Pc problems - pc takes a while to load, and txt files do not open

[mole]

hi all
i have these weird problems on my pc for some reason.
firstly my pc takes ages to load. i mean, before it used to say Welcome and then go straight to the desktop (this is Windows XP professional btw). but now it says Welcome, and u have to wait for like a min or two to for it to go to the desktop.
i thought it wud be svmhost.exe AGAIN.. but i dont seem to find it on the pc. so its something new i guess.

secondly i cant open txt files. lets say theres a txt file on my desktop, i double click it, and i can just wait and wait, but nothing will happen. notepad doesnt even open up or anything. dunno y that is.

ive tried running adaware professional and deleted all the infected files it found. tried runnin norton anti virus too and it found over 40 infected files there. it wudnt delete so i had to delete them manually. (some files didnt even exist in the directories which norton gave me because i wud use windows explorer to go to the exact location but the file that has been infected isnt there. might need help here too ^^).

well thats it really.
below is my HiJackThis log. thought it might help solve my problems. (i had to use microsoft word to open the log file since notepad files dont work )

Logfile of HijackThis v1.99.0
Scan saved at 16:49:47, on 25/12/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Admilli Service\AdmilliServ.exe
C:\Program Files\Windows ServeAd\WinServAd.exe
C:\WINDOWS\System32\ctfmon.exe
C:\program files\valve\steam\steam.exe
C:\Program Files\Admilli Service\AdmilliKeep.exe
C:\Program Files\Windows ServeAd\WinServSuit.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\mIRC\mirc.exe
C:\Program Files\Gravity\RO\hentaiRO9slot.exe
C:\WINDOWS\System32\notepad.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\WINDOWS\yiaqp.exe
C:\Program Files\Web_Rebates\WebRebates1.exe
C:\PROGRA~1\COMMON~1\tsa\tsm2.exe
C:\PROGRA~1\COMMON~1\tsa\ts2.exe
C:\Program Files\Web_Rebates\WebRebates0.exe
C:\Documents and Settings\G MANN\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll (file missing)
O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} - C:\PROGRA~1\SEARCH~1\SEARCH~2.DLL (file missing)
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem302.dll (file missing)
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Program Files\SideFind\sfbho.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [VGA Startup] vgacard.exe
O4 - HKLM\..\Run: [MS Manager32 Startup] manager32.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Win32 USB2.0 Driver] w32usb2.exe
O4 - HKLM\..\Run: [Notepad] notepad.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [Admilli Service] C:\Program Files\Admilli Service\AdmilliServ.exe
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\Run: [rirgl] C:\WINDOWS\rirgl.exe
O4 - HKLM\..\Run: [Windows ServeAd] C:\Program Files\Windows ServeAd\WinServAd.exe
O4 - HKLM\..\Run: [qxah] C:\WINDOWS\qxah.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [aaAQU] C:\WINDOWS\yiaqp.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Program Files\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\RunServices: [VGA Startup] vgacard.exe
O4 - HKLM\..\RunServices: [MS Manager32 Startup] manager32.exe
O4 - HKLM\..\RunServices: [Win32 USB2.0 Driver] w32usb2.exe
O4 - HKLM\..\RunServices: [Notepad] notepad.exe
O4 - HKLM\..\RunOnce: [Notepad] notepad.exe
O4 - HKLM\..\RunOnce: [djtopr1150.exe] "C:\WINDOWS\TEMP\djtopr1150.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [VGA Startup] vgacard.exe
O4 - HKCU\..\Run: [MS Manager32 Startup] manager32.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Win32 USB2.0 Driver] w32usb2.exe
O4 - HKCU\..\Run: [Notepad] notepad.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunOnce: [Notepad] notepad.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Web Rebates - file://C:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Program Files\SideFind\sidefind.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/popcap/zuma/popcaploader_v6.cab
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Please try and help me here. all help appreciated

Thanks alot

 

[howard_hopkinso]

Take a look at the following thread by RBS it will help you.

How to remove begin2search/coolwebsearch

Regards Howard :grinthumb

 

[Trevster]

If you do a Google search for Add-remove Pro, it's pretty good for removing stuff that Ad-Aware can't.

(Would post a link to it but.......)

 

[almi]

Huh, you have many malicious software installed...
One of them is Admilli Service (C:\Program Files\Admilli Service\AdmilliServ.exe and similar) and it can be easily removed if you follow the great instructions found on this page: Admilli removal instructions.
I hope it helps.