Removing orphaned services

I've got a laptop here that had a fairly serious Vundo/Virtumonde infection, which has since been cleared up. The laptop's owner was running both Norton'08 and PCCillin which didn't help anything. I have removed Norton (using SymNRT for the majority of it). However PCcillin was totally corrupt. The uninstaller would either error out with 'Fatal error-installation cannot continue" or it would just stop. The window would close and that was it. I tried a couple of 3rd party tools but they didn't do anything either. I have managed to remove the PCcillin files and folders, and used CCleaner and RegScanner to remove the registry entries. But there are some orpahned services left over. How do I remove them? I have disabled them in the msconfig tool, but I want them completely gone.
Any help or ideas or suggestions will be appreciated.
Thanks!

 

Seems like the hard way, do you give a guarantee with your viral treatments?

Why not just do a clean reinstall?

 

I guarantee that it's clean and running as good as possible w/o doing a clean install. I do not (and cannot) guarantee against re-infection. Regardless of the security software installed, if the user invites malware into the PC, nothing will stop it. I have had people with PCs absolutely LOADED with malware but they also had quality protection installed. So I'd check out the PC wondering how and why the PC is so infected; 90% of the time it's because the user turned off the protection!!! And I'd ask why they turned off the protection, and 90% of the time the answer is "it kept popping up windows and I couldn't surf". So the firewall/antivirus/antispyware programs were working, doing what they were supposed to do, and these people disable them because it interferes with their surfing. Ridiculous. So, no, I do not guarantee against re-infection.

In many cases, this is the best way to go. Occasionally, there is alot of data to be backed up, or certain apps cannot be re-installed due to lack of install media (Office is a prime example, as is some of more expensive audio type software like Audition or ProTools). Why someone would pay over $200 for a program, and then proceed to lose (or abuse) the install CD is beyond my level of comprehension, but it's a very common occurance. I have seen an Adobe Photoshop CS3 disc (over $400) so scratched and dirty that it not only couldn't be read by the PC anymore, but it had almost no 'rainbow' to it anymore.

OK.... (deep breath).... I'm getting all worked up and I'm foaming at the mouth.... to much freekin' coffee today :hyper

 

Delete a Service

Start
Run
cmd
sc delete <service name>
Reboot the system

http://support.microsoft.com/kb/251192/en-us

 

Thanks Cat.... now how do I find the name of the service? I have attached a screen shot from Computer Management > Services. In the command sc delete %service name% which is the name that I'd type? Is it the red, blue, green, or purple box? (I have used AntiVir as an example)
Thanks!

 

If you must, you need 'dependency walker' - depends.exe - available on either the XP CD or direct from M$.