My Internet explorer has been hijacked.
When IE opens for a brief second "res://C:\WINDOWS\system32\shdoclc.dll/navcancl.htm" flashes up in the address bar and then it takes me to "http://www.warningmessage.com/". I was also getting items popping up in the taskbar saying I had spyware installed but I think I have sorted that.
At first I ran AVG and ad-aware but they didn't find anything. I then noticed that two items were running in my task manager "nvctrl.exe" and "mssearchnet.exe", I checked them out and they appear to be Trojans so I rebooted to safemode and deleted said items. (I think these are now gone)
IE was still hijacked so I followed a few threads from here and downloaded spybot and hijackthis. Back in safemode I scanned again with AVG emptied my cookies, history and deleted my tempory internet files. Then with highjackthis I selected "R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/" and let it fix it. I then ran Ad-aware (still didn't find anything) and spybot which found about 60 reg values and I let it fix all of them.
But still my IE is hijacked, I have included a highjackthis log, hopefully you can help me.
Thank you.
When IE opens for a brief second "res://C:\WINDOWS\system32\shdoclc.dll/navcancl.htm" flashes up in the address bar and then it takes me to "http://www.warningmessage.com/". I was also getting items popping up in the taskbar saying I had spyware installed but I think I have sorted that.
At first I ran AVG and ad-aware but they didn't find anything. I then noticed that two items were running in my task manager "nvctrl.exe" and "mssearchnet.exe", I checked them out and they appear to be Trojans so I rebooted to safemode and deleted said items. (I think these are now gone)
IE was still hijacked so I followed a few threads from here and downloaded spybot and hijackthis. Back in safemode I scanned again with AVG emptied my cookies, history and deleted my tempory internet files. Then with highjackthis I selected "R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/" and let it fix it. I then ran Ad-aware (still didn't find anything) and spybot which found about 60 reg values and I let it fix all of them.
But still my IE is hijacked, I have included a highjackthis log, hopefully you can help me.
Thank you.