Task Manager will not work

Greetings..

Task Manager on one of our pc's will not work.. This began with the user getting the Windows Protection Suite "virus" .. I ran Malwarebytes and Super Anti Spyware.. This prevents the WPS from popping up everytime, but remnants of the virus still exist, such as the task manager not opening. I ran Hijack This and noticed several things in the host file that shouldn't have been there. Tried to clean that up but the hosts file was locked.. After running Avenger and actually getting the hosts file deleted, that problem has cleared up, but I am still unable to open the Task Manager.. Below is the new Hijack This log file.. Any help would be appreciated!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:26:00 AM, on 9/25/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237320523080
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1237320182010
O16 - DPF: {76A2A0AB-38B7-46DB-8E47-F10CDE4D7920} - http://aerial.leepa.org/ecwplugins/NCS.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = LIFE.LOCAL
O17 - HKLM\Software\..\Telephony: DomainName = LIFE.LOCAL
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = LIFE.LOCAL
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = LIFE.LOCAL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 4525 bytes

Thanks for your reply.. Here it is..


DDS (Ver_09-09-24.01) - NTFSx86
Run by Administrator at 8:20:17.03 on Mon 09/28/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.277 [GMT -4:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrator.PREFERRE-3BAE05\Local Settings\Temporary Internet Files\Content.IE5\IJTCVEOP\dds[1].scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [AlcWzrd] ALCWZRD.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237320523080
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1237320182010
DPF: {76A2A0AB-38B7-46DB-8E47-F10CDE4D7920} - hxxp://aerial.leepa.org/ecwplugins/NCS.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxsrvc.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-9-15 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-9-15 74480]
R2 LogWatch;Event Log Watch;c:\program files\ca\sharedcomponents\ca_lic\LogWatNT.exe [2002-9-20 53248]
S3 CA_LIC_CLNT;CA License Client;c:\program files\ca\sharedcomponents\ca_lic\lic98rmt.exe [2002-9-20 77824]
S3 CA_LIC_SRVR;CA License Server;c:\program files\ca\sharedcomponents\ca_lic\lic98rmtd.exe [2002-9-20 77824]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-9-15 7408]
S3 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2005-1-26 280344]

=============== Created Last 30 ================

2009-09-25 08:35 --d----- c:\program files\Trend Micro
2009-09-25 08:24 --d----- c:\windows\pss
2009-09-24 16:13 --d----- c:\docume~1\alluse~1\applic~1\XoftSpySE
2009-09-24 15:57 --d----- c:\docume~1\admini~1.pre\applic~1\Malwarebytes
2009-09-24 15:51 --d-h--- c:\windows\system32\GroupPolicy
2009-09-24 15:12 --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-09-24 15:12 --d----- c:\program files\SUPERAntiSpyware
2009-09-24 11:02 --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-09-09 13:53 3,245 a------- c:\windows\system32\wbem\Outlook_01ca317679e41c58.mof
2009-09-09 07:38 153,088 -c------ c:\windows\system32\dllcache\triedit.dll

==================== Find3M ====================

2009-08-20 09:15 107,888 a------- c:\windows\system32\CmdLineExt.dll
2009-08-05 05:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-07-17 15:01 58,880 a------- c:\windows\system32\atl.dll
2009-07-13 10:08 286,720 a------- c:\windows\system32\wmpdxm.dll

============= FINISH: 8:20:37.46 ===============

Download the GMER rootkit scan from here: GMER

1. Unzip it and start GMER.
   
2. Click the >>> tab and then click the Scan button.
   
3. Once done, click the Copy button.
   
4. This will copy the results to your clipboard.
   
5. Paste the results in your next reply.
   

Note:
If you're having problems with running GMER.exe, try it in safe mode. This tools works in safe mode.
You can also try renaming it since some malware blocks GMER.

GMER 1.0.15.15087 - http://www.gmer.net
Rootkit scan 2009-09-28 13:15:43
Windows 5.1.2600 Service Pack 3
Running: mluusbdm.exe; Driver: C:\DOCUME~1\ADMINI~1.PRE\LOCALS~1\Temp\pxtdqpog.sys


---- Kernel code sections - GMER 1.0.15 ----

? xymwjh.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Internet Explorer\iexplore.exe[2348] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E1DF4B9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2348] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E351F8F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2348] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E351F10 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2348] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E351F54 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2348] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E351E9C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2348] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E351ED6 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2348] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E351FCA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2348] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E2017EA C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2348] ole32.dll!OleLoadFromStream 77529C85 5 Bytes JMP 3E35218C C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Hello.

You aren't running Anti Virus Software

Please install Avira antivirus otherwise you won't be protected.

1) Antivir PersonalEditionClassic
-Free anti-virus software for Windows.
-Detects and removes more than 50,000 viruses. Free support.

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts.

Perform a full scan with Avira and let it delete everything it is finding.
Then reboot.
After reboot, open your Avira and select "reports".
There doubleclick the report from the Full scan you have done. Click the "Report File" button and copy and paste this report in your next reply.

Avira AntiVir Personal
Report file date: Monday, September 28, 2009 14:35

Scanning for 1756516 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : CDS01

Version information:
BUILD.DAT : 9.0.0.407 17961 Bytes 7/29/2009 10:34:00
AVSCAN.EXE : 9.0.3.7 466689 Bytes 7/21/2009 18:36:14
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 15:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 16:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 15:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 17:30:36
ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 6/24/2009 14:21:42
ANTIVIR2.VDF : 7.1.6.1 3857920 Bytes 9/16/2009 18:33:48
ANTIVIR3.VDF : 7.1.6.47 518144 Bytes 9/28/2009 18:33:55
Engineversion : 8.2.1.27
AEVDF.DLL : 8.1.1.2 106867 Bytes 9/28/2009 18:34:18
AESCRIPT.DLL : 8.1.2.33 479611 Bytes 9/28/2009 18:34:17
AESCN.DLL : 8.1.2.5 127346 Bytes 9/28/2009 18:34:15
AERDL.DLL : 8.1.2.4 430452 Bytes 7/23/2009 14:59:39
AEPACK.DLL : 8.2.0.0 422261 Bytes 9/28/2009 18:34:14
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 7/23/2009 14:59:39
AEHEUR.DLL : 8.1.0.155 1921400 Bytes 9/28/2009 18:34:10
AEHELP.DLL : 8.1.7.0 237940 Bytes 9/28/2009 18:34:00
AEGEN.DLL : 8.1.1.66 364917 Bytes 9/28/2009 18:33:58
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/9/2008 19:32:40
AECORE.DLL : 8.1.8.1 184693 Bytes 9/28/2009 18:33:56
AEBB.DLL : 8.1.0.3 53618 Bytes 10/9/2008 19:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 13:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 12/5/2008 15:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 19:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 15:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 20:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 15:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 20:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 13:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 15:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 5/15/2009 20:39:58
RCTEXT.DLL : 9.0.37.0 86785 Bytes 4/17/2009 15:19:48

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Monday, September 28, 2009 14:35

Starting search for hȋdden objects.
'79208' objects were checked, '0' hȋdden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'msiexec.exe' - '1' Module(s) have been scanned
Scan process 'notepad.exe' - '1' Module(s) have been scanned
Scan process 'notepad.exe' - '1' Module(s) have been scanned
Scan process 'notepad.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'LogWatNT.exe' - '1' Module(s) have been scanned
Scan process 'cvpnd.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process 'ALCWZRD.EXE' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
35 processes with 35 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '59' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\WLUJ0NQN\ii_nt86[2].exe
[0] Archive type: CAB SFX (self extracting)
--> Readme\porrme.txt
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc17.Win\50comupd.exe
[0] Archive type: RSRC
--> Object
[1] Archive type: CAB (Microsoft)
--> comcnt.dll
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc17.Win\Cpackage.exe
[0] Archive type: RSRC
--> Object
[1] Archive type: CAB (Microsoft)
--> AVH32DLL.DLL
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc17.Win\prf9C.tmp
[0] Archive type: RSRC
--> Object
[1] Archive type: CAB (Microsoft)
--> inoweb.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc17.Win\webpkg.exe
[0] Archive type: RSRC
--> Object
[1] Archive type: CAB (Microsoft)
--> inoweb.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc30\Rollout\AVServer\SERVER\WINNT\prf13E.tmp
[0] Archive type: CAB (Microsoft)
--> vpshell2.dll.ECFEE69D_DA66_4F00_ABE5_54E931059C01
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\eAV_S.Win\50comupd.exe
[0] Archive type: RSRC
--> Object
[1] Archive type: CAB (Microsoft)
--> comcnt.dll
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\eAV_S.Win\Cpackage.exe
[0] Archive type: RSRC
--> Object
[1] Archive type: CAB (Microsoft)
--> AVH32DLL.DLL
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\eAV_S.Win\prfFC.tmp
[0] Archive type: RSRC
--> Object
[1] Archive type: CAB (Microsoft)
--> inoweb.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\eAV_S.Win\webpkg.exe
[0] Archive type: RSRC
--> Object
[1] Archive type: CAB (Microsoft)
--> inoweb.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\problem fix 5-3-04\prf19A.tmp
[0] Archive type: RSRC
--> Object
[1] Archive type: CAB (Microsoft)
--> URLMON.DLL
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Fix\ClnPoza.zip
[0] Archive type: ZIP
--> ClnPoza.com
[DETECTION] Is the TR/Agent.345600.3 Trojan
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Fix\ClnPoza\ClnPoza.com
[DETECTION] Is the TR/Agent.345600.3 Trojan
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Fixes\Worm Fix\ClnPoza.zip
[0] Archive type: ZIP
--> ClnPoza.com
[DETECTION] Is the TR/Agent.345600.3 Trojan
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Fixes\Worm Fix\ClnPoza\ClnPoza.com
[DETECTION] Is the TR/Agent.345600.3 Trojan
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Info\Worm Fix\ClnPoza.zip
[0] Archive type: ZIP
--> ClnPoza.com
[DETECTION] Is the TR/Agent.345600.3 Trojan
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Info\Worm Fix\ClnPoza\ClnPoza.com
[DETECTION] Is the TR/Agent.345600.3 Trojan
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Info\Worm Fixes\Worm Fix\ClnPoza.zip
[0] Archive type: ZIP
--> ClnPoza.com
[DETECTION] Is the TR/Agent.345600.3 Trojan
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Info\Worm Fixes\Worm Fix\ClnPoza\ClnPoza.com
[DETECTION] Is the TR/Agent.345600.3 Trojan
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc5\Acrobat8\Adobe Acrobat 8 Professional\prf616.tmp
[0] Archive type: CAB (Microsoft)
--> A_ProductLicense_MD_N.bmp
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\System Volume Information\_restore{AE20F306-C542-4AC8-88B6-7648D5B43B8B}\RP910\A0078290.exe
[DETECTION] Is the TR/FraudPack.szj Trojan

Beginning disinfection:
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Fix\ClnPoza.zip
[NOTE] The file was moved to '4b2f0c01.qua'!
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Fix\ClnPoza\ClnPoza.com
[DETECTION] Is the TR/Agent.345600.3 Trojan
[NOTE] The file was moved to '4a45fcb2.qua'!
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Fixes\Worm Fix\ClnPoza.zip
[NOTE] The file was moved to '4a49dd92.qua'!
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Fixes\Worm Fix\ClnPoza\ClnPoza.com
[DETECTION] Is the TR/Agent.345600.3 Trojan
[NOTE] The file was moved to '4a4ac5ca.qua'!
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Info\Worm Fix\ClnPoza.zip
[NOTE] The file was moved to '4a47ed22.qua'!
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Info\Worm Fix\ClnPoza\ClnPoza.com
[DETECTION] Is the TR/Agent.345600.3 Trojan
[NOTE] The file was moved to '4802e98a.qua'!
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Info\Worm Fixes\Worm Fix\ClnPoza.zip
[NOTE] The file was moved to '4801e152.qua'!
C:\RECYCLER\S-1-5-21-725345543-861567501-839522115-500\Dc33\Worm Info\Worm Fixes\Worm Fix\ClnPoza\ClnPoza.com
[DETECTION] Is the TR/Agent.345600.3 Trojan
[NOTE] The file was moved to '4b2f0c02.qua'!
C:\System Volume Information\_restore{AE20F306-C542-4AC8-88B6-7648D5B43B8B}\RP910\A0078290.exe
[DETECTION] Is the TR/FraudPack.szj Trojan
[NOTE] The file was moved to '4af10bc6.qua'!


End of the scan: Monday, September 28, 2009 15:16
Used time: 40:35 Minute(s)

The scan has been done completely.

5421 Scanned directories
224039 Files were scanned
9 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
9 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
224029 Files not concerned
2105 Archives were scanned
24 Warnings
10 Notes
79208 Objects were scanned with rootkit scan
0 hȋdden objects were found

Hello.

Download ATF Cleaner

• Double-click ATF-Cleaner.exe to run the program.
  
• Click Select All found at the bottom of the list.
  
• Click the Empty Selected button.
  

If you use Firefox browser, do this also:

• Click Firefox at the top and choose Select All from the list.
  
• Click the Empty Selected button.
  
• NOTE : If you would like to keep your saved passwords, please click No at the prompt.
  

If you use Opera browser, do this also:

• Click Opera at the top and choose Select All from the list.
  
• Click the Empty Selected button.
  
• NOTE : If you would like to keep your saved passwords, please click No at the prompt.
  

Click Exit on the Main menu to close the program.

We need to make a new restore point.

To turn off System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (or the Turn off System Restore on all drives check box), and then click OK.
4. Click Yes when you receive the prompt to the turn off System Restore.

Now we need to make a new restore point.
To turn on System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (To turn on System Restore), and then click OK.

How is the machine running now?

Thanks for your reply..

Task Manager still won't open.