yes get hijackthis shut down any browser windows then scan. Click save log and post the log here.
here is a good place to download hijack this
http://www.spychecker.com/program/hijackthis.html

thank you I will do this as soon as I get home tonight

this is what came up

Logfile of HijackThis v1.97.7
Scan saved at 6:12:16 PM, on 8/30/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\program files\mcafee.com\vso\mcvsshld.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Program Files\MSN Apps\Updater\01.02.0002.1001\en-us\msnappau.exe
C:\Program Files\WinMX\WinMX.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\gcfzzkheujp.exe
C:\WINDOWS\System32\8d2mo5ybwxr4xj.exe
C:\WINDOWS\System32\gcfzzkheujp.exe
C:\WINDOWS\System32\gcfzzkheujp.exe
C:\WINDOWS\System32\gcfzzkheujp.exe
C:\WINDOWS\System32\gcfzzkheujp.exe
C:\Documents and Settings\Corey\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowws.cc/hp.htm?id=9
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost;
O2 - BHO: (no name) - {467FAEB2-5F5B-4c81-BAE0-2A4752CA7F4E} - C:\WINDOWS\System32\ct9ucsvy44.dll
O3 - Toolbar: &Search - {3F5A62E2-51F2-11D3-A075-CC7364CAE42A} - C:\WINDOWS\System32\jfi.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Common\ycomp5_1_6_0.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.2001.0001\en-us\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [VirusScan Online] c:\program files\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Online Service] C:\WINDOWS\msreg.exe
O4 - HKLM\..\Run: [Winhost] C:\WINDOWS\win.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.0002.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [romahere] C:\WINDOWS\System32\matrixhere.exe
O4 - HKLM\..\Run: [pnpsvc_lock] C:\WINDOWS\System32\25587401.exe
O4 - HKLM\..\Run: [TmybfCTiM] C:\documents and settings\corey\local settings\temp\TmybfCTiM.exe
O4 - HKLM\..\Run: [Network Security Guard] C:\WINDOWS\System32\gcfzzkheujp.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [romahere] C:\WINDOWS\System32\matrixhere.exe
O4 - HKCU\..\Run: [uninstal] regsvr32 /u /s image.dll
O4 - Global Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: winlogin.exe
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Real.com (HKLM)
O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O15 - Trusted Zone: *.greg-search.com
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0309.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {427273CC-764E-11D3-823D-006097F90453} (Pixami Image Editor Control) - http://www.imagestation.com/common/classes/BPImageEditor.cab?ver=1,1,0,32
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B94B4225-E02E-4D3F-BADB-026F1E2F3AD7} (HttpDownloader Control) - http://www.instantplugin.com/SexDownloader.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_1us.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab

thanks I will try it right now

ok I did it but it did not help my homepage still comes in as http://www.windowws.cc/hp.htm?id=9 an then switches to http://296f8.ilxt.info/index.php?aid=20009 and then I get the your computer has spyware pop up

and now when my computer starts it says it is missing parts of McAfee and I did the restore already

Also my aol stopped working now and It won't let me reinstall and it says missing idleproc.dll missing

well if you took my advice then u should of created a restore point or backup of files so open system restore and restore back to the place where you performed the scan. Did you also check into having illegal p2p programs on your computer like kazaa, imesh, grokster, andd things like tha because usually those a re back with malware.

yes I did do the restore but for some reason the aol still doesn't work. I do have winmx on my computer I also went to antivirus online and did the free scan and it found a lot of stuff but couldn't clear it all. I appreciate all the help that you are giving me

as I mentioned in an early post I thought some of those entries could be viruses what you should do is boot into safe mode (esc+F8 while rebooting) then go into the folder they are all in C:/WINDOWS/system32 and delete them. If at first you cannot see these files then go up to tools
I am going to try this again too

hey,my problem is solved I was out of townand didn't have access. Thanks for the help