Sounds like the viruses corrupted necessary files, and you're hooped, because it's wanting the original CD that the system was installed from. Maybe someone knows a work-around, or a fix, but I don't. Sorry.

I can pretty much guarantee you that spybot did no such thing. It was probably whatever infected your computer in the first place that is giving you that message. However, if you are still able to start your computer and run it, then I don't think that your windows files have been corrupted. If your computer were really missing files like that, it would be during boot up and you wouldn't be able to run your operating system at all. It sounds more like whatever infected your computer replace the windows files with it's own version, thus allowing your computer to run properly (well, kind of.)

I recommend taking your computer off the network, downloading hijackthis!, processxp, and anything else that others think you might need onto a CD. This part is important- It MUST be on a CD. Next, install the programs on your computer. ProcessXP does not need to be installed- you download an exe file that runs off of whatever source you download it to, so don't worry about installing that. Then reboot your computer in safe mode (no networking!), you can do this by pressing F8 before it gets to the windows splash screen. Run ProcessXP and make sure that there are only about 8-10 processes running. Anything more is run by the virus, and needs to be disabled. If you are unsure of what to disable, you can post the process names here and we will let you know. Run Hijackthis! and Spybot in safe mode, and WRITE DOWN EVERYTHING that spybot finds before you clean it up. You can save the HijackThis log file. When that's done, run your antivirus. Again, WRITE DOWN EVERYTHING that the program finds. Come back and post the hijackthis log as well as whatever spyware and viruses that spybot and your antivirus find. When you post your findings, we would also like to know which operating system you are running.

One last thing, before I leave you to get back to us with more info, is if you have any passwords stored on that computer, change them immediately on another machine that is not infected. Since we don't know what your computer is infected with (but it sounds potentially very nasty) then you could be losing your personal information. Don't stress about credit cards yet, but keep a very close eye on balances and if you see anything remotely suspicious, report it immediately and request a change of information. Hope to hear from you soon!

You'll never get it working right, even if everything is clean. The path of least resistance is to hook up your hard drive as a secondary to a working system (You are sure it's clean right?) and backup the important stuff.

Format

Reload Windows. (Or Ubuntu)

If you really want to avoid a format and reload Shabo's advice is the best.

Whoa, you guys have me totally freaked out. Thank you so far for your tips and advice.

I ran processxp in safe mode and this is what is running:

Process

System Idle Process
Interrupts
DPCs
System
smss.exe
csrss.exe
winlogon.exe
services.exe
svchost.exe
igfxsrvc.exe
svchost.exe
svchost.exe
lsass.exe
ZCfgSvc.exe
explorer.exe
procexp.exe
ctfmon.exe
ctfmon .exe

Anything here that's bad?? Is ctfmon.exe supposed to be running? That's the only one I don't really know about.

Really, you have two options here.

1. You can try to clean it. Generally, it's not worth the effort to clean. But you're welcome to do so. You can find the files that are being requested by downloading service pack 2 (separately), and extracting it to disk (not installing). MS support has a page describing how to do this. Once that's done, you can tell the popup where that directory is, and it will take the files from there.

Ask if you need more details, and I'll be happy to help.

2. Recommended: Just reformat. Back up your data like others have told you, then go read this thread. I give fairly decent steps on what to do before formatting, and after formatting, to clean up the PC.

Again, ask if you need more details. I'll help out as much as I can.

Okay, I'm leaning towards reinstallation. I have the disk that came with my laptop: Windows XP Home Edition Service Pack 2. Just use that, right? I don't have to use that step in the other thread where it said to make a CD of Windows SP2, correct?

Then I use the other CD called "devices and utilities already installed"?

Forgive me for the questions, I've never had to reinstall Windows before. Does the Windows XP cd have Microsoft office on it? That's important for my work and school work--I can't seem to find a cd in my files for Office.

You are correct about not needing to download service pack 2. It's already on your disk.

Chances are very good that all your drivers are on your drivers and utilities disk, though it wouldn't hurt to downloaded them from Dell again, just to get the latest versions.

Finally, no, Office does not come on the Windows disk. If it came with your computer, then it would like be on your "Applications" disk, but make sure before you begin reformatting.

Also, check the computer itself. Somewhere on the outside of the case (or the bottom if this is a laptop) you will find a product key on a sticker. Make sure you have found it before installing, as Windows will format your hard drive and then ask you for it, and that's probably the worst time to discover you can't find it.

Okay, I can't find that stupid applications disk. Funny how I found everything else together in my folder, but not that. It's okay, because I was going to download and install the new Office later on. Do you know what else would be on the applications disk? What about internet explorer? Thank you.

Probably nothing you would actually want.

IE comes with Windows, built in. Alternatives, if you are willing to try them:

FireFox and OpenOffice.org

As for other alternatives, I would need to know what you use.

I haven't reinstalled yet--I'll probably do it tomorrow, but before I do--I've downloaded that avast anti virus from the other thread and it keeps detecting a trojan and it can't seem to delete it. I've tried to on my own, in normal and safe mode.

It's called pmkji.dll and there's pmkji.exe, too. When I try to delete it, it says that it's being used by another process. Any other ways to delete this?

Thanks for your help.

This is going to require a bit of luck. Mainly because the malware authors are getting better.

on your computer, do ctrl-alt-delete, and click 'Task Manager'. If it comes up, search for pmkji.exe in your processes list, and hit 'end task'. If you're lucky, it will die, and not come back, which will allow Avast to clean it.

If not, it's harder, and more than I would like to type right now. Also involves the use of other tools that take some small bit of training (not hard, but not your normal tools to use). Let me know if this fails, and I will type it out if need be.

the .exe isn't on the process list. Sorry.

Any tips would be appreciated, but please don't rush; I'm in no big hurry. Thanks again!

As it turns out, it's not as complex as I thought. I just re-read documentation.

PSKill. Download the PsTools package. Install it. It will place a program called "pskill.exe" somewhere on your computer. Use the search tool, and find it.

For my directions below, I will assume "c:\program files\sysinternals\bin". Change this name to the appropriate directory.

1. Start->Run
2. Type "cmd", and click "OK"
3. Type this command and hit enter: cd "c:\program files\sysinternals\bin"
   Make sure to change the text to the correct folder name, and to use the " around the folder name.
4. Type this command and hit enter: pskill pmkji.exe

And hope that does it. try running avast, and see if it purges it. If so, good. If not, on with the reformat. There's probably other methods, but they get into the realm of "not comfortable telling you how to do it without standing over your shoulder to make sure that I'm giving you good directions".

You know, before I tried this, I tried to deleting that file one more time to see what happened and managed to do so (the .dll and the .exe), along with something call wvustu.dll that I saw created itself yesterday at about the time my system was attacked and it was right next to the pmkji files. When I restarted, I no longer received the "windows missing these files" error, but that pmkji.dll file was back, but not the .exe.

But later on I received a DEP error with windows explorer? *sigh* It's never ending. I hate viruses.

I'll try your pskill advice and get back to you tomorrow. Thanks!