My neighbor's computer has a file, yod.htm, which resides in C:\Windows, which puts a message of spyware infection on the desktop which I can't get rid of. I am unable or do not have access to change any settings in the registry, msconfig, file folders, nothing anywhere. It totatlly locks me out of making any changes in any windows. This file does not load in Safe Mode. Tried using Command Prompt to delete it, but it just keeps coming back. Spybot, AdAware, Windows Defender, AVG antivirus does not get rid of this. Any information or help would be appreciated. Thanks.

From you neighbors computer.Please post a Hijack This log so that the files associated with the virus/spyware/hijacker can be identified. Please download HJTsetup.exe from this link http://www.thespykiller.co.uk/files/HJTsetup.exe to your desktop.
Doubleclick on the HJTsetup.exe icon on your desktop. By default it will install to C:\Program Files\Hijack This. Continue to click "next" in the setup dialogue boxes until you get to the "Select Addition Tasks" dialogue.
Put a check by "Create a desktop icon" then click "Next" again.

Continue to follow the rest of the prompts from there.
At the final dialogue box click "Finish" and it will launch Hijack This.

Before running the scan rename hijackthis.exe as that sometime helps locate the baddies. Go to start> search> files and folders> type in the top space "hijackthis.exe" without the quotes> click search> when it is found in the right pane (looks like a pile of dynamite)>right click on it> click rename> rename it "show.exe" without the quotes> click a blank space on the screen.

Click on the "Do a system scan and save a logfile" button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log and post it in this thread.

Do not fix anything yet unless you know what you are doing. This is a powerful tool that can crash the computer if used improperly.

Please download SmitRemFix from this link http://siri.urz.free.fr/Fix/SmitfraudFix.zip Then extract the contents to your desktop.

Do not run any other option than the one requested as doing so will damage the desktop of an uninfected computer

Open the "SmitfraudFix" folder and double-click "smitfraudfix.cmd"
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.

Jabuck: Thanks, we'll give this a try. I will get back to you with some results. I have to wait for my neighbor to gain access to his computer when he is available and ready.

Jabuck: My neighbor decided to go ahead with a complete clean re-install of his OS instead. I made a copy of your response and will file it in my troubleshooting notebook for future use. Thanks for the information. Just wanted to give you this feedback. Thanks again.

Thank for the feedback, nice of you to lets us know the resolve.

Thanks buddy you just saved me abuot 4 hours work!! i've been removing this B**CH manually and it was a nightmare,and you've just turned it in a wonderful dream about naked women on a bouncy castle!!!