Please help!! HJIT log included. IE pop-ups

I would greatly appreciate some help on this I am using Win XP Pro. Whenever I connect it automatically opens a new window and dierctly goes to http://h-1.us/cream and opens it. Also it doesn't allow me to open any of the mail sites and gives me "Can't find server" error. Moreover the interesting part is surfing speed is excruciatingly slow while the download speeds are pretty fast. I have used spybot, noadware to clean my PC but to no effect. Also I am not able to live update my Norton.Please helo me out. I am posting my hijack this log for reference. I had fixed wingtp.exe but it has again resurfaced. Also while online i get numerous pop-ups from various spyware programs telling that my PC is infected with spywares.

Logfile of HijackThis v1.99.0
Scan saved at 11:04:20 AM, on 02/17/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\RunDll32.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\System32\realplay.exe
C:\WINDOWS\System32\navwindows.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wingtp.exe
C:\SCSIupdate2.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\RunDll32.exe
C:\PROGRA~1\SPYSPO~1\SpySpotter.exe
C:\SCSIupdate2.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\ME\Desktop\Hijack\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Realplayer One] realplay.exe
O4 - HKLM\..\Run: [SpySpotter] C:\PROGRA~1\SPYSPO~1\SpySpotter.exe
O4 - HKLM\..\Run: [NAV Auto Updates] navwindows.exe
O4 - HKLM\..\Run: [Microsofts media] wingtp.exe
O4 - HKLM\..\RunServices: [Realplayer One] realplay.exe
O4 - HKLM\..\RunServices: [NAV Auto Updates] navwindows.exe
O4 - HKLM\..\RunServices: [Microsofts media] wingtp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NAV Auto Updates] navwindows.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{745E1D5B-452E-4089-8749-6C139B6DC10D}: NameServer = 203.197.12.30 202.54.6.50
O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

Sorry it's taken so long for someone to get back to you.

Run HJT and put a check next to the following items and have it fix them:

C:\WINDOWS\System32\navwindows.exe
C:\WINDOWS\System32\wingtp.exe
C:\SCSIupdate2.exe
C:\SCSIupdate2.exe
O4 - HKLM\..\Run: [NAV Auto Updates] navwindows.exe
O4 - HKLM\..\Run: [Microsofts media] wingtp.exe
O4 - HKLM\..\RunServices: [NAV Auto Updates] navwindows.exe
O4 - HKLM\..\RunServices: [Microsofts media] wingtp.exe
O4 - HKCU\..\Run: [NAV Auto Updates] navwindows.exe
O4 - Startup: PowerReg Scheduler.exe

Once completed, reboot your computer into SAFE MODE (F8 while the white bar goes across the screen, before Windows actually loads) and delete the following files:

C:\WINDOWS\System32\navwindows.exe
C:\WINDOWS\System32\wingtp.exe
C:\SCSIupdate2.exe
C:\SCSIupdate2.exe

Once deleted, reboot into Windows normally. You'll want to run these free online scans and have it fix anything else it may find:

Panda ActiveScan
Trend Micro

After that, run HJT and post a fresh log. Let's hope these clear it up!

Sorry, but for me it didn-t worked
I am not specialist, but you were the only ones to discuss about this cream.html..

so ? can you help me, step like step ?
thx

Post a fresh HijackThis log and let me see what's listed in there still. I'll go from there

Logfile of HijackThis v1.99.1
Scan saved at 7:40:36 PM, on 3/3/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\umonit.exe
C:\WINDOWS\System32\SNSS32.EXE
C:\WINDOWS\System32\Winxpupdate.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\8b5e9cdb91dddbb342695fbdc36fe0e4\update\update.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\vera-july\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\WINDOWS\Downloaded Program Files\googlenav.dll
O4 - HKLM\..\Run: [Ins3DT] F:\INSTALL4\INS3DT.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [UMonit] C:\WINDOWS\System32\umonit.exe
O4 - HKLM\..\Run: [Dot.net Networking] SNSS32.EXE
O4 - HKLM\..\Run: [Ad-aware] C:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe +c
O4 - HKLM\..\Run: [USB 2.0 Driver] Winxpupdate.exe
O4 - HKLM\..\RunServices: [Dot.net Networking] SNSS32.EXE
O4 - HKLM\..\RunServices: [USB 2.0 Driver] Winxpupdate.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-beta.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1109793695108
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/ro/big/1.1.62-big/GoogleNav.cab
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

THANK YOU A LOT !!!