Turns out his hard drive was splattered with bad sectors, so I had to clone it to a known good drive before I could even get started. The boot failure was a corrupt registry, so restoring from backup via ERD 6.5 got me to his desktop.
Keep in mind that, during all of this, I can not get it online while in his installation because he has the NIC set to a static IP that doesn't work in my subnet (it's an openvpn host and has to have a static ip) and one of the nasties is closing the Network and Sharing Center immediately after it opens every time I try to access it. Come to think of it, I haven't tried netsh yet, but I do know that ping is crippled.
I have worked on it from within his installation, safe mode, a few live disks, ERD, and also yanked his hard drive and scanned it with a bench system a few times.
From all of these environments in as many reasonable combinations as possible I have tried Combofix (blocked by malware), spybot, malwarebytes (blocked), hijackthis (blocked), superantispyware, avast, avira, ms security essentials, windows defender, Dr Web, TDSSKiller, clam, cwshredder, pestpatrol, spysweeper, adaware (blocked), spyware doctor, and a few others that I can't think of off of the top of my head.
I have chipped away quite a few viruses, worms, rogues, and other ugly stuff, but a few things obviously still remain.
Vista is clearly in need of repair due to the registry problem and bad sectors, but I can't do that until the malware is gone. This may also be why some of the antimalware programs won't run, but the errors are just too typical of malware so I'm not taking that copout just yet.
DDS and GMER should be attached.
Edited by LitlJay, 12 October 2011 - 12:49 AM.