This is your clock problem as well.
Well you have a vundo variant on there, this is the main infection so we need to get that off first. I also see some spyware and even though I don't see CWS anymore you should still run CWShredder to be sure.
Vundofix by Atribune
Please download
VundoFix.exe to your desktop.
- Double-click VundoFix.exe to run it.
- Click the Scan for Vundo button.
- Once it's done scanning, click the Remove Vundo button.
- You will receive a prompt asking if you want to remove the files, click YES
- Once you click yes, your desktop will go blank as it starts removing Vundo.
- When completed, it will prompt that it will reboot your computer, click OK.
- Please attach the C:\vundofix.txt and a new HiJackThis log.
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the
Scan for Vundo button." when VundoFix appears at reboot.
--------------------------------------------------------------------------------
CWShredder
Download CWShredder [http://www.trendmicro.com/ftp/products/online-tools/cwshredder.exe]here[/URL] to its own folder.
Update CWShredder
* Open CWShredder and click I AGREE
* Click Check For Update
* Close CWShredder
Boot into Safe Mode:
Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.
Now run CWShredder. Click I Agree, then Fix and then Next, let it fix everything it asks about. Reboot your computer into normal windows.
--------------------------------------------------------------
Run a fresh Hijackthis and attach here with the vundofix.txt