You've picked up (at least) Virtumonde & Trojan-Downloader.Gen. Virtumonde is extremely invasive & pervasive. Even given the supposed effectiveness of SpyBot or SpyHunter removal tools, I would still smoke the whole drive system & reinstall. Your PC is wide open and likely infected with a legion of malware.

I've made some progress. I found a web page that gives instructions on how to removed hgggdbx.dll. But it's a major job deleting tons of register keys. I'll have to do that tomorrow.

I got the task manager back. At least in safe mode anyway. I might try to connect to the internet tomorrow and download the anti virus program. The only problem is that if I connect back to the internet before I get this sucker killed it will probably just download more of it's own files again.

I'm thinking about running out to the store and buying an antivirus CD so I can come at it from that end without having to connect back up to the Internet before it's killed.

Either that, or just do it by hand myself one register key at a time.

I also have a trick. I have a binary program I wrote myself I call it "The Vaccine". When it's loaded into memory all it does is unload itself again.

Instead of erasing files I just replace them with my 'vaccine'

In other words, I name the vaccine file hgggdbx.dll and write over the viruse with it. Then I set it to READ ONLY.

If the virus is still active, it checks to see if hgggdbx.dll is there. If it has been removed it just replaces it with a back-up copy it has stored somewhere on the compute. But if I already have a file there by that name then it can't replace it.

I've fixed other viruses that way before. It prevents me from getting them again becasue they can't write over the files that already have their name.

But I need to be able to delete these files before I can replace them with the dummy vaccines. That's the catch.

I've picked up some spyware in the past. I've vaccinated it with my dummy files, and that killed. Anti virus software would think my computer is infected, but it's dummy infections.

I keep a close eye on my Internet connection. I never allow my computer to talk to someone if I'm not telling it to do that.

Typically I catch viruses almost instantly. But this baby just hit hard and fast. I'll keep chipping away. If it gets to be too much trouble I just reinstall.

i guess you can say you have been screwed.there are programs out there that will infect your computer and then say they have found viruses so you'll go and buy their software to get rid of the viruses that they have actually put on your comp.

have you installed anything recently?because they will usually embed their software and viruses into other programs,so when you install other programs it installs theirs too.

the only way i've been able to get rid of it is to reformat.sorry dude

You could try getting something called "SpywareBlaster", which is a quasi-resident program that supposedly stops spyware before it even starts (it says it does so by adding in a "kill bit" to the spyware, effectively killing it).

Get Smitfraudfix and Combofix, start your machine in safemode and run both of these programs (make sure you save them on your desktop otherwise it won't work). After that get HijackThis and create a log report, go to BleepingComputer.com and post it in the appropriate forum there. They will get to it when they can, though if you run those two programs it shouldn't be that hard to remove the rest.

good inf here. thanks to all the smart people!

Ditto - three excellent apps. . .
You might also want to run an online scan
http://housecall.trendmicro.com/
it won't be influenced by whatever may be on the system

I used the Smitfraudfix suggested by FearandLoathing. I was actually able to download that on another computer and save it to floppy (just bearly at 1.2 mb).

But it worked to kill the Virtumonde and stop excution of those programs and delete them.

There still appears to be a Trojan running though. I've located the file, but I can't stop it from running to delete it. I've regained control of the Task Manager and the registry editing functions.

Smitfraudfix did produce a log of the registry keys for the Trojan. I haven't gone in to delete those keys yet. I'll have to do that by hand evidently. Then when I reboot (hopefully) the trojan will not have been launched and I can then delete the program or write over it with my vaccination program. That way it can't come back.

It appears that I will be able to recover from this attack fortunately.

Thanks for all the suggestions.