thanks I think I have done it all except format or some specific measures for this trojan. Greaner

XP resource info: www.blackviper.com http://grc.com/dos/xpsummary.htm hope it helps Thresher

Why don't you uninstall some of these software that are causing conflicts one at a time and see if you get your msconfig back so you can disable any reference files to the trojan at Startup. I personally find it sufficient to only use two antivirus programs and run Ad-aware to remove malware files manually and hadn't need to remove any spyware yet. See if you could terminate the related trojan files from running in memory by end-process it in Task Manager.

I would also follow-through with the additional removal steps, including editing the registry as instructed by either AVG or the antivirus that detected the Trojan Horse.

You should be able to find and remove any remaining hacdefender references on your pc by following one of the ten Hacdefender Trojans removal instructions below: http://www.trendmicro.com/vinfo/virusencyclo/default2.asp?NAV=1&m=q&virus=hacdef+trojan&alt=hacdef+trojan Once your removed the remaining trojan related files, I would also empty your Cookies, Temp, IE Temporary Files folders through Windows Explorer. Do a Search/Find to confirm all malware files have been removed. Empty Recycle Bin. Restart pc in Safe mode, scan with antivirus again. Once pc is free of threats and all programs working, restart pc in Normal mode. Run scandisk and defrag your hard drive. Create a full backup. Run and download Windows Update from Microsoft to keep your OS and IE updated and secure regularly.