I got hit hard with this and it is driving me mad. I am not the most computer savvy person in the world and desperately need help. I just bought Kaspersky and I can't even load it as it seems like the virus is blocking any attempt to install. I ran a log per your instructions and posted them below. Any help is appreciated.
Thanks
Index % of PCs with item Code Data
1 0.0% O1 ::1 localhost
2 0.0% O1 91.206.201.8 oemantivir.microsoft.com
3 0.0% O1 91.206.201.8 oemantivir.com
4 0.0% O1 91.206.201.8 oemantivir.com
68 0.0% P01 C:\WINDOWS\Explorer.EXE
69 0.0% P01 C:\WINDOWS\system32\svchost.exe
70 0.0% P01 C:\WINDOWS\system32\lsass.exe
71 0.0% P01 C:\WINDOWS\system32\winlogon.exe
72 0.0% P01 C:\WINDOWS\system32\services.exe
73 0.0% P01 C:\WINDOWS\System32\smss.exe
74 0.0% P01 C:\WINDOWS\system32\spoolsv.exe
75 0.0% P01 C:\WINDOWS\system32\ctfmon.exe
76 0.0% P01 C:\Program Files\Internet Explorer\iexplore.exe
77 0.0% P01 C:\WINDOWS\system32\wuauclt.exe
78 0.0% P01 C:\WINDOWS\system32\NOTEPAD.EXE
79 0.0% P01 C:\Program Files\iPod\bin\iPodService.exe
80 0.0% P01 C:\Program Files\iTunes\iTunesHelper.exe
81 0.0% P01 C:\Program Files\Mozilla Firefox\firefox.exe
82 0.0% P01 C:\WINDOWS\System32\hkcmd.exe
83 0.0% P01 C:\WINDOWS\System32\dllhost.exe
84 0.0% P01 C:\WINDOWS\eHome\ehSched.exe
85 0.0% P01 C:\WINDOWS\eHome\ehRecvr.exe
86 0.0% P01 C:\Windows\ehome\ehtray.exe
87 0.0% P01 C:\Windows\ehome\ehmsas.exe
88 0.0% P01 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
89 0.0% P01 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
90 0.0% P01 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
91 0.0% P01 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
92 0.0% P01 C:\WINDOWS\system32\dla\tfswctrl.exe
93 0.0% P01 C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
94 0.0% P01 C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
95 0.0% P01 C:\Program Files\Digital Line Detect\DLG.exe
96 0.0% P01 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
97 0.0% P01 C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
98 0.0% P01 C:\Program Files\Viewpoint\Common\ViewpointService.exe
99 0.0% P01 C:\Program Files\Apoint\Apntex.exe
100 0.0% P01 C:\Program Files\Apoint\Apoint.exe
101 0.0% P01 C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
102 0.0% P01 C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
103 0.0% P01 C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
104 0.0% P01 C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
105 0.0% P01 C:\Program Files\Bonjour\mDNSResponder.exe
106 0.0% P01 C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
107 0.0% P01 C:\Program Files\DellSupport\DSAgnt.exe
108 0.0% P01 C:\Program Files\Microsoft Office\Office\OSA.EXE
109 0.0% P01 C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
110 0.0% P01 C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
111 0.0% P01 C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
112 0.0% P01 C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
113 0.0% P01 C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
114 0.0% P01 C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
115 0.0% P01 C:\Program Files\Dell Support Center\bin\sprtsvc.exe
116 0.0% P01 C:\Program Files\Dell Support Center\bin\sprtcmd.exe
117 0.0% P01 C:\Program Files\lqhrge\yuqisysguard.exe
118 0.0% P01 C:\Documents and Settings\Rob\Desktop\winlogon.exe
119 0.0% P01 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
120 0.0% P01 C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
121 0.0% P01 C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
122 0.0% P01 C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
123 0.0% P01 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
124 0.0% R0 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
125 0.0% R0 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie8
126 0.0% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
127 0.0% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
128 0.0% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
129 0.0% R1 HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
130 0.0% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
131 0.0% R1 HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
132 0.0% R1 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
133 0.0% R1 HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
134 0.0% R1 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
Explanation of the codes
R - Registry, StartPage/SearchPage changes
* R0 - Changed registry value
* R1 - Created registry value
* R2 - Created registry key
* R3 - Created extra registry value where only one should be
F - IniFiles, autoloading entries
* F0 - Changed inifile value
* F1 - Created inifile value
* F2 - Changed inifile value, mapped to Registry
* F3 - Created inifile value, mapped to Registry
N - Netscape/Mozilla StartPage/SearchPage changes
* N1 - Change in prefs.js of Netscape 4.x
* N2 - Change in prefs.js of Netscape 6
* N3 - Change in prefs.js of Netscape 7
* N4 - Change in prefs.js of Mozilla
O - Other, several sections which represent:
* O1 - Hijack of auto.search.msn.com with Hosts file
* O2 - Enumeration of existing MSIE BHO's
* O3 - Enumeration of existing MSIE toolbars
* O4 - Enumeration of suspicious autoloading Registry entries
* O5 - Blocking of loading Internet Options in Control Panel
* O6 - Disabling of 'Internet Options' Main tab with Policies
* O7 - Disabling of Regedit with Policies
* O8 - Extra MSIE context menu items
* O9 - Extra 'Tools' menuitems and buttons
* O10 - Breaking of Internet access by New.Net or WebHancer
* O11 - Extra options in MSIE 'Advanced' settings tab
* O12 - MSIE plugins for file extensions or MIME types
* O13 - Hijack of default URL prefixes
* O14 - Changing of IERESET.INF
* O15 - Trusted Zone Autoadd
* O16 - Download Program Files item
* O17 - Domain hijack
* O18 - Enumeration of existing protocols and filters
* O19 - User stylesheet hijack
* O20 - AppInit_DLLs autorun Registry value, Winlogon Notify Registry keys
* O21 - ShellServiceObjectDelayLoad (SSODL) autorun Registry key
* O22 - SharedTaskScheduler autorun Registry key
* O23 - Enumeration of NT Services
* O24 - Enumeration of ActiveX Desktop Components
Thanks
Index % of PCs with item Code Data
1 0.0% O1 ::1 localhost
2 0.0% O1 91.206.201.8 oemantivir.microsoft.com
3 0.0% O1 91.206.201.8 oemantivir.com
4 0.0% O1 91.206.201.8 oemantivir.com
68 0.0% P01 C:\WINDOWS\Explorer.EXE
69 0.0% P01 C:\WINDOWS\system32\svchost.exe
70 0.0% P01 C:\WINDOWS\system32\lsass.exe
71 0.0% P01 C:\WINDOWS\system32\winlogon.exe
72 0.0% P01 C:\WINDOWS\system32\services.exe
73 0.0% P01 C:\WINDOWS\System32\smss.exe
74 0.0% P01 C:\WINDOWS\system32\spoolsv.exe
75 0.0% P01 C:\WINDOWS\system32\ctfmon.exe
76 0.0% P01 C:\Program Files\Internet Explorer\iexplore.exe
77 0.0% P01 C:\WINDOWS\system32\wuauclt.exe
78 0.0% P01 C:\WINDOWS\system32\NOTEPAD.EXE
79 0.0% P01 C:\Program Files\iPod\bin\iPodService.exe
80 0.0% P01 C:\Program Files\iTunes\iTunesHelper.exe
81 0.0% P01 C:\Program Files\Mozilla Firefox\firefox.exe
82 0.0% P01 C:\WINDOWS\System32\hkcmd.exe
83 0.0% P01 C:\WINDOWS\System32\dllhost.exe
84 0.0% P01 C:\WINDOWS\eHome\ehSched.exe
85 0.0% P01 C:\WINDOWS\eHome\ehRecvr.exe
86 0.0% P01 C:\Windows\ehome\ehtray.exe
87 0.0% P01 C:\Windows\ehome\ehmsas.exe
88 0.0% P01 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
89 0.0% P01 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
90 0.0% P01 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
91 0.0% P01 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
92 0.0% P01 C:\WINDOWS\system32\dla\tfswctrl.exe
93 0.0% P01 C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
94 0.0% P01 C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
95 0.0% P01 C:\Program Files\Digital Line Detect\DLG.exe
96 0.0% P01 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
97 0.0% P01 C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
98 0.0% P01 C:\Program Files\Viewpoint\Common\ViewpointService.exe
99 0.0% P01 C:\Program Files\Apoint\Apntex.exe
100 0.0% P01 C:\Program Files\Apoint\Apoint.exe
101 0.0% P01 C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
102 0.0% P01 C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
103 0.0% P01 C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
104 0.0% P01 C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
105 0.0% P01 C:\Program Files\Bonjour\mDNSResponder.exe
106 0.0% P01 C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
107 0.0% P01 C:\Program Files\DellSupport\DSAgnt.exe
108 0.0% P01 C:\Program Files\Microsoft Office\Office\OSA.EXE
109 0.0% P01 C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
110 0.0% P01 C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
111 0.0% P01 C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
112 0.0% P01 C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
113 0.0% P01 C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
114 0.0% P01 C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
115 0.0% P01 C:\Program Files\Dell Support Center\bin\sprtsvc.exe
116 0.0% P01 C:\Program Files\Dell Support Center\bin\sprtcmd.exe
117 0.0% P01 C:\Program Files\lqhrge\yuqisysguard.exe
118 0.0% P01 C:\Documents and Settings\Rob\Desktop\winlogon.exe
119 0.0% P01 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
120 0.0% P01 C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
121 0.0% P01 C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
122 0.0% P01 C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
123 0.0% P01 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
124 0.0% R0 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
125 0.0% R0 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie8
126 0.0% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
127 0.0% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
128 0.0% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
129 0.0% R1 HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
130 0.0% R1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
131 0.0% R1 HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
132 0.0% R1 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
133 0.0% R1 HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell4me.com/myway
134 0.0% R1 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
Explanation of the codes
R - Registry, StartPage/SearchPage changes
* R0 - Changed registry value
* R1 - Created registry value
* R2 - Created registry key
* R3 - Created extra registry value where only one should be
F - IniFiles, autoloading entries
* F0 - Changed inifile value
* F1 - Created inifile value
* F2 - Changed inifile value, mapped to Registry
* F3 - Created inifile value, mapped to Registry
N - Netscape/Mozilla StartPage/SearchPage changes
* N1 - Change in prefs.js of Netscape 4.x
* N2 - Change in prefs.js of Netscape 6
* N3 - Change in prefs.js of Netscape 7
* N4 - Change in prefs.js of Mozilla
O - Other, several sections which represent:
* O1 - Hijack of auto.search.msn.com with Hosts file
* O2 - Enumeration of existing MSIE BHO's
* O3 - Enumeration of existing MSIE toolbars
* O4 - Enumeration of suspicious autoloading Registry entries
* O5 - Blocking of loading Internet Options in Control Panel
* O6 - Disabling of 'Internet Options' Main tab with Policies
* O7 - Disabling of Regedit with Policies
* O8 - Extra MSIE context menu items
* O9 - Extra 'Tools' menuitems and buttons
* O10 - Breaking of Internet access by New.Net or WebHancer
* O11 - Extra options in MSIE 'Advanced' settings tab
* O12 - MSIE plugins for file extensions or MIME types
* O13 - Hijack of default URL prefixes
* O14 - Changing of IERESET.INF
* O15 - Trusted Zone Autoadd
* O16 - Download Program Files item
* O17 - Domain hijack
* O18 - Enumeration of existing protocols and filters
* O19 - User stylesheet hijack
* O20 - AppInit_DLLs autorun Registry value, Winlogon Notify Registry keys
* O21 - ShellServiceObjectDelayLoad (SSODL) autorun Registry key
* O22 - SharedTaskScheduler autorun Registry key
* O23 - Enumeration of NT Services
* O24 - Enumeration of ActiveX Desktop Components