I need help with my computer. It is very very very slow. I ran
HijackThis and a bunch of stuff came up that I dont recognize please
look over the log and advise me what and why I can delete.
Logfile of HijackThis v1.97.7
Scan saved at 9:18:05 PM, on 11/22/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\carpserv.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Shimshie\Desktop\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://smbusiness.dellnet.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://smbusiness.dellnet.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
Microsoft Internet Explorer provided by Bezeq WOW
O1 - Hosts: 12.129.205.209 search.netscape.com12.129.205.209
sitefinder.verisign.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Desktop Search Capture -
{7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program
Files\Google\Google Desktop Search\GoogleDesktopIE.dll
O2 - BHO: Core Library - {83B3E0C1-DEF1-4df5-A3F5-92D10B7A396A} -
C:\WINDOWS\System32\sfg104f.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} -
C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: AlxTB BHO - {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} -
C:\WINDOWS\System32\AlxTB1.dll (file missing)
O3 - Toolbar: Norton AntiVirus -
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton
AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: A9 &Toolbar - {200488FD-C76C-47cd-BDE5-FC2571261B63} -
C:\WINDOWS\System32\A9Toolbar1.dll
O3 - Toolbar: A9 &Diary - {5FE96BC0-E89F-409d-9B68-6D3693E1BA83} -
C:\WINDOWS\System32\A9Toolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [win_upd.exe] C:\WINDOWS\System32\WINdirect.exe
O4 - HKLM\..\Run: [SafeGuard Popup Blocker Updater (required)]
regsvr32 /s C:\WINDOWS\System32\sfg104f.dll
O4 - HKLM\..\Run: [winshost.exe] C:\WINDOWS\System32\winshost.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKCU\..\Run: [key] C:\WINDOWS\System32\winxp.exe
O4 - HKCU\..\Run: [win_upd.exe] C:\WINDOWS\System32\WINdirect.exe
O4 - HKCU\..\Run: [winshost.exe] C:\WINDOWS\System32\winshost.exe
O4 - HKCU\..\Run: [wingo] C:\WINDOWS\System32\wingo.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program
Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Search the web with &A9.com -
res://C:\WINDOWS\System32\A
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Research (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: ICQ Lite (HKLM)
O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O9 - Extra button: wow (HKCU)
O9 - Extra button: bezeq (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\google\google
desktop search\googledesktopnetwork1.dll
O10 - Unknown file in Winsock LSP: c:\program files\google\google
desktop search\googledesktopnetwork1.dll
O10 - Unknown file in Winsock LSP: c:\program files\google\google
desktop search\googledesktopnetwork1.dll
O10 - Unknown file in Winsock LSP: c:\program files\google\google
desktop search\googledesktopnetwork1.dll
O16 - DPF: cpcScanner - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: Yahoo! Pool 2 -
http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office
Template and Media Control) -
http://office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX
Control) - http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor
Class) - http://download.microsoft.com/download/0/5/c/05c905f4-dd30-427d-a3de-373c3e5552fc/msSecAdv.cab?1091919773450
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class)
- http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update
Installation Engine) -
http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {544EB377-350A-4295-9BEB-EAB8392E09C6} (MSN Money Charting)
- http://fdl.msn.com/public/investor/v13/invinstl.exe
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
http://us.games2.yimg.com/download.games.yahoo.com/games/play/client/exentctl_0_0_0_1.ocx
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class)
- https://rtc1.webresponse.one.microsoft.com/media/xp/TLIEFlash.CAB
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload
Control) - http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37865.3941666667
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) -
http://www.microsoft.com/security/controls/Sasser/20/SassCln.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://zone.msn.com/binFramework/v10/ZIntro.cab27513.cab
O16 - DPF: {CE74A05D-ED12-473A-97F8-85FB0E2F479F}
(dlControl.UserControl1) - http://www.cinemanow.com/dlControl.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash
Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader
Object) - http://antu.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software
XUpload) - http://www.photonachas.com/XUpload.ocx

Hello. Get rid of these files. You seem to have wingo.exe which is a
worm. DELETE it immediately. You can find more information here: 
http://www.liutilities.com/products/wintaskspro/processlibrary/wingo.

FILES TO DELETE: 

O2 - BHO: Core Library - {83B3E0C1-DEF1-4df5-A3F5-92D10B7A396A} -
C:\WINDOWS\System32\sfg104f.dll
O2 - BHO: AlxTB BHO - {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} -
C:\WINDOWS\System32\AlxTB1.dll (file missing)
O3 - Toolbar: A9 &Toolbar - {200488FD-C76C-47cd-BDE5-FC2571261B63} -
C:\WINDOWS\System32\A9Toolbar1.dll
O3 - Toolbar: A9 &Diary - {5FE96BC0-E89F-409d-9B68-6D3693E1BA83} -
C:\WINDOWS\System32\A9Toolbar1.dll
O4 - HKCU\..\Run: [wingo] C:\WINDOWS\System32\wingo.exe
O8 - Extra context menu item: Search the web with &A9.com -
res://C:\WINDOWS\System32\A

Let me know if that helped.