Hi.

After doing a random scan with Ad-ware Se, I noticed win32.trojanclicker, and win32.adware.cinmus. I took the usual steps in quarantining them, however, with another scan, win32.adware.cinmus was still there. I've also found that win32.trojanclicker always reappears in a scan after a reboot.

Not sure if this is related but I cant change the time/date of my computer either. Everytime I change the date, it always resets back to January 5, 2005 and the time has now changed to 24 hr time...

Help with any of these problems would be much appreciated.

Here is the HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 3:16:57 AM, on 5/01/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\ticw.exe
F:\DkService.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\PDVDServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe
C:\WINDOWS\explorer.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_001.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\en-au\msntb.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [Thunder] C:\Program Files\Thunder Network\Thunder\Thunder.exe /s
O4 - HKLM\..\Run: [WinSysW] C:\WINDOWS\399952L.exe
O4 - HKLM\..\Run: [WinSysM] C:\WINDOWS\399952M.exe
O4 - HKLM\..\Run: [WINSvr32] C:\WINDOWS\WINSvr32.exE
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SHAProc] C:\WINDOWS\SHAProc.exe
O4 - HKLM\..\Run: [RemoteControl] F:\PDVDServ.exe
O4 - HKLM\..\Run: [RegSrv64D] C:\WINDOWS\fcsjqy.exe
O4 - HKLM\..\Run: [PTSShell] C:\WINDOWS\PTSShell.exe
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NVDispDrv] C:\WINDOWS\fzavel.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NAVMon32] C:\WINDOWS\NAVMon32.exE
O4 - HKLM\..\Run: [MsPrint32D] C:\WINDOWS\clwiug.exe
O4 - HKLM\..\Run: [MsIMMs32] C:\WINDOWS\MsIMMs32.exE
O4 - HKLM\..\Run: [msccrt] C:\WINDOWS\msccrt.exe
O4 - HKLM\..\Run: [mppds] C:\WINDOWS\mppds.exe
O4 - HKLM\..\Run: [LotusHlp] C:\WINDOWS\LotusHlp.exe
O4 - HKLM\..\Run: [Kvsc3] C:\WINDOWS\Kvsc3.exE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet\FlashGet.exe" /min
O4 - HKLM\..\Run: [DiskeeperSystray] "F:\DkIcon.exe"
O4 - HKLM\..\Run: [DbgHlp32] C:\WINDOWS\DbgHlp32.exe
O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ccApp] -
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [AVPSrv] C:\WINDOWS\AVPSrv.exE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [AAW] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" "+b1"
O4 - HKLM\..\RunOnce: [Remove] "C:\Program Files\Remove on Reboot\Remove.exe" "C:\WINDOWS\system32\oqpcbf07.dll"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PictureShow] "C:\Program Files\PictureShow\poco_tools.exe" -p PictureShow
O4 - HKCU\..\Run: [PICer] "C:\Program Files\PICer\poco_tools.exe" -p PICer
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &ʹÓÃĄ¸Ã€Ãâ€â€�ÏÂÃâ€�ÃËÅ“ - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: &ʹÓÃĄ¸Ã€Ãâ€â€�ÏÂÃâ€�Øȫ²¿Ã�´½Ã“ - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Ã’Ãâ€â€�Ȥ¹ºÃŽï - C:\Program Files\AD4All\link1\eachlink.htm
O9 - Extra button: (no name) - {0062C9BD-B349-40DE-91A0-755F37ACD559} - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - (no file)
O9 - Extra button: Ã’»Ã†ðÀ´Ã’ôÀÖÉçÇø - {7DBC6ADB-5788-4FB9-AEC3-B40A58AC11DF} - http://www.yiqilai.com (file missing)
O9 - Extra button: Joyo - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - C:\WINDOWS\system32\IEPlugin.dll (file missing)
O9 - Extra button: ZDNet - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - C:\WINDOWS\system32\IEPlugin.dll (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: Ã’Ãâ€â€�Ȥ¹ºÃŽï - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=824 (file missing)
O9 - Extra 'Tools' menuitem: Ã’Ãâ€â€�Ȥ¹ºÃŽï - {EE60714F-AC17-427e-861A-FD60CBDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=824 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS1\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS2\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS3\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS4\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS5\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS6\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS7\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS8\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS9\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS10\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS11\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS12\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS13\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS14\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS15\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O17 - HKLM\System\CS16\Services\Tcpip\..\{3656AF19-7CF9-4628-937D-AD50B7DB1B4A}: Domain = nsw.bigpond.net.au
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\mstexm40.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: 2D9EAA78 - Unknown owner - C:\WINDOWS\system32\415AC088.EXE (file missing)
O23 - Service: 3ED4A02C - Unknown owner - C:\WINDOWS\system32\65E2F530.EXE
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - F:\DkService.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Ã’»Ã†ðÀ´Ã’ôÀÖÖúÃŠÖ (Yiqilai) - Unknown owner - C:\Program Files\Yiqilai\wmp\YiqilaiLyrics.exe (file missing)

Thanks a lot to anyone who can help me.