My system feels like utter chaos

i did a search and saw someone got some help on the cws.searchx thing. ive ran cwshredder cleanup spybot seems everything thats basically free, but i dont know why my system goes to completely usage within 5mins of being on it. i get popups from some spyware site when ever i open up a webpage. i took a log...can someone help me

****************************************
Bazooka Spyware Scanner v1.13.01
URL
URL
URL
Log created 02:55:39.
OS: Windows NT 5.1
Database version: 2.120000
Database format version: 1.020000
Database date: 20040702
Current date: 2004-07-05 02:55


****************************************
Result when scanning:

Cydoor 399.000.001 Cd_clint.dll
URL

Favoriteman 692.118.338 td1.dll
URL

IGetNet 692.118.337 ClrSchP012.dll
URL

IGetNet 692.118.540 %SystemDir%\ClrSchP012.exe
C:\WINDOWS\System32\\ClrSchP012.exe
URL

****************************************
Auto start entries:
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
C:\Documents and Settings\default\Start Menu\Programs\Startup\desktop.ini
C:\Documents and Settings\default\Start Menu\Programs\Startup\desktop.ini

Go here to analyse the startup entries and the associated files:
URL

****************************************
Run entries:
AOL Spyware Protection "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\AOL Spyware Protection

SunJavaUpdateSched C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SunJavaUpdateSched

NAV4B02 C:\WINDOWS\System32\regsvr32.exe /s C:\PROGRA~1\NORTON~1\NAVResc.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\NAV4B02

msnmsgr "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\msnmsgr


Go here to analyse the run entries and the associated files:
URL

****************************************
Browser helper objects:

{A639EB96-A797-4080-B7C6-3FEBFD0C2909} not set C:\WINDOWS\System32\ceilfpd.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A639EB96-A797-4080-B7C6-3FEBFD0C2909}

{BDF3E430-B101-42AD-A544-FADC6B084872} not set C:\Program Files\Norton AntiVirus\NavShExt.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF3E430-B101-42AD-A544-FADC6B084872}


****************************************
Toolbars:

{01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\System32\browseui.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383}

{01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\System32\browseui.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383}

{0E5CBF21-D15F-11D0-8301-00AA005B4383} C:\WINDOWS\system32\SHELL32.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}

{4528BBE0-4E08-11D5-AD55-00010333D0AD} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{4528BBE0-4E08-11D5-AD55-00010333D0AD}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}

{4D5C8C25-D075-11d0-B416-00C04FB90376} C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}

{32683183-48a0-441b-a342-7c2a440a9478} C:\WINDOWS\System32\browseui.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}

{4528BBE0-4E08-11D5-AD55-00010333D0AD} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{4528BBE0-4E08-11D5-AD55-00010333D0AD}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4528BBE0-4E08-11D5-AD55-00010333D0AD}

{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} C:\WINDOWS\system32\SHELL32.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}

{EFA24E64-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\System32\shdocvw.dll
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}


****************************************
All processes:

System
SMSS.EXE
CSRSS.EXE
WINLOGON.EXE
SERVICES.EXE
LSASS.EXE
SVCHOST.EXE
SVCHOST.EXE
SVCHOST.EXE
SVCHOST.EXE
LEXBCES.EXE
LEXPPS.EXE
SPOOLSV.EXE
ACSD.EXE
EXPLORER.EXE
CISVC.EXE
SVCHOST.EXE
WANMPSVC.EXE
AOLSP Scheduler.exe
JUSCHED.EXE
YPager.exe
SpySweeper.exe
msnmsgr.exe
cidaemon.exe
WAOL.EXE
SHELLMON.EXE
aolwbspd.exe
spywarescanner.exe
iexplore.exe
iexplore.exe

Go here to analyse the running processes:
URL

****************************************
Internet Explorer Settings:

Default_Page_URL URL
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL

Default_Search_URL URL
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL

Local Page C:\WINDOWS\SYSTEM32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page

Search Bar file://C:\DOCUME~1\default\LOCALS~1\Temp\sp.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar

Search Page file://C:\DOCUME~1\default\LOCALS~1\Temp\sp.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page

Start Page URL
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page

Use Search Asst no
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Use Search Asst

SearchAssistant file://C:\DOCUME~1\default\LOCALS~1\Temp\sp.html
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant

CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch

http://
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix\

www http://
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\www

provider
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\provider

Local Page C:\WINDOWS\SYSTEM32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page

Search Bar file://C:\DOCUME~1\default\LOCALS~1\Temp\sp.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar

Search Page file://C:\DOCUME~1\default\LOCALS~1\Temp\sp.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page

Start Page URL
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page

Use Search Asst no
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use Search Asst

SearchAssistant file://C:\DOCUME~1\default\LOCALS~1\Temp\sp.html
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant


****************************************

Hey traddon,

Enable everything in MSCONFIG (if you have disabled anything). Go to Start > Run > msconfig > click Startup Tab > everything should have a checkmark to the left of it. Please note: this does not apply to Windows 2000 users.

Download HijackThis (link below). Make sure you install HijackThis to a permanent folder such as C:\HJT as it creates backups of what we will fix. Run the program, press Scan, after a brief pause press Save log. Notepad will open, copy and paste the entire log into your post. Do not fix anything yet, most of what's in the log is needed!

Tom