What you experience in the 'sluggish' email is called Social Enginnering. It is the prime way malware writers gets users to open the email or click on their popups> by using a term, text or picture to manipulate people into performing actions or divulging confidential information, rather than by breaking in or using technical cracking techniques> trickery or deception for the purpose of information gathering, fraud, or computer system access.

"Social engineering" as an act of psychological manipulation was popularized by hacker-turned-consultant Kevin Mitnick.

And it gotcha, didn't it! Shook you up, made you think someone was reading over your shoulder! How? Bots roam the internet looking for word, phrases, anything that will get a users attention. Maybe one saw your thread and the word 'sluggish', sent word to it's site and sent email that got past your filter.

I put 'PC Sluggishness' in a Google Search> check the first site here:
http://www.google.com/search?hl=&q=...=navclient-ff&rlz=1B3GGLZ_en___US359&ie=UTF-8

Scary isn't it?! That's why we preach layered security, safe surfing habits and careful email handling. To help with this:
Tips for added security and safer browsing:

1. Browser Security Settings: Custom is fine if the user did the settings. Mine are Custom. Default is okay too, but sometimes too restrictive.
   This Tutorial will help guide you through Configuring Security Settings, Managing Active X Controls and other safety features: Make Internet Explorer safer.
   
2. Have layered Security:
   • Antivirus Software(only one):Both of the following programs are free and known to be good:
     [o]Avira Free
     [o]Avast Home
   • Firewall (only one): Use bi-directional firewall. Both of the following programs are free and known to be good:
     [o]Comodo
     [o]Zone Alarm
   • Antispyware: I recommend all of the following:
     [o]Spywareblaster: SpywareBlaster protects against bad ActiveX. It places kill bits to stop bad Active X controls from being installed. Remember to update it regularly.
   [o]Download ZonedOut and save to your desktop. this replaces IE/Spyad and manages the Zones in Internet explorer. This places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
   For IE7 and IE8, Windows 2000 thru Vista. No Windows 7 yet.
   IE/Spyad is not longer being supported. If you have this on your system, you should replace it with the following program. Make sure your IE8 is Up-to-date before adding sites to your restricted zone.
   Known issue: If you have "immunized" your computer with Spybot Search and Destroy, and use ZonedOut to "Remove All" restricted sites - ZonedOut will remove your trusted sites as well. Note that if you remove Spybot Search and Destroys Immunization the problem goes away...
   [o]Replace the Host Files
   MVPS Hosts files This replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
   [o]Google Toolbar Get the free google toolbar to help stop pop up windows.
   
3. Stay current on updates:
   [o] Visit the Microsoft Download Sitefrequently. You should get All updates marked Critical and the current SP updates.
   [o]Visit this Adobe Reader site often and make sure you have the most current update. Uninstall any earlier updates as they are vulnerabilities.
   [o]Check this site .Java Updates Stay current as most updates are for security. Uninstall any earlier versions in Add/Remove Programs.
   
4. Reset Cookies to prevent Tracking Cookies:
   [o]For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> check 'override automatic Cookie handling'> check 'accept first party Cookies'> check 'Block third party Cookies'> check 'allow per session Cookies'> Apply> OK.
   [o]For Firefox: Tools> Options> Privacy> Cookies> check ‘accept Cookies from Sites’> Uncheck 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')
   I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
   AdBlock Plus
   Easy List
   
5. Do regular Maintenance
   Remove Temporary Internet Files regularly:
   [o]ATF Cleaner by Atribune
   OR
   [o]TFC
   Disable and Enable System Restore:
   [o]See System Restore Guide This will help you understand what this is, why you need to clean and set restore points and what information is in them.
   
6. Practice Safe Email Handling
   [o] Don't open email from anyone you don't know.
   [o] Don't open Attachments in the email. Safe to your desktop and scan for viruses using a right click
   [o] Don't leave your personal email address on the internet. Have a separate email account at one of the free web-based emails like Yahoo.

And use a Site Advisor:
The Web of Trust (WOT) add-on is a safe surfing tool for your browser. Traffic-light rating symbols show which rate the site for Trustworthiness, Vendor Reliability, Privacy, Child Safety.Your online email account – Google Mail, Yahoo! Mail and Hotmail is also protected.

Every time to do a search and the screen comes up with the sites, they will have the rating light. Green (2 shades), Amber/Yellow Caution, Red> not advised. A few sites haven't been rated and show as a blue flashlight.

If you want to link to another site from the page you're on o another, WOT will give you an Alert that the site is known for fraudulent entries, unreliable or other and the site won't load. Don't worry- those Alerts don't happen if you still to the green rating.

Give it a try- http://www.mywot.com/en/download
===================================
Please reopen HijackThis to 'do system scan only.'. Check each of the following, if present:

C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\rmctrl.exe (Cyberlink DVD)
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

Close all Windows except HijackThis and click on "Fix Checked."

All of the above are legitimate enteries, but none need to be on Startup. They can be unchecked using msconfig

For the Java auto-updater: Uncheck jusched on Startup
For Java Quick Starter- not needed> Start> Run> type in services.msc> Disable jqs> Stop the Service
RemoteControl, NeroFilterCheck are for Cyberlink DVD & burning> Uncheck both on Startup.
Uncheck Reader_sl.exe on Startup. The Adobe reader doesn't need to run in the background
HP SoftwareUpdate doesn't need to update> uncheck it.

Yes. That's why we say "if present."

About using msconfig: This should better inform you:
To remove entries from Startup using the msconfig utility:

• Click on Start> Run> type in msconfig> enter>
• Click on Selective Startup
• Choose the Startup tab:
  This is where you UNCHECK the Startup items. This does not remove the item or uninstall anything> it just stops it from starting on boot. It can be rechecked at any time if wanted.
  Look for these entries:
  jusched.
  HPWuSchd2
  Expand as below to look for the Adobe reader_sl
  If you don't see them, that's okay.
  
• To expand the Command Column, (this shows what the process 'belongs' to) hold left mouse button down on the dividing line on frame above Location and move to the right to expand.
• Click on Apply> OK when finished.

NOTE:
When you reboot the system the first time after making changes using the msconfig utility, a nag message comes up that can be ignored and closed after checking 'don't show this message again.'
Once you make changes to the Startup menu, you must remain in Selective Startup to retain those changed. If you go back to Normal Startup, everything you unchecked will be checked again and start on boot.

You don't have to have a program start on boot to be able to use it. All you NEED on Startup is:
Antivirus program
Firewall if you have 3rd party firewall such as Comodo or Zone Alarm
Touchpad is using a laptop
Network process if using something like Network Magic.
Nothing else!
I have 6 checks on my laptop startup.

To access, use All Programs. To print, click on File> Print. I see most of these systems with every program and app they have loading on boot and running in the background. Then, like you, in addition to carrying all those startup using RAM, you surf a while, get temporary internet files, then get 'sluggish.' And the more you have starting, the longer it takes to load and the longer it takes to shut down.

You are coming along fine. You should be noticing better speed. Be sure to run TFC occasionally of get rid of the temporary internet files. Most of us take the internet personally at times. Don't- it will wear you out!.

When you're comfortable with the removals and cleaning, you can remove all of the tools we used and the files and folders they created

• Uninstall ComboFix and all Backups of the files it deleted
• Click START> then RUN
• Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
  

• Download OTCleanIt by OldTimer and save it to your Desktop.
• Double click OTCleanIt.exe.
• Click the CleanUp! button.
• If you are prompted to Reboot during the cleanup, select Yes.
• The tool will delete itself once it finishes.

Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.

• You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
• Go to Start > All Programs > Accessories > System Tools
• Click "System Restore".
• Choose "Create a Restore Point" on the first screen then click "Next".
• Give the Restore Point a name> click "Create".
  
• Go back and follow the path to > System Tools.
  [*]Choose Disc Cleanup
  [*]Click "OK" to select the partition or drive you want.
  [*]Click the "More Options" Tab.
  [*]Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.

Empty the Recycle Bin
Let me know if you have any more questions. I hope this has been a good learning experience for you.

All!

What they are:

1. igfxtray.exe>>>Quick access to the control panel via a System Tray icon for graphics based upon the Intel chipsets.
2. igfxpers.exe>>> Associated with the Common User Interface module for Intel graphics cards. (actual name is 'persistence.)
3. SMax4PNP.exe>>> SoundMax integrated sound. Only required if you have custom settings for your sound, such as effects and environments .
4. AdobeARM.exe>>> Adobe Arm, otherwise known as Adobe Reader and Acrobat Manager, is an autoupdate utility.
5. steam.exe>>> Valve Software's STEAM broadband game client. Steam is Valve's new way of getting games into your hands ASAP. Games like Half-Life, Counter-Strike,etc. Steam games are automatically kept up-to-date with the latest content and revisions. Steam also includes an instant-message client which even works while you're in-game.
6. nerocheck.exe>>>Associated with "Nero Burning Rom" CD writing software. Checks for driver issues

Keep in mind that malware can run using almost any process name. ergo> the fewer processes you have running, the easier to keep track of them and the better to use the system resources.

Also keep in mind that unchecking a process on Startup doesn''t remove the programs. If you mistakenly uncheck something you find you need, just go back and recheck it.

ctfmon.exe requires a bit more work to keep it from starting up. See the referenced site for instructions.
ctfmon.exe>>> CTFMon is involved with the language/alternative input services in Office XP. CTFMON.exe will continue to put itself back into MSConfig when you run the Office XP apps as long as the Text Services and Speech applets in the Control Panel are enabled.
http://support.microsoft.com/default.aspx?scid=kb;en-us;282599