I am working on my cuz pc and I tired scanning with AntiVir and it found some then I scanned with AVG and it found 17 more it tries to delet but they keep coming back. I got spyware off with Spybot search and destroy and Spyware doctor. Should I do adaware 2? Will scan again to give the names of the viruses.

Also I did a Hijackthis. Anyone please tell me what shouldnt be there.

Logfile of HijackThis v1.99.1
Scan saved at 8:11:01 PM, on 7/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.exe
C:\WINDOWS\system32\8073cc7e.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\kenya\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sbc.yahoo.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://my.netzero.net/s/search?r=minisearch
F2 - REG:system.ini: Shell=explorer.exe
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL
O2 - BHO: Popup-Blocker Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\NetZero\qsacc\x1IEBHO.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\common\YIeTagBm.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - blank (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Viewpoint Toolbar BHO - {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBarBHO.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - blank (file missing)
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O8 - Extra context menu item: &Search - http://ka.bar.need2find.com/KA/menusearch.html?p=KA
O8 - Extra context menu item: Display All Images with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/228
O8 - Extra context menu item: Display Image with Full Quality - res://C:\Program Files\NetZero\qsacc\appres.dll/227
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - blank (file missing)
O9 - Extra button: SBC Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1102885040412
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: artm_newreg - C:\Documents and Settings\All Users\Documents\Settings\artm_new.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: yvbb01 - C:\WINDOWS\SYSTEM32\yvbb01.dll
O20 - Winlogon Notify: yvpp01 - C:\WINDOWS\SYSTEM32\yvpp01.dll
O21 - SSODL: XUgXEdewmwBCLD - {88B7B90A-221D-13A0-DC03-DE348DF1DF57} - blank (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe

Backup anything that isnt an exe and reformat. Thats what i would do. That'll take care of that pesky wabbit..

Restart in Safe mode. Run any and ALL antispyware/Antiviral apps.

One problem with reinstalling is he had his next door neighbor build it. So he doesnt have the CD key or CD. So just go into safe mode and run everytihng in there.

Ooh... my eyes hurt from reading all that!!!!

I'm with Say10 - rescue all the docs and settings and reinstall. install antivirus and antispyware apps, install patches and scan it after you've put the documents and settings back where they should be.

... then tell the guy to stop looking at "those" websites

EDIT: oops - just read the above post - try and get the CD - his key will be on the system section of the control panel

Okay thanks. o ya now I know how to get the cd key.

http://www.techspot.com/downloads/1278-hitman-pro.html

Publisher Description

Anti-spyware program combines up to six popular engines to maximize removal effectiveness. Features in Hitman Pro 2.3 (translated from Dutch): - Installs and downloads automatically external antispyware software. - Hitman Pro AntiSpyware with heuristics checks important system and register values or to this processes have been coupled which do not make themselves in the correct manner (or not at all) confessed. This is a common case for many well-known spyware, viruses and Trojan horses are found. - Uses versions bought of possible person present of external antispywaresoftware (such as Ad-Aware and Spy Sweeper). - Limit Internet-toepassingen well-known with SurfRight the system rights of such as Internet Explorer, Outlook Express or Microsoft Office Outlook and MSN knife-narrower ones limiting as much as possible to contagion by to misleiding. - Automatically the external antispywaresoftware serve. Carries out inspections, removes automatically found spyware and places protection against malicious activeX besturingselementen. - Automatically the est updates download (without Hitman pro the user this frequently handmatig must do). - External antispywaresoftware are configured automatically for the best result. - Possibility to take part in the fighting against spyware by anonymous spywarestatistieken at uploaden to the Hitman pro web server. Statistics realtime on the Hitman are reflected pro Internet site. - Generates of all carried out action? report so that the user gets a clear picture concerning contagion and protection. - A number of Internet Explorer-instellingen checks so that this browser cannot knowledge of the user install without software.

I got this from a post on here a while ago and use it weekly...just in case. really pretty sweet: install, click start, click "accept all" for the licences, and let it do it's thing. won't do anything for the viruses but might take care of your spyware problem without reformatting

edit* found it, post was by THRiLL KiLL http://forums.pcapex.com/windows_os_...ght=hitman+pro

thanks dude Ill try it out. The viruses I might have gotten rid of by manually shredding them with spybot search adn destroy

I used that Hitman Pro man that is such a good program found more then what I found. I m defently going to put it on all my computers. To bad they cant do that with Anti-Viruses.

it really is a good program, though it can take some time to complete a scan. did it fix your problem???

Ya the computer is clean and running good. The bad news is that he had a neighbor build him the computer and it is saying the comuter is not genuin or somthing. I was wondering if there is a place to get it cheaper then 150.

AAAHH NOO NOT THE WGA!!! yeah thats not good. you can try to find an oem version of home. http://www.newegg.com/Product/Produc...82E16837102059

and pro http://www.newegg.com/Product/Produc...82E16837102062

Oem Give U The Keys Or Just The Cd.

i do believe they give you both. since it was intended for a mass purchases its priced cheaper. the standalones are the ones that cost the most due to the extra cardboard . It should come with both the key and the cd. i purchased an oem a year ago for a build and it had both.

I could post a list of all the active keys, but I think it may be against the rules so some one give me a heads up first!

If any of you guys have a key for free Ill take it. But got to talk 2 my cuz to see if he wants 2 pay that 89 bucks.
Also today I scanned one of my computers and it detected adaware. (I think that is right) the file name was pmnnl.dll in the system32. I deleted it and now the computer freezes when it gets a really good load or just random freezes. I scanned again and the same file is back saying its still adaware.

what did you scan it with? hitman? if not, hitman is an adware remover, run it on that pc and it should remove it. a lot of adware hides itself and reinstalls after you delete it, especially if the registry keys aren't removed (from what i understand. if i'm wrong somebody please let me know. don't want to give out bad info)

Okay Ill run Hitman

ran hitman is it didnt take it away still.

HOOOOOOOOOOOOOOOOLLLY SHIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIITT

Man go to safe mod and try to delete but my Advise

MAKE FCKING FORMAT

GOOD LUCK MAN