ad blocker programs constantly..including AVG 6.0., Ad-aware 6.0, and Spybot...I'm on Windows XP Edition..(I downloaded SP2 recently for better or for worse)... I would HIGHLY appreciate feedback. thanks much,

C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\documents and settings\default\local settings\temp\I.exe
C:\documents and settings\default\local settings\temp\nPg6btp.exe
C:\Documents and Settings\Default\Application Data\dews.exe
C:\WINDOWS\system32\t?skmgr.exe
C:\Program Files\AOL Companion\companion.exe
C:\Program Files\America Online 8.0a\aoltray.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\America Online 8.0a\aol.exe
C:\Program Files\America Online 8.0a\waol.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\America Online 8.0a\aolwbspd.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Opera\opera.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://jksearch.biz/redir.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Default\LOCALS~1\Temp\sp.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Default\LOCALS~1\Temp\sp.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://jksearch.biz/redir.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - (no file)
N1 - Netscape 4: user_pref("browser.startup.homepage", "www.msn.com"); (C:\Program Files\Netscape\Users\default\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {6BFE4B7D-B314-44CB-8754-67550B867C1F} - C:\WINDOWS\System32\kunavz.dll (file missing)
O2 - BHO: (no name) - {9C9EB301-FC4D-4BB2-B3BA-313DC91C5F88} - C:\WINDOWS\system32\moclbaa.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Wavexpress BHO - {C1D458F1-B97C-11D5-B3DF-00B0D0A5B433} - C:\Program Files\Wavexpress\TVTonic\WXBHO.dll (file missing)
O2 - BHO: (no name) - {E22B5769-BAA9-DE7B-89D9-E5ABAF050496} - C:\WINDOWS\system32\bjj.dll
O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Documents and Settings\Default\Local Settings\Temp\9d.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_1_3_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\System32\runonce.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [wzOu7W] c:\documents and settings\default\local settings\temp\wzOu7W.exe
O4 - HKLM\..\Run: [oc3aPbF] c:\documents and settings\default\local settings\temp\oc3aPbF.exe
O4 - HKLM\..\Run: [I] C:\documents and settings\default\local settings\temp\I.exe
O4 - HKLM\..\Run: [nPg6btp] C:\documents and settings\default\local settings\temp\nPg6btp.exe
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\WEATHER.EXE 1
O4 - HKCU\..\Run: [Otus] C:\Documents and Settings\Default\Application Data\dews.exe
O4 - HKCU\..\Run: [Ivnzuh] C:\WINDOWS\system32\t?skmgr.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0a\aoltray.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Dell Home - {45DE2C80-2039-11D4-B744-F0D765C1790F} - C:\WINDOWS\System32\shdocvw.dll (HKCU)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: oc4211 - [url]https://webshell.clearco.com/shell/docs/classes/oc4211.cab[/url]
O16 - DPF: oc505 - [url]https://webshell.clearco.com/shell/docs/classes/oc505.cab[/url]
O16 - DPF: oc505_1 - [url]https://webshell.clearco.com/shell/docs/classes/oc505_1.cab[/url]
O16 - DPF: oc505_2 - [url]https://webshell.clearco.com/advisor/classes/oc505.cab[/url]
O16 - DPF: OpenConnectCab - [url]https://webshell.clearco.com/shell/docs/classes/oc.cab[/url]
O16 - DPF: RYOAppletCab_1 - [url]https://ryo.clearco.com/ryo/classes/ryoapplet.cab[/url]
O16 - DPF: WebShellCab - [url]https://shell.clearco.com/shell/classes/webshell.cab[/url]
O16 - DPF: Yahoo! Chat 1.3 - [url]http://cs4.chat.yahoo.com/c155/chat.cab[/url]
O16 - DPF: ZipViewCab - [url]https://shell.clearco.com/shell/classes/zipview.cab[/url]
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - [url]http://support.dell.com/systemprofiler/SysPro.CAB[/url]
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Program Files\Q330994.exe
O16 - DPF: {1C854D5E-66D9-11D3-81DD-00A0C9B62983} (TestX Class) - [url]http://209.1.231.142/Plugin/3DGreetings/PlayerX.CAB[/url]
O16 - DPF: {27EB254C-C724-43B1-8DD8-F3AC9ED761B2} (Wavexpress Cab Helper) - [url]http://client2.tvtonic.com/Webservice/Public/WXStageInstall/2.6/TVTStage1.cab[/url]
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - [url]http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab[/url]
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll[/url]
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{43A9D767-DAA0-4EC4-9CF3-8C0A968A6A6B}: NameServer = 205.188.146.145
O17 - HKLM\System\CCS\Services\Tcpip\..\{A28A616A-FDDF-415F-B3D1-E4F0CC9E0DC8}: NameServer = 206.13.29.12,206.13.28.12
O18 - Filter: text/html - {A4669489-0280-46A0-B4DD-B9A2ED3C88F7} - C:\WINDOWS\system32\moclbaa.dll
O18 - Filter: text/plain - {A4669489-0280-46A0-B4DD-B9A2ED3C88F7} - C:\WINDOWS\system32\moclbaa.dll
O21 - SSODL: System - {8AF14966-9B15-4A1D-9F91-22F9188A5FD9} - C:\WINDOWS\system32\system32.dll (file missing)
O23 - Service: AOL Connectivity Service - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
O23 - Service: AOL Spyware Protection Service - Unknown - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: AVG6 Service - GRISOFT s.r.o - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
O23 - Service: Performance Manager - Unknown - c:\Program Files\Common Files\fh.exe
O23 - Service: WAN Miniport (ATW) Service - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

First you are using the obsolete version of AdAware 6.0, the current program is AdAwareSE, still free for personal use from Lavasoft's home page.
You also posted a HJT log without the headers, Budfred and the other readers will need to see that information, the latest release is version 1.99.

You have a very nasty CWS infection among other things... Supposedly the new version of CWShredder takes care of it, so lets start with that... Download and run it... Then reboot and post a fresh HJT log including the header...

I actually was running AdawareSE. Thanks in advance.

Logfile of HijackThis v1.99.0
Scan saved at 5:52:16 PM, on 12/30/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\documents and settings\default\local settings\temp\I.exe
C:\documents and settings\default\local settings\temp\nPg6btp.exe
C:\PROGRA~1\AWS\WEATHE~1\WEATHER.EXE
C:\Documents and Settings\Default\Application Data\dews.exe
C:\WINDOWS\system32\t?skmgr.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\AOL Companion\companion.exe
C:\Program Files\America Online 8.0a\aoltray.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\America Online 8.0a\aol.exe
C:\Program Files\America Online 8.0a\waol.exe
C:\Program Files\America Online 8.0a\aolwbspd.exe
C:\Program Files\WinZip\Winzip32.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Default\LOCALS~1\Temp\sp.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\Default\LOCALS~1\Temp\sp.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497}_ - (no file)
N1 - Netscape 4: user_pref("browser.startup.homepage", "www.msn.com"); (C:\Program Files\Netscape\Users\default\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {6BFE4B7D-B314-44CB-8754-67550B867C1F} - C:\WINDOWS\System32\kunavz.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Wavexpress BHO - {C1D458F1-B97C-11D5-B3DF-00B0D0A5B433} - C:\Program Files\Wavexpress\TVTonic\WXBHO.dll (file missing)
O2 - BHO: (no name) - {E22B5769-BAA9-DE7B-89D9-E5ABAF050496} - C:\WINDOWS\system32\bjj.dll
O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Documents and Settings\Default\Local Settings\Temp\w7q6avTO.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_1_3_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\System32\runonce.exe
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [wzOu7W] c:\documents and settings\default\local settings\temp\wzOu7W.exe
O4 - HKLM\..\Run: [oc3aPbF] c:\documents and settings\default\local settings\temp\oc3aPbF.exe
O4 - HKLM\..\Run: [I] C:\documents and settings\default\local settings\temp\I.exe
O4 - HKLM\..\Run: [nPg6btp] C:\documents and settings\default\local settings\temp\nPg6btp.exe
O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\WEATHER.EXE 1
O4 - HKCU\..\Run: [Otus] C:\Documents and Settings\Default\Application Data\dews.exe
O4 - HKCU\..\Run: [Ivnzuh] C:\WINDOWS\system32\t?skmgr.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: AOL Companion.lnk = C:\Program Files\AOL Companion\companion.exe
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0a\aoltray.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0411.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Dell Home - {45DE2C80-2039-11D4-B744-F0D765C1790F} - C:\WINDOWS\System32\shdocvw.dll (HKCU)
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (HKCU)
O16 - DPF: oc4211 - [url]https://webshell.clearco.com/shell/docs/classes/oc4211.cab[/url]
O16 - DPF: oc505 - [url]https://webshell.clearco.com/shell/docs/classes/oc505.cab[/url]
O16 - DPF: oc505_1 - [url]https://webshell.clearco.com/shell/docs/classes/oc505_1.cab[/url]
O16 - DPF: oc505_2 - [url]https://webshell.clearco.com/advisor/classes/oc505.cab[/url]
O16 - DPF: OpenConnectCab - [url]https://webshell.clearco.com/shell/docs/classes/oc.cab[/url]
O16 - DPF: RYOAppletCab_1 - [url]https://ryo.clearco.com/ryo/classes/ryoapplet.cab[/url]
O16 - DPF: WebShellCab - [url]https://shell.clearco.com/shell/classes/webshell.cab[/url]
O16 - DPF: Yahoo! Chat 1.3 - [url]http://cs4.chat.yahoo.com/c155/chat.cab[/url]
O16 - DPF: ZipViewCab - [url]https://shell.clearco.com/shell/classes/zipview.cab[/url]
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - [url]http://support.dell.com/systemprofiler/SysPro.CAB[/url]
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Program Files\Q330994.exe
O16 - DPF: {1C854D5E-66D9-11D3-81DD-00A0C9B62983} (TestX Class) - [url]http://209.1.231.142/Plugin/3DGreetings/PlayerX.CAB[/url]
O16 - DPF: {27EB254C-C724-43B1-8DD8-F3AC9ED761B2} (Wavexpress Cab Helper) - [url]http://client2.tvtonic.com/Webservice/Public/WXStageInstall/2.6/TVTStage1.cab[/url]
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - [url]http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab[/url]
O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll[/url]
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{A28A616A-FDDF-415F-B3D1-E4F0CC9E0DC8}: NameServer = 206.13.29.12,206.13.28.12
O23 - Service: AOL Connectivity Service - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLACSD.EXE
O23 - Service: AOL Spyware Protection Service - Unknown - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: AVG6 Service - GRISOFT s.r.o - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
O23 - Service: Performance Manager - Unknown - c:\Program Files\Common Files\fh.exe
O23 - Service: WAN Miniport (ATW) Service - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Did you run CWShredder already??

Yes, twice....once, rebooted, then again. :)

Okay, lets try this next.... Download and run this fix, post results...

http://securityresponse.symantec.com/avcenter/venc/data/backdoor.agent.b.removal.tool.html

Budfred,

Both times I 'hit the link' that you posted, my system immediately crashed. Is it possible that that is part of the 'virus' (additional code written to crash pc upon hitting certain links) ? wow

TIA, M

I don't think so, but if you can't get it to work, you can go to Symantec's website and look for this:

Backdoor.Agent.B Removal Tool

Went to Symantec link...downloaded proper removal tool.....worked properly......said to 'reboot'......computer booted down and WILL NOT reboot......gosh......any ideas...I'm on a computer right next to one that is DOWN however, this one is a bit squirrelly so I'm not sure I'd be able to make a 'boot disk' if that's what would be necessary.....help :)

TIA M

I don't know why running that fix should kill your computer, but we can try to figure it out... When you say it wouldn't boot, what do you mean... It won't POST, it won't load Windows, it won't give you an A:\ prompt?? Please give details about what you do get and what you have tried to get it to boot, like have you tried Safe Mode??

Boot button not lit and not working...when I cut off power (which would normally work)..........I don't get to windows or Dell logo...(windows XP).....just the typical 'no signal' reading on monitor face, which is normally the first thing I see before the typical boot process continues which would bring up Dell logo then go through rest of boot. I've tried plugging and unplugging all device cords in case that would boot it....no real other ideas.....power is on at device tower.have casing off...everything is running....just nothing on monitor (new monitor) and not booting...TIA M

I'm still not clear if you are getting POST... If you are not getting POST it is probably a hardware problem and simply a coincidence... If you are getting POST try going into Safe Mode and see if you can get something that way...

If it is malware related and you can't even get a Windows screen, it would almost certainly have to be an MBR virus or something that has infected the BIOS... If either is true, you are going to have some major problems fixing it...

Okay, next question (THANKS MANY TIMES OVER). I need to get some new equipment anyway and am going to FRY's tomorrow. What are the different methods to recover some of the data on the harddrive if I decide to abandon said computer ? Any advice on PC's. I need decent speed and reliability as I work in a field that requires constant computer usage that is clear and fast. run several programs at once always. M

Assuming your hard drive isn't what has died, it would be a matter of slaving it in the new computer and copying files off of it... However, it will still be infested, so good security would be essential before you hook it up...

As for what to get, your best bet would probably be to start a new topic in the Buying and Upgrading Advice forum... I am thinking about building an AMD64 system, but until I am ready to start collecting parts, I don't keep up with what is going on... I know very little about good prebuilts...

I take it you are not getting any POST then?? There are other troubleshooting steps you can take to figure out what the problem is...

Not exactly sure what getting POST is, but no I don't think I am. As an aside, I bumped the unit right before I was trying to reboot and that remains a possible reason for not working (coincidental but entirely possible). What are the other steps ?

Can you give me a quick synopsis of slaving harddrive? Just an explanation not 'blow by blow'.. Thanks Budfred, M

POST is Power On Self Test... When you press the power button and the computer starts to boot, you will hear a beep and that tells you that it passed POST... If it doesn't do that, you have a major hardware glitch... Now this could be as simple as a loose connector or it could be as troublesome as a fried CPU... It would be a good idea to open the box and check all connections as a starting point and then post about the problem in the hardware forum if it still isn't working...

To slave the drive means that the new drive in the new computer would be the Master and this drive would be installed, probably on the same cable, as a Slave... This means that you can use the Windows on the new drive to clean the old one and to transfer files... Or you can just leave the old one installed as a second drive if you have it clean... It would be important to have a full set of preventive programs on the new drive so that it isn't infected by the old one...

I hear a Beep

The beep means that your computer is not dead... That is good... Now try tapping on F8 after you hear the beep and see if you can get into Safe Mode... If that doesn't work, use a plain Win98 boot disk to get to an A:\ prompt and we can try to work from there... Do you know if your drive is formatted in FAT32 or NTFS??

Hello Budfred,

Was finally able to get back to the PC that was/is inoperable. I took off cover, and shot some dust remover in there and checked all the connections.

Current situation is as follows:

A) computer will boot.

B) when it gets to Log-on screen : Picture gets unreadable and squiggly. I am still able to logon blindly.

What is most probable cause in your opinion? Graphic Card ?

thanks, M

It certainly could be the graphics card, but it could be other things as well... Are you able to boot to Safe Mode?? Does the opening screen look okay or is it a mess from the beginning?? If it is readable up until the logon screen, it is possible that the video driver is corrupted, but then you should be able to work with Safe Mode...

safely booted in safemode.........any other advice...so far so good :)

M

I am not real sure... I am blind without a scan to work with after the other fixes you already ran... Since you can boot to Safe Mode, run HJT and save a scan... You can transfer it on a floppy since it is a very small file... Post it and we can see if there are any clues there... If you have Ad-Aware SE or other scanning programs, it would be good to run them as well... Run CWShredder again for instance....

Budfred, Actually now I'm trying to figure out why the monitor is freaking out (monitor is fine) when I"m NOT in safemode.......squiqqly and freaking..safemode is fine..

TIA, M

It may be freaking out because of a corrupted driver or because of the malware on your system or both... You can try reinstalling the driver and see if that helps, but the malware may need to be killed before you can fix it...