XP Total Security Virus

veedar has faster fingers :)

This may be a 'name-changing' rogue that appears to be included here:
http://www.bleepingcomputer.com/virus-removal/remove-win-7-antispyware-2011


Read my instructions here and note the "Save As" function to assign a new name to MBAM before you download it.
https://www.experts-exchange.com/A_5124.html

Please DO NOT try using ComboFix - it is NOT indicated for this infection.

heheh...but still i have gone through these links already but i don't know nothing has worked. Even in safe mode it loads and the process name is gcl.exe

ibrahim52,
If the "Rkill" recommended at bleeping computer didn't work for you, try the "RogueKiller" in my article.

@ibrahim52,

You could also try finding the location and killing the process named gcl.exe using the process hacker (alternative to task manager).

Download it here:
http://processhacker.sourceforge.net/

Sudeep

Alright lets see if the process hacker works :) thank you

ibrahim52,
You don't want to try stopping just one process that you think is the problem, you want to use an automated program that will identify and stop ALL rogue processes.

Totally agree with younghv, and that should be the right approach. However if killing the gcl.exe process let anti-virus/anti-spyware products run then it would not harm.

Sudeep

Following on ...when you scroll through the list of running programs presumably you should see the executable gcl.exe, and not the mentioned process tsc.exe.   Or it could be composed of <quote>random numbers or characters, and have a shield icon or a padlock icon next to it<unquote>.  You've then found the process(s) you're after.

Hmm, looks as if i should have studied veedar's link in detail, before posting mine, sorry  :/

I don't know but the issue resolved by itself. I went to my client this morning and was surprised to see that no XP TOTAL SECURITY is appearing anymore and i was still able to run ANTI MALWARE BYTES and removed the remaining traces. I don't know i think i ran KASPERSKY RESCUE DISK last time , the scanning was working fine was something and stopped, may be that is the reason it was removed as after kaspersky scan failed i did not bother to turn on the PC again and returned it back to my client. Anyways, i would like to share the points between the experts here and THANK YOU for all your time and the valuable suggestions that helped me coming over to some decision.

Thanks to all the experts for giving their best resolving this issue.

ibrahim52,
I was very cordial of you to split all of the points, but the PROBABLE solution was the ability to run Malwarebytes.

It would have been better to 'Accept' the first couple of comments that pointed you to the MBAM site.

I found a registry fix a while ago that works to repair the issue of not being able to run .exe files after you clean the virus off.

http://www.myantispyware.com/2010/11/18/how-to-remove-pw-exe-malware/