Hmmm. I’ve never heard of a situation where XP won’t startup in safe mode. If that is true, then this might be a new malware variant.
To become educated with all this stuff, I HIGHLY recommend the www.spywareinfo.com forums. (Go to the Malware Removal forum) They are swamped with requests for assistance, but just by reading threads you can get a lot of help. I was able to fix my difficult issues just by reading.
Try rebooting again, continually tapping the F8 key. This should allow you to choose Safe Mode.
Before you do that, make sure you have the latest version of AdAware and Spybot, with the latest version of it’s spyware/malware/adware definitions. There is an “update” button. Then make sure AdAware is configured to catch everything, as follows…
* Launch the program, and click on the Gear at the top of the start screen.
* Under General Settings the following boxes should all be checked off: (Checked will be indicated by a green circle with a check mark in it, Un-Checked is a red circle with an X in it. If it is greyed out, those features are only available in the retail version.)
o "Automatically save logfile"
o Automatically quarrantine objects prior to removal"
o Safe Mode (always request confirmation)
o Prompt to update outdated confirmation) - Change to 7 days.
* Click the "Scanning" button (On the left side).
* Under Drives & Folders, select "Scan within Archives"
* Click "Click here to select Drives + folders" and select your installed hard drives.
* Under Memory & Registry, select all options.
* Click the "Advanced" button (On the left hand side).
* Under "Shell Integration", select "Move deleted files to Recycle Bin".
* Under "Log-file detail", select all options.
* Click on the "Defaults" button on the left.
* Type in the full url of what you want as your default homepage and searchpage e.g. http://www.google.com.
* Click the "Tweak" button (Again, on the left hand side).
* Expand "Scanning Engine" by clicking on the "+" (Plus) symbol) and select the following:
o "Unload recognized processes during scanning."
o "Obtain command line of scanned processes"
o "Scan registry for all users instead of current user only"
* Under "Cleaning Engine", select the following:
o "Automatically try to unregister objects prior to deletion."
o "During removal, unload explorer and IE if necessary"
o "Let Windows remove files in use at next reboot."
o "Delete quarrantined objects after restoring"
* Click on "Safety Settings" and select "Write-protect system files after repair (Hosts file, etc)"
* Click on "Proceed" to save these Preferences.
* Click on the "Scan Now" button on the left.
* Under "Select Scan Mode, be sure to select "Use Custom Scanning Options".
Also download HijackThis and CWShredder. (I don’t have the links handy, but I could provide them if necessary).
-Empty your trash.
-Delete everything in your temp folder.
-Reboot in Safe Mode.
-Rename first, and then move to the trash anything related to “tv media”. (This is the only way I could get rid of this on my daughter’s machine. I believe there are a couple .exe files inside the tv media folder).
-Run a HijackThis scan. Delete (“Fix”) anything that you can easily tell is related to your malware/trojans. (Be careful here though. You could really screw up your machine if you delete things indiscriminately. Make sure you put it into a separate folder before you run it so that it can backup changes. If in doubt about what you are doing, post your log to the spywareinfo forums and wait for assistance.)
-Reboot in normal mode.