If I post a hijack this log, would anyone be able to tell me what it is?

Yes.    

it wouldn't work right because it said that permission was denied to the hosts file. this is what i got:
Logfile of HijackThis v1.99.1
Scan saved at 11:41:26 AM, on 4/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\WWPos\Synchronizer.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\WWPos\WWPos.exe
C:\PROGRA~1\WWPos\POSAudit.exe
C:\Program Files\Symantec AntiVirus\VPC32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\pos\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe
C:\WINDOWS\system32\rundll32.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pcspartners.net
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pcspartners.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.pcspartners.net/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = www.pcspartners.net
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 64.118.65.10:8080
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: web compressor - {23FB5ADD-DA37-4a40-9FC0-B0E2384CDE92} - C:\WINDOWS\system32\nsc82.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: RieMon Class - {70F6A776-579A-4C95-BA88-134253907752} - C:\WINDOWS\system32\irsmiclx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [w1fb872f.dll] RUNDLL32.EXE w1fb872f.dll,I2 0006a95401fb872f
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: bginfo.bat
O4 - Global Startup: Keyboard Express 2000.lnk
O4 - Global Startup: proxy.bat
O4 - Global Startup: Synchronizer.lnk = C:\Program Files\WWPos\Synchronizer.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: (no name) - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - (no file)
O9 - Extra 'Tools' menuitem: Java - {4ABF810A-F11D-4169-9D5F-7D274F2270A1} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {08F04139-8DFC-11D2-80E9-006008B066EE} (ConfigChkr Class) - https://onsite.verisign.com/services/MetroPCSspeedSUITEagentactivations/vscnfchk.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6F7864F9-DB33-11D3-8166-0060B0F885E6} (VSPTA Class) - https://onsite.verisign.com/services/MetroPCSspeedSUITEagentactivations/vspta3.cab
O16 - DPF: {9059F30F-4EB1-4BD2-9FDC-36F43A218F4A} (Microsoft RDP Client Control (redist)) - http://66.255.58.134/msrdp.cab
O16 - DPF: {9AC54695-69A4-46F1-BE10-10C74F9520D5} - http://cabs.elitemediagroup.net/cabs/mediaview.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A38C2F29-43FD-476C-99C5-B0A2A2EC82AF}: NameServer = 216.238.96.12,216.199.0.132
O17 - HKLM\System\CS1\Services\Tcpip\..\{A38C2F29-43FD-476C-99C5-B0A2A2EC82AF}: NameServer = 216.238.96.12,216.199.0.132
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Client32 - NetSupport Ltd - C:\PROGRA~1\NETSUP~2\client32.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: NetSupport DNA Client - NetSupport Ltd - C:\Program Files\Netsupport DNA\DNA\Client\DNAClient.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

Eww, there's quite a bit of nasty stuff there.

My advice:

Run your log file through this analyzer: http://www.hijackthis.de/

If you don't already have them, get the latest versions of Ad-Aware and Spybot S&D (google them) and update the definitions.

Run them both and let them do their thing. Then, since you seem to be using Symantec Antivirus, update the definitions and run that.

If any of the programs fail to run for whatever reason, restart in safemode (F8) and run them.

I've run S&D and Symantec. I deleted most of the registry values associated with the virus/trojan. I have the QoolAid and Spyware.SafeSurfing viruses. I've been updating and scanning for the past few days and still they keep coming back.

ok...the bad thing w/ me is don't use symantec, so don't use it. download avg free..try that...it is free it scan and removes...it has updates more frequenly than the paid version of norton...so it's a lot better so try that

Paid/free AVs dont always work... I should know.

I had this virus (now dubbed as HTML.REDLOC(F?).A or something) a long time back, and nothing - mcaffe, norton, nothing at all could remove it

I was too lazy to format, and being a programmer and all... I managed to get rid of it within 24 hours.

I'm not boasting - and I'm sorry as it puts tetrahost in a worse fix... But my point is there may be a way to physically get rid of it.

Try the common boot up locations after starting in safe mode, and use "msconfig" (Start > Run > msconfig) to look at boot up entries.

Dont fiddle with registry by hand, it can get really dirty.

Another thing I remember is a DLL file was being created by the virus on my machine, "kernels32.dll" - it doesnt exist in windows systems and it looks similar to a system file, so people are unlikely to delete it - you may have a similar situation on your hands.

Well, I can help otherwise, but I certainly can wish you good luck.

Have fun then.

Remember that you should always do important virus scans in safe mode, choose safe mode when booting up.

C:\DOCUME~1\pos\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe

Please put hijackthis in a permanant directory (c:\hijackthis) and post a new log, running in a temp directory poses problems.