Followed Hijack this, still have browser hijack -Help?

Used Hijack this, spybot, NIS 2004 and followed the HJT Tutorial and used Pacman and Tony's links for determining bad files.

When i rescan with Hijack the Try-this-search.biz files re-appear, as well as the home page for the browser.

Since this just happened today, i haven't played with the system restore feature.

Looking for any help.

Thanks,
steven

 

Ok Major Attitude,

I printed out the Tutorial for the virus removal.

Downloaded all the anti virus files listed.

Disabled sys restore.

Do not have network sec. or workstation services active on my laptop.

Enabled (already done) hidden files and add extentions.

Installed software as requested.

Booted in safe mode.

Ran all software as described. Deleted the index dat.

Ran Avert.

*** Was not able to connect to sym. sec. check or trend since in safe mode, the computer disabled my Wireless/lan connection to the internet.****

Ran Ad SE with the plugin.

Ran SPybot and then immunized.

Ran all the other antivirus software.

Ran SpywareBlaster.

Ran Hijack this and removed R1's Try-this-search items (There were 3).

Ran again and they were gone.

Rebooted computer, opened IE and Try-this-search.biz was still there!

Please advise.
Standing by to post Log if you are ready.

Thank you.

 

Ok.

Ran the online scans at both trend and symantic and found nothing. Followed the Hijack this tutorial.

Still get the try-this browser and still, obviously shows up in log.

Following is the latest log:


Thanks for your help gentlemen!
Steve

 

Sorry, didn't attach file.

Here it is the way you prefer...

I closed all the files in the sys tray except my NIS 2004. If you feel there is still too much running, please let me know.

I am just not sure what programs are safe to close in the task manager so that the computer will still function while i try and fix the problems.

Thanks, steve

 

One last note,

I turned off the 'make back up' in the HJT option. Just to see if that was part of the problem - it wasn't. Should i turn it back on next time?

Steve.

 

FIXED!!

Redid the process and fixing/removing the 021 line ( i think this may have been the culprit as the other lines you asked me to remove, were lines that keep re-appearing.) Don't recall having fixed the 021 line before.


I did not get Chas's message til after i did what MA suggested. So, for the moment, i'm back to my About:blank IE startup page. Yippee.

Thank you very much for this support.

May i ask how you guys are compensated? Is this just a hobby and you just monitor the site 24/7? or is this a full time deal and are compensated some way?

I'd consider a donation for the service.

Steven

P.S. :

I have been very happy using NIS 2004. It has never let me down until this browser hijack. I constantly update NIS as well as use spybot and spysweeper frequently.

Is there some reason NIS didn't catch this or does this type of thing fall outside the range of the firewall/antivirus capabilities?

Thanks again....until next time...