[Masknight]

This may seem strange but as I said in the description, every time I right click on the desktop to get that little menu that says properties, arrange icons, etc my computer usually freezes or takes a LONG time for the menu to show up. Also, when it's got the hourglass symbol and loading the menu, all the program windows I've got up are still functioning, but if I move them, they get laggy so lots of copies of the windows appear. I don't know if its related, but I also have problems viewing some websites, as the pictures all show up with little red x boxes in the top left corners. My computer has generally been running very slow as well. I also get random IMs from bots that advertise websites to me. I ran both ewido and HiJack this in safe mode and have the reports. I'd really appreciate any help you guys could give me. You do some excellent work here and I'd like to say thanks in advance.

HiJack This Log:

Logfile of HijackThis v1.99.1
Scan saved at 5:05:05 AM, on 5/21/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O1 - Hosts: 216.239.51.99 www.kazaa-gold.com
O1 - Hosts: 216.239.51.99 kazaagold.com
O1 - Hosts: 216.239.51.99 www.kazaa-download.de
O1 - Hosts: 216.239.51.99 www.mp3downloadhq.com
O1 - Hosts: 216.239.51.99 www.easymusicdownload.com
O1 - Hosts: 216.239.51.99 easymusicdownload.com
O1 - Hosts: 216.239.51.99 www.mp3madeeasy.com
O1 - Hosts: 216.239.51.99 www.monstershare.com
O1 - Hosts: 216.239.51.99 monstershare.com
O1 - Hosts: 216.239.51.99 www.kazaa-plus.net
O1 - Hosts: 216.239.51.99 kazaa-plus.net
O1 - Hosts: 216.239.51.99 www.kazaa-plus.com
O1 - Hosts: 216.239.51.99 www.edonkey.com
O1 - Hosts: 216.239.51.99 www.kazaa-file-sharing-downloads.com
O1 - Hosts: 216.239.51.99 www.kazaaplatinum.com
O1 - Hosts: 216.239.51.99 www.madeformusic.com
O1 - Hosts: 216.239.51.99 www.ikazaa.net
O1 - Hosts: 216.239.51.99 ikazaa.net
O1 - Hosts: 216.239.51.99 www.mp3u.com
O1 - Hosts: 216.239.51.99 www.mp3specialty.com
O1 - Hosts: 216.239.51.99 music-download-world.com
O1 - Hosts: 216.239.51.99 song-download-world.com
O1 - Hosts: 216.239.51.99 www.flixs.net
O1 - Hosts: 216.239.51.99 www.ishareit.net
O1 - Hosts: 216.239.51.99 www.ishareit.com
O1 - Hosts: 216.239.51.99 www.download-doctor.com
O1 - Hosts: 216.239.51.99 www.ezmp3download.com
O1 - Hosts: 216.239.51.99 www.kazaamedia.com
O1 - Hosts: 216.239.51.99 mp3-network.com
O1 - Hosts: 216.239.51.99 www.mp3-network.com
O1 - Hosts: 216.239.51.99 www.mp3grandcentral.net
O1 - Hosts: 216.239.51.99 www.mp333.com
O1 - Hosts: 216.239.51.99 www.kazaamate.com
O1 - Hosts: 216.239.51.99 www.kazaa-download.de
O1 - Hosts: 216.239.51.99 www.emule.biz
O1 - Hosts: 216.239.51.99 www.kazaam8.tk
O1 - Hosts: 216.239.51.99 www.rippro.com
O1 - Hosts: 216.239.51.99 www.kaaza.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [Dell|Alert] C:\Program Files\Dell\Support\Alert\bin\DAMon.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RAM Idle] C:\Program Files\RAM Idle Standard\RAM_2K.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [McRegWiz] c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [DIAGENT] C:\Program Files\Creative\SBLive\Creative Diagnostics 2.0\DIAGENT.EXE startup
O4 - HKLM\..\Run: [ConMgr.exe] "C:\Program Files\EarthLink 5.0\ConMgr.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iamapp] C:\PROGRA~1\SYMANT~1\SYMANT~1\IAMAPP.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Tracks Eraser Pro] C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe min
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.indiapres...fr/tdserver.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse....iveX/winrep.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1118095180448
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://ftp.us.dell.c...es/PROFILER.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.ao.../ampx_en_dl.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec Client Firewall Service (NISSERV) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISSERV.EXE
O23 - Service: Symantec Client Firewall Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISUM.EXE
O23 - Service: Symantec Client Firewall Proxy Service (SymPxSvc) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\SymPxSvc.exe
O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe



Ewido Report:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 4:33:27 PM, 5/23/2006
+ Report-Checksum: 30DB80B3

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{1D626295-5E91-2B59-7E71-D5BE067A9719} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2B7E95AD-F49A-B2B2-7702-10D4ABFF9B32} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{349E1E95-2B1A-6197-C0B2-772F2AD2A94E} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{41D03FC6-E713-D657-C73A-B846254D0077} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{424D322F-007D-619B-BC17-63F3201B9FED} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4B1013E8-F567-66FB-F819-618EA93458EB} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5395C6CC-9119-AA2E-B008-2D31A543B883} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{54595623-DD6E-DF6D-5647-D57D6B2CFEEB} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6769CB49-248D-E08B-15E7-10A94D7C172A} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6D782F8C-5DE2-3548-935C-FEBC16AA150D} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{73374308-91E6-5E66-411F-8EDBA399652C} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{87993483-A3AD-794F-F265-DD005BD9116B} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8BCC463E-389A-AC36-B7B5-0B7AF0E04FD4} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8EDA2BD3-6A45-E3A2-BF45-6B2B79D7BCFF} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B27E8BCF-1A21-257E-958D-00B94008A3E8} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C5844CBD-D015-394D-8C9A-B52CFEA94E45} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D02E3516-4F75-FF8B-5AFE-ABA68C35CDCE} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D4B62290-D1BC-E419-EF26-71766EF1A30E} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DD83BAA4-41E8-EFEE-1476-E64CA18D26C6} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F18B8F19-2940-0876-54D4-FBE52283D28C} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F1A4571F-46C9-C368-C70C-9911C42A8A18} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F55D073A-8824-3A16-989A-7E60E10FA31B} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F74BE206-1DFE-36CA-AD40-4E17A18DEFF4} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FA5242E5-8006-01DA-9E12-778515EA0D80} -> Adware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FE0AAB93-86EB-567D-1206-035BABA516D5} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0283E400-BF96-1C65-2C3F-9441F31430C2} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0A8D0092-6F79-27C0-3B9C-D542A7FC6907} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18C2B1ED-7635-92A8-5DB5-E71520573650} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{19912599-316F-1849-BEE2-88BC0F03A2F6} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1999B1A0-C390-C209-63C3-49856B1E588D} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A172F01-0A73-DF98-941A-353C29824D17} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A4F489C-207C-A02F-2E5B-65769154252C} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CC5DC68-DEC2-29FA-06F2-100BA964602B} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1FF537E2-5407-6C66-D90C-07B8486033A1} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{228458EC-B192-8F48-449C-00AEE93F0FC3} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{24C88EC4-0FC2-9C0F-A5FD-F3DA397E615C} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{24D73448-369F-53B7-BCD0-CABA729B5AF4} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2B89AC97-A371-27E8-C367-96195BE399EF} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3595C207-5961-E10F-1D19-76E881A3A1A3} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3A53BD9C-CF0D-064A-32D4-7960D6A180E1} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{433C7071-2FBD-32B1-026E-7B1AF33C122A} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4849E457-A9AB-A3DE-78AF-566E83956794} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4CC594DF-0292-E368-A8D4-51511955AED9} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4EEA0D22-A231-FA24-2605-CBA388EAC447} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C8F854E-7CEA-C523-244D-78543DBCC516} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{63AC153B-BD57-425A-2351-D1C29DDAC649} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{65987126-98A1-4B3E-486F-57E4F99A69FD} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6824A214-2563-7589-241D-2D4CB796330F} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C3EAF4B-D99D-9B30-7B6D-B2D78C7E35AC} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D84605B-257F-35AC-B82F-7E711C985FBD} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83A1B149-7844-13CE-80C0-86EC13993152} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83EABCA4-99D5-F264-B18A-B8779D3DBFD7} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855D9ABD-36CC-FBCB-F69B-5F15C25AE571} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FF48EAF-C387-949B-E744-D302CADC8BD8} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9070C2D6-B9E2-D48F-43DC-CF2B92C210CC} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{92F291E7-FD51-5CE1-089B-2D9B1EB80BF4} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{935DEE51-F0FB-AF23-521F-2560A5DECF49} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9C1B2B2A-8963-C92B-AF30-4849E4570A9A} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CE283E7-669A-45BB-4625-1B2CC10B8B40} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9F9A9343-3D33-369A-6197-FBD7AB9B0FBC} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A21E8708-CA3B-A16F-3208-2F68EC50E62F} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A228760B-0410-D8AA-0C46-6EB4CE5AAF0F} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3AE7E28-5A26-913E-3E28-ABCC687B6BC9} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8955C5E-7D09-18F5-1D0E-99FB9B61BC16} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A983D02F-BD56-5FC4-C343-6507B61B8498} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A9B63F00-46F6-794A-3935-C204BC7E0785} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AC3741F7-BEFB-399E-9371-50AF9CDF9F10} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF24ECE7-2AD0-FD03-3E5C-825AE627C049} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B3CE5C0B-8CA4-F1D5-F9A7-7FAE4C8B1E8D} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BEDB0663-7AC0-B7C0-BE42-118165167350} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C49FBFCC-56B4-3482-9B6D-E95C5AAF1D3D} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C6506175-0AD1-05AA-F4AA-70AADEF964CA} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CB83AF3A-9251-64AE-8C9A-2124E181DEA7} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D050E6CE-E315-8255-E932-EE88CA55D832} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D347A63E-D453-8011-9CE5-A8289CC2E209} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DE10C0C2-6E08-CABB-135A-E38BB36A3958} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E07FEBA7-DA76-CC40-6C75-197B46A15FC9} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14797E4-9E5E-0402-9342-8ED990B9E13F} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E442A80F-74FB-5A16-58DF-7A013C8A2209} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E5E988DC-7B26-44B2-3181-C20414A67661} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E71DE0DD-A511-6A3A-D0FC-2A41EE33709D} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F02E3B9E-91EA-F259-A3AA-78801E4D5744} -> Adware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-3990708003-1238661117-741939197-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD61ED06-41F5-7104-3DD8-F7438013AEC5} -> Adware.CoolWebSearch : Cleaned with backup
C:\Documents and Settings\Michael Das\Application Data\WinHound.com -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Michael Das\Application Data\WinHound.com\WinHound -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Michael Das\Application Data\WinHound.com\WinHound\Autorun -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Michael Das\Application Data\WinHound.com\WinHound\Autorun\HKCURun -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Michael Das\Application Data\WinHound.com\WinHound\Autorun\HKCURun\RunOnce -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Michael Das\Application Data\WinHound.com\WinHound\Autorun\HKCURun\RunOnceEx -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Michael Das\Application Data\WinHound.com\WinHound\Autorun\HKLMRun -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Michael Das\Application Data\WinHound.com\WinHound\Autorun\HKLMRun\RunOnce -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Michael Das\Application Data\WinHound.com\WinHound\Autorun\HKLMRun\RunOnceEx -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Michael Das\Application Data\WinHound.com\WinHound\Autorun\StartMenuAllUsers -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Michael Das\Application Data\WinHound.com\WinHound\Autorun\StartMenuCurrentUser -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Michael Das\Application Data\WinHound.com\WinHound\BrowserObjects -> Adware.WinHound : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael [email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael [email protected][1].txt -> TrackingCookie.Clickhype : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael das@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael [email protected][2].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael das@com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael [email protected][2].txt -> TrackingCookie.Sexcounter : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael [email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael [email protected][1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael [email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael [email protected][1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael [email protected][2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael das@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael das@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael [email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Michael Das\Cookies\michael [email protected][1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\Michael Das\Local Settings\Temp\Cookies\michael [email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Michael Das\Local Settings\Temp\Cookies\michael [email protected][1].txt -> TrackingCookie.Clickhype : Cleaned with backup
C:\Documents and Settings\Michael Das\Local Settings\Temp\Cookies\michael [email protected][1].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Michael Das\Local Settings\Temp\Cookies\michael [email protected][2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Michael Das\Local Settings\Temp\Cookies\michael [email protected][1].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Michael Das\Local Settings\Temp\Cookies\michael das@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned with backup
C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\84509841.asw -> Downloader.Apropo.l : Cleaned with backup
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll -> Adware.Minibug : Cleaned with backup


::Report End

[Advertisements]

Hello please scan with hijackthis in normal mode and post the log!

[pomp]

Hello please scan with hijackthis in normal mode and post the log!

[Masknight]

Logfile of HijackThis v1.99.1
Scan saved at 5:30:13 PM, on 5/23/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Dell\Support\Alert\bin\DAMon.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\IAMAPP.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISUM.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wwSecure.exe
C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISSERV.EXE
C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\SymPxSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Real\RealOne Player\RealPlay.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O1 - Hosts: 216.239.51.99 www.kazaa-gold.com
O1 - Hosts: 216.239.51.99 kazaagold.com
O1 - Hosts: 216.239.51.99 www.kazaa-download.de
O1 - Hosts: 216.239.51.99 www.mp3downloadhq.com
O1 - Hosts: 216.239.51.99 www.easymusicdownload.com
O1 - Hosts: 216.239.51.99 easymusicdownload.com
O1 - Hosts: 216.239.51.99 www.mp3madeeasy.com
O1 - Hosts: 216.239.51.99 www.monstershare.com
O1 - Hosts: 216.239.51.99 monstershare.com
O1 - Hosts: 216.239.51.99 www.kazaa-plus.net
O1 - Hosts: 216.239.51.99 kazaa-plus.net
O1 - Hosts: 216.239.51.99 www.kazaa-plus.com
O1 - Hosts: 216.239.51.99 www.edonkey.com
O1 - Hosts: 216.239.51.99 www.kazaa-file-sharing-downloads.com
O1 - Hosts: 216.239.51.99 www.kazaaplatinum.com
O1 - Hosts: 216.239.51.99 www.madeformusic.com
O1 - Hosts: 216.239.51.99 www.ikazaa.net
O1 - Hosts: 216.239.51.99 ikazaa.net
O1 - Hosts: 216.239.51.99 www.mp3u.com
O1 - Hosts: 216.239.51.99 www.mp3specialty.com
O1 - Hosts: 216.239.51.99 music-download-world.com
O1 - Hosts: 216.239.51.99 song-download-world.com
O1 - Hosts: 216.239.51.99 www.flixs.net
O1 - Hosts: 216.239.51.99 www.ishareit.net
O1 - Hosts: 216.239.51.99 www.ishareit.com
O1 - Hosts: 216.239.51.99 www.download-doctor.com
O1 - Hosts: 216.239.51.99 www.ezmp3download.com
O1 - Hosts: 216.239.51.99 www.kazaamedia.com
O1 - Hosts: 216.239.51.99 mp3-network.com
O1 - Hosts: 216.239.51.99 www.mp3-network.com
O1 - Hosts: 216.239.51.99 www.mp3grandcentral.net
O1 - Hosts: 216.239.51.99 www.mp333.com
O1 - Hosts: 216.239.51.99 www.kazaamate.com
O1 - Hosts: 216.239.51.99 www.kazaa-download.de
O1 - Hosts: 216.239.51.99 www.emule.biz
O1 - Hosts: 216.239.51.99 www.kazaam8.tk
O1 - Hosts: 216.239.51.99 www.rippro.com
O1 - Hosts: 216.239.51.99 www.kaaza.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [Dell|Alert] C:\Program Files\Dell\Support\Alert\bin\DAMon.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RAM Idle] C:\Program Files\RAM Idle Standard\RAM_2K.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [McRegWiz] c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [DIAGENT] C:\Program Files\Creative\SBLive\Creative Diagnostics 2.0\DIAGENT.EXE startup
O4 - HKLM\..\Run: [ConMgr.exe] "C:\Program Files\EarthLink 5.0\ConMgr.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iamapp] C:\PROGRA~1\SYMANT~1\SYMANT~1\IAMAPP.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [Tracks Eraser Pro] C:\Program Files\Acesoft\Tracks Eraser Pro\te.exe min
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.indiapres...fr/tdserver.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse....iveX/winrep.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1118095180448
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://ftp.us.dell.c...es/PROFILER.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.ao.../ampx_en_dl.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec Client Firewall Service (NISSERV) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISSERV.EXE
O23 - Service: Symantec Client Firewall Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\NISUM.EXE
O23 - Service: Symantec Client Firewall Proxy Service (SymPxSvc) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec Client Firewall\SymPxSvc.exe
O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe

[pomp]

A slow computer does not mean there is malware present. I don't see anything in your Hijack This log to indicate that your problem is malware related. I will post the following info to get you started in the right direction, but if you need further help with this you will have to post a new topic in the proper Operating System Forum. I'm closing this topic.

Here are some routine maintenance practices that you should do on a regular basis to keep your machine running efficiently:

Disk Cleanup:

http://www.theelderg...nup_utility.htm

Defrag your HD:

http://artsweb.bham....rag-win2kxp.htm

Run chkdsk:

To use Chkdsk, click Start and My Computer. Right-click the hard drive you want to check, and click Properties. Select the Tools tab and click Check Now. Check both boxes. Click Start. You'll get a message that the computer must be rebooted to run a complete check. Click Yes and reboot. Chkdsk will take awhile, so run it when you don't need to use the computer for something else.

Remove unnecessary startups

This should be done through the System Configuration Utility. Go to Start > Run and type in msconfig.
Click OK or hit the Enter key.

Click on the "Startup" tab and remove the check by the items that you have determined are unnecessary. Click "Apply" then "Close"

You will be prompted to restart. Go ahead and restart.

Upon restart you will be confronted with a dialogue box warning about running in selective startup. Just ignore that message and put a check in the box by "Don't show me this message or launch the System Configuration Utility when Windows starts" and click "OK". You will not be bothered by the message again.

Keep in mind that some entries will be re-enabled in the startups each time you use that particular program. Therefore, you will have to find the option in that programs preferences that says something like "Load with Windows" or "Run when Windows Starts" and disable that option.

Go here for info on msconfig:

http://www.pacs-port...artup_index.htm

You can look up the startups at the following links to help determine what is needed and what is not:

http://computercops....tartupList.html

http://www.bleepingc...r.com/startups/

http://www.answersth...es/tasklist.htm

http://www.windowsst...start=50&end=75

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, have followed the steps above, and still suspect you may be infected, please contact a staff member with the address of the thread to have it reopened.

Everyone else please begin a New Topic.