Unable to run cleanup programs on infested comp

Hello,

I have used the removal guides on 50 to 100 computers. I have finally come across a computer where it does not work. I was eventually able to uninstall enough items so I could effectively work on the computer but I am now having the following problems.

1. Unable to start any programs. I can install them but once double click on them to run them nothing happens. The only programs I am able to run are self contained programs like ccleaner, HJT and other programs that do not have a full install utility. The programs I install and try to run show up in Add/Remove but just will not start.

2. I do not have access to task manager.

3. Web use is sporadic. I get my home page. I am sometimes able to download programs but many sites give me redirects to null. IE I try to go to www.bitdefender.com and I get a pop-up which says, "Alert - The connection was refused when attempting to contact www.bitdefender.com" This is both in IE and firefox (installed by myself after infection)

4. Programs I have tried to remove from the computer: Anti-virus 2009, Conextant Global Adsolutions, Virusremover2008, RegistryDoctor2008 and a bunch of others I see no direct traces of at this moment.

5. I removed a few hundred items from scheduled tasks, disabled everything from startup in msconfig and checked the registry for startup entries and found nothing.

6. I have checked Services.msc to see if anything may be hiding in there but nothing sticks out to me as wrong.

7. HJT shows a bogus dll in system32 running but it comes back with a new name each time it is deleted. IE ovlxecv.dll --> xyygem.dll


I would rather not rebuild the comp but what would you recommend as options?

 

Ok after my 10th hour of working on this thing I finally had a breakthrough. I went to http://www.kellys-korner-xp.com/xp_tweaks.htm and clicked on item number 393. "Spyware cleaners that WORK." It had a few of the same names of items listed on this site but the exe file had its name changed. That allowed me to run Combofix. Combofix ran and cleaned up enough items so I could start to run the rest of the programs.

Infections left behind that were cleaned:
Vundo
WinSrc

Good luck to anyone else infected.

BTW I used Kelly's reg fix (#51 - Second column) to successfully restore my Task Manager. I had also installed the Task Manager alternative from sysinternals - Process Explorer http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

 

TDS Serv also had some rootkits and installers

 

http://www.majorgeeks.com/images/grenade.gifWelcome! to MajorGeeks.com!http://www.majorgeeks.com/images/grenade.gif

If you have completed ALL of the steps in the READ ME, please attach all requested logs so we can confirm your system is clean.