Outer Info

[PC eye]

Let's cross check just what should be removed by HiJack This. From the log here let's do a one to one.

R3 - URLSearchHook: (no name) - {8ADF7C45-DBB4-D345-A6A9-ECCB5F9C58C1} - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {74243324-CD86-C329-92A9-F98AABA4FB99} - (no file)
O2 - BHO: (no name) - {784D1777-B0D6-BC74-CA0D-D398CA12F4CC} - (no file)
O2 - BHO: (no name) - {8ADF7C45-DBB4-D345-A6A9-ECCB5F9C58C1} - (no file)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - J:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - J:\Program Files\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - J:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
The above can be removed without issue. The new log will reduce the number.

 

[Computer Genius]

That what i said!

 

[PC eye]

That what i said!

Gee? It seems like you missed a couple of items.
R3 - URLSearchHook: (no name) - {8ADF7C45-DBB4-D345-A6A9-ECCB5F9C58C1} - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

 

[Computer Genius]

No i havn't look properly.

 

[Dav]

I removed the files that everyone said to remove, have uninstalled outerinfo multiple times from www.outerinfo.com/ but still get their popups! Here is the newest log:

Logfile of HijackThis v1.99.1
Scan saved at 12:51:38 AM, on 6/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
J:\WINDOWS\System32\smss.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\services.exe
J:\WINDOWS\system32\lsass.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\System32\svchost.exe
J:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
J:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
J:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
J:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
J:\WINDOWS\system32\spoolsv.exe
J:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
J:\Program Files\ewido anti-malware\ewidoctrl.exe
J:\Program Files\Norton AntiVirus\navapsvc.exe
J:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
J:\WINDOWS\System32\svchost.exe
J:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
J:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
J:\WINDOWS\ALCXMNTR.EXE
J:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
J:\Program Files\Common Files\Symantec Shared\ccApp.exe
J:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
J:\Program Files\HP\hpcoretech\hpcmpmgr.exe
J:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
J:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
J:\Program Files\Java\jre1.5.0_04\bin\jucheck.exe
J:\Documents and Settings\Owner\My Documents\download\TizzleTalk\TizzleTalk.exe
J:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
J:\Program Files\Messenger\msmsgs.exe
J:\Program Files\AIM\aim.exe
J:\WINDOWS\explorer.exe
J:\Program Files\?asks\?canregw.exe
J:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
J:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - J:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - J:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - J:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ccApp] "J:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] J:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] J:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "J:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] J:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [SpySweeper] "J:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [TizzleTalk] J:\Documents and Settings\Owner\My Documents\download\TizzleTalk\TizzleTalk.exe
O4 - HKLM\..\Run: [HP Software Update] J:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [MSMSGS] "J:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] J:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Yahoo! Pager] J:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Global Startup: Adobe Reader Speed Launch.lnk = J:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Download with &Shareaza - res://J:\Program Files\Etomi\Plugins\RazaWebHook.dll/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - J:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - J:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.shockwave.com/content/zuma/popcaploader_v5.cab
O20 - AppInit_DLLs: J:\WINDOWS\system32\explorer.dll J:\WINDOWS\system32\nslookup.dll
O20 - Winlogon Notify: WgaLogon - J:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - J:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - J:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - J:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - J:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - J:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - J:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: LiveUpdate - Symantec Corporation - J:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - J:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - J:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - J:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - J:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - J:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - J:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - J:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - J:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

 

[PC eye]

I didn't spot anything off in the post there. But I came across one utility that seems to be effective in removing the Outerinfo which is a form of spyware designed to monitor your web surfing habits. Spyware Doctor 3.8 for Windows accordingly is supposed to be a good remover for that. You can download a free copy at http://www.anti-spyware-download.com/index_oi.html?c=164&kw=outerinfo Give this a try and see if it's not a most buy full version deal to remove....? gimic.

 

[Computer Genius]

Remove outer-info from add-remove programs

Please remove this:

J:\Program Files\?asks\?canregw.exe

And you haev some spyware from Realtek (They made your soundcard) they monitor what you do on the web.

You may delete this:

J:\WINDOWS\ALCXMNTR.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

 

[Dav]

Remove outer-info from add-remove programs

Please remove this:

J:\Program Files\?asks\?canregw.exe

And you haev some spyware from Realtek (They made your soundcard) they monitor what you do on the web.

You may delete this:

J:\WINDOWS\ALCXMNTR.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

Outer info is not located in add/remove programs.

 

[Dav]

I didn't spot anything off in the post there. But I came across one utility that seems to be effective in removing the Outerinfo which is a form of spyware designed to monitor your web surfing habits. Spyware Doctor 3.8 for Windows accordingly is supposed to be a good remover for that. You can download a free copy at http://www.anti-spyware-download.com/index_oi.html?c=164&kw=outerinfo Give this a try and see if it's not a most buy full version deal to remove....? gimic.

Tried the spy doctor on that link and it said I would have to buy the $30 version in order to remove stuff from my computer.

 

[PC eye]

Don't you just love that! "You buy We fix" crapola! And then there are times when you find things on other forums that can be a help.

"Download Brute Force Uninstaller to your C:\
Unzip it to a folder of its own (C:\BFU). So the BFU-folder should be on your root. In most cases this is C:\
Download qoofix.bat (rightclick on this link and choose save as)
Place qoofix.bat in your C:\BFU - folder. (Important!)
Doubleclick qooFix.bat, Close all browsers and explorer folders.
Choose option 1 (Qoolfix autofix) and follow the prompts.
Please be patient, it will take about five minutes.
It will ask to reboot your computer, so please allow it to reboot.
After the PC has restarted please post another hijackthis log." http://forums.spywareinfo.com/index.php?showtopic=76358

When you go to the page there scroll and click on the download link for the Brute Force uninstaller and the goofix.bat both. A pop up for downloading each will appear right away. That was one possible fix to throw in while another search comes up with

"Look in your control panel's add/remove programs for PuritySCAN By OIN, OuterInfo, OIN or similar. Click on it and then click remove.

Reboot and if found, delete this folder:

C:\Program Files\PurityScan

If not listed, download and run this uninstaller:
http://www.outerinfo.com/OiUninstaller.exe
http://www.outerinfo.com/howto.html
Tutorial for the uninstaller if needed

Reboot when done and if found, delete this folder:

C:\Program Files\PurityScan

* Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
Doubleclick the drweb-cureit.exe file and Allow to run the express scan
This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
Once the short scan has finished, mark the drives that you want to scan.
Select all drives. A red dot shows which drives have been chosen.
Click the green arrow at the right, and the scan will start.
Click 'Yes to all' if it asks if you want to cure/move the file.
When the scan has finished, look if you can click next icon next to the files found:
If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:

This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
Save the report to your desktop. The report will be called DrWeb.csv
Close Dr.Web Cureit.
Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.
After reboot, post the contents of the log from Dr.Web you saved previously in your next reply, and a new HijackThis log.

Let me know how your computer is running now." http://forums.pcpitstop.com/index.php?showtopic=118775 Give these a try to see they work at all.

 

[Dav]

Don't you just love that! "You buy We fix" crapola! And then there are times when you find things on other forums that can be a help.

"Download Brute Force Uninstaller to your C:\
Unzip it to a folder of its own (C:\BFU). So the BFU-folder should be on your root. In most cases this is C:\
Download qoofix.bat (rightclick on this link and choose save as)
Place qoofix.bat in your C:\BFU - folder. (Important!)
Doubleclick qooFix.bat, Close all browsers and explorer folders.
Choose option 1 (Qoolfix autofix) and follow the prompts.
Please be patient, it will take about five minutes.
It will ask to reboot your computer, so please allow it to reboot.
After the PC has restarted please post another hijackthis log." http://forums.spywareinfo.com/index.php?showtopic=76358

When you go to the page there scroll and click on the download link for the Brute Force uninstaller and the goofix.bat both. A pop up for downloading each will appear right away. That was one possible fix to throw in while another search comes up with

Ok I just now did that.

Newest Log:
Logfile of HijackThis v1.99.1
Scan saved at 9:21:11 PM, on 6/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
J:\WINDOWS\System32\smss.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\services.exe
J:\WINDOWS\system32\lsass.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\System32\svchost.exe
J:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
J:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
J:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
J:\WINDOWS\Explorer.EXE
J:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
J:\WINDOWS\system32\spoolsv.exe
J:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
J:\Program Files\ewido anti-malware\ewidoctrl.exe
J:\Program Files\Norton AntiVirus\navapsvc.exe
J:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
J:\WINDOWS\System32\svchost.exe
J:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
J:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
J:\WINDOWS\ALCXMNTR.EXE
J:\WINDOWS\AGRSMMSG.exe
C:\HP\KBD\KBD.EXE
J:\Program Files\Common Files\Symantec Shared\ccApp.exe
J:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
J:\Program Files\HP\hpcoretech\hpcmpmgr.exe
J:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
J:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
J:\Program Files\Java\jre1.5.0_04\bin\jucheck.exe
J:\Documents and Settings\Owner\My Documents\download\TizzleTalk\TizzleTalk.exe
J:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
J:\Program Files\Messenger\msmsgs.exe
J:\Program Files\AIM\aim.exe
J:\WINDOWS\DOBE~1\explorer.exe
J:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - J:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - J:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - J:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [ccApp] "J:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] J:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] J:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "J:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] J:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [SpySweeper] "J:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [TizzleTalk] J:\Documents and Settings\Owner\My Documents\download\TizzleTalk\TizzleTalk.exe
O4 - HKLM\..\Run: [HP Software Update] J:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [MSMSGS] "J:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] J:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Yahoo! Pager] J:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - Global Startup: Adobe Reader Speed Launch.lnk = J:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Download with &Shareaza - res://J:\Program Files\Etomi\Plugins\RazaWebHook.dll/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - J:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - J:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.shockwave.com/content/zuma/popcaploader_v5.cab
O20 - AppInit_DLLs: J:\WINDOWS\system32\nslookup.dll
O20 - Winlogon Notify: WgaLogon - J:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - J:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - J:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - J:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - J:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - J:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - J:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: LiveUpdate - Symantec Corporation - J:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - J:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - J:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - J:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - J:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - J:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - J:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - J:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - J:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Also while I was scanning with Norton AntiVirus I found a Purity Scan that was in: J:\WINDOWS\DOBE~1\explorer.exe Norton couldn't fix or delete it, so should I manually dlete this or ???

I've already tried using outer info's uninstaller but it hasn't removed it from my computer.

There is no file in my computer named C:\Program Files\PurityScan

Next thing I'll try is that Dr.Web thing

 

[PC eye]

On the Purity Scan go right after it through Windows Explorer or MyComputer and drag it into the garbage can or right click and delete it. Make sure to empty the recycle bin too. Have you tried running AVG? I hear a lot of complaints on Norton and Symantec alike at times. Surprisingly the Grisoft's free version of their software gets better reviews. The log posted looks clean. But don't let that fool you. HiJack This only shows a small portion of the system registry. Anything remaining can be a lot deeper there. Afterall there are hundreds and hundreds of different values along with the large number of keys. Hopefully that other one will clean this up for you.

 

[Dav]

On the Purity Scan go right after it through Windows Explorer or MyComputer and drag it into the garbage can or right click and delete it. Make sure to empty the recycle bin too. Have you tried running AVG? I hear a lot of complaints on Norton and Symantec alike at times. Surprisingly the Grisoft's free version of their software gets better reviews. The log posted looks clean. But don't let that fool you. HiJack This only shows a small portion of the system registry. Anything remaining can be a lot deeper there. Afterall there are hundreds and hundreds of different values along with the large number of keys. Hopefully that other one will clean this up for you.

FInally got rid of this thing, I went to add/remove programs and came across Tizzle talk by OIN, which I assumed the OIN stood for Outer Info Network and delted it.

 

[PC eye]

It's ironic that I was going to ask you about that when noticing the "O4 - HKLM\..\Run: [TizzleTalk] J:\Documents and Settings\Owner\My Documents\download\TizzleTalk\TizzleTalk.exe" value. Many times these types of downloads have bugs coming in along with them. But at least you got your system back running normal again. When going to a site earlier to see if I could grab some recovery or updates for another system the site that advertised these tried reassigning the home page. That didn't work! Aparently that site is loaded with a browser hijacker. When first visiting any new site for any type of downloads keep your guard up.