Hijackthis log please check and help if possible

This is my hijackthis log

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 21:41:22, on 01/01/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Parallels\Parallels Tools\cohrence.exe
C:\WINDOWS\shell.exe
C:\Program Files\Parallels\Parallels Tools\toolsrv.exe
C:\WINDOWS\mgrs.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\rundll32.exe
E:\Jasc Software\Animation Shop 3\anim.exe
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Owner\Desktop\HiJackThis_v2.exe

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\shell.exe
F3 - REG:win.ini: load=C:\WINDOWS\System32\awtss.exe
O2 - BHO: (no name) - {2E9D4C81-9F27-4c14-B804-7B0F6BC88A4F} - C:\Program Files\Outerinfo\Outerinfo.dll (file missing)
O2 - BHO: {15062684-a77d-e3ca-9054-31fdb5655b43} - {34b5565b-df13-4509-ac3e-d77a48626051} - C:\WINDOWS\System32\mwtqignf.dll
O2 - BHO: Google Module - {531BE052-76FC-4b05-9CCD-AF6AA265113C} - strike12.dll (file missing)
O2 - BHO: (no name) - {B44F62BA-6BA5-42E9-896A-1AF57325955A} - C:\WINDOWS\System32\awtss.dll
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684BB} - C:\Program Files\Helper\superfindout.dll
O2 - BHO: (no name) - {FA16FE06-B462-470E-9653-79C54B1871FF} - C:\WINDOWS\System32\pmnnmnk.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Parallels Tools] C:\Program Files\Parallels\Parallels Tools\ParallelsToolsCenter.exe
O4 - HKLM\..\Run: [SharedInternetApplication] "C:\Program Files\Parallels\Parallels Tools\SIA\sharedintapp.exe" /start
O4 - HKLM\..\Run: [avp] C:\WINDOWS\TEMP\winBC.exe
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [lsass] C:\WINDOWS\lsass.exe
O4 - HKLM\..\Run: [Printer] C:\WINDOWS\System32\printer.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [ctfmona] C:\WINDOWS\System32\ctfmona.exe
O4 - HKLM\..\Run: [64cfbac3] rundll32.exe "C:\WINDOWS\System32\kjscneac.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Spoolsv] C:\WINDOWS\System32\spoolvs.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: findfast.exe
O4 - Global Startup: autorun.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Unknown file in Winsock LSP: wsock3.dll
O10 - Unknown file in Winsock LSP: wsock3.dll
O10 - Unknown file in Winsock LSP: wsock3.dll
O10 - Unknown file in Winsock LSP: wsock3.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\wowfx.dll
O20 - Winlogon Notify: pmnnmnk - C:\WINDOWS\SYSTEM32\pmnnmnk.dll
O20 - Winlogon Notify: winvax32 - C:\WINDOWS\SYSTEM32\winvax32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Parallels Coherence Service (cohrence) - Parallels Software International, Inc. - C:\Program Files\Parallels\Parallels Tools\cohrence.exe
O23 - Service: Parallels Tools Utility Service (toolsrv) - Parallels Software International, Inc. - C:\Program Files\Parallels\Parallels Tools\toolsrv.exe

--
End of file - 4266 bytes

 

Pretty good mess! Will take a few steps to remove infections. Reboot into Safe mode. Run HJK. Do a scan only. Place check marks next to all the items listed below. Click, fix checked. Reboot. Run HJK, again. Post a new log.

C:\WINDOWS\shell.exe

C:\WINDOWS\mgrs.exe

E:\Jasc Software\Animation Shop 3\anim.exe

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\shell.exe

F3 - REG:win.ini: load=C:\WINDOWS\System32\awtss.exe

O2 - BHO: (no name) - {2E9D4C81-9F27-4c14-B804-7B0F6BC88A4F} - C:\Program Files\Outerinfo\Outerinfo.dll (file missing)

O2 - BHO: {15062684-a77d-e3ca-9054-31fdb5655b43} - {34b5565b-df13-4509-ac3e-d77a48626051} - C:\WINDOWS\System32\mwtqignf.dll

O2 - BHO: Google Module - {531BE052-76FC-4b05-9CCD-AF6AA265113C} - strike12.dll (file missing)

O2 - BHO: (no name) - {B44F62BA-6BA5-42E9-896A-1AF57325955A} - C:\WINDOWS\System32\awtss.dll

O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684BB} - C:\Program Files\Helper\superfindout.dll

O2 - BHO: (no name) - {FA16FE06-B462-470E-9653-79C54B1871FF} - C:\WINDOWS\System32\pmnnmnk.dll

O4 - HKLM\..\Run: [smgr] mgrs.exe

O4 - HKLM\..\Run: [lsass] C:\WINDOWS\lsass.exe

O4 - HKLM\..\Run: [Printer] C:\WINDOWS\System32\printer.exe

O4 - HKLM\..\Run: [64cfbac3] rundll32.exe "C:\WINDOWS\System32\kjscneac.dll",b

O4 - HKCU\..\Run: [Spoolsv] C:\WINDOWS\System32\spoolvs.exe

O4 - Startup: findfast.exe

O4 - Global Startup: autorun.exe

O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O10 - Unknown file in Winsock LSP: wsock3.dll

O10 - Unknown file in Winsock LSP: wsock3.dll

O10 - Unknown file in Winsock LSP: wsock3.dll

O10 - Unknown file in Winsock LSP: wsock3.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\wowfx.dll

O20 - Winlogon Notify: pmnnmnk - C:\WINDOWS\SYSTEM32\pmnnmnk.dll

O20 - Winlogon Notify: winvax32 - C:\WINDOWS\SYSTEM32\winvax32.dll

 

Ok, i've done everyting. But I still have the virus. and er, thanks.
Can you check this logfile please ?
Thanks.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 20:26:57, on 04/01/2008

Platform: Windows XP SP1 (WinNT 5.01.2600)

Boot mode: Normal



Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.exe

C:\Program Files\Parallels\Parallels Tools\cohrence.exe

C:\Program Files\Parallels\Parallels Tools\toolsrv.exe

C:\WINDOWS\TEMP\D7ADC57D.exe

C:\WINDOWS\locker.exe

C:\WINDOWS\wl.exe

C:\WINDOWS\System32\wuauclt.exe

C:\WINDOWS\System32\wuauclt.exe

C:\WINDOWS\shell.exe

C:\Documents and Settings\Owner\Desktop\HiJackThis_v2.exe



F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\shell.exe

O2 - BHO: (no name) - {67A02F72-2791-473B-9916-95264FA92480} - C:\WINDOWS\System32\awtss.dll

O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684BB} - C:\Program Files\Helper\superfindout.dll

O2 - BHO: (no name) - {FA16FE06-B462-470E-9653-79C54B1871FF} - C:\WINDOWS\system32\pmnnmnk.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [Parallels Tools] C:\Program Files\Parallels\Parallels Tools\ParallelsToolsCenter.exe

O4 - HKLM\..\Run: [SharedInternetApplication] "C:\Program Files\Parallels\Parallels Tools\SIA\sharedintapp.exe" /start

O4 - HKLM\..\Run: [avp] C:\WINDOWS\TEMP\winBC.exe

O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [ctfmona] C:\WINDOWS\System32\ctfmona.exe

O4 - HKLM\..\Run: [Printer] C:\WINDOWS\System32\printer.exe

O4 - HKLM\..\Run: [License] locker.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Spoolsv] C:\WINDOWS\System32\spoolvs.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: findfast.exe

O4 - Global Startup: autorun.exe

O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O10 - Unknown file in Winsock LSP: wsock3.dll

O10 - Unknown file in Winsock LSP: wsock3.dll

O10 - Unknown file in Winsock LSP: wsock3.dll

O10 - Unknown file in Winsock LSP: wsock3.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\wowfx.dll

O20 - Winlogon Notify: pmnnmnk - C:\WINDOWS\SYSTEM32\pmnnmnk.dll

O20 - Winlogon Notify: winvax32 - C:\WINDOWS\SYSTEM32\winvax32.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: Parallels Coherence Service (cohrence) - Parallels Software International, Inc. - C:\Program Files\Parallels\Parallels Tools\cohrence.exe

O23 - Service: Parallels Tools Utility Service (toolsrv) - Parallels Software International, Inc. - C:\Program Files\Parallels\Parallels Tools\toolsrv.exe



--

End of file - 3661 bytes

 

Yes, your system is still infected. HijackThis was not able to remove all your viruses. This may take a few different cleaners to do the job.

Download comboFix to your desktop. http://forums.majorgeeks.com/showthread.php?t=134965

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**