I'm an IT professional at a small company. I managed to get spybot, malware bytes and hijack this to run after renaming them. After removing some spyware I am still left with a few issues. All google search results are hijacked to exoclick.com. And I still can't run any anti-spyware programs under their real names.
It all started when a user click on an email link. Symantec AV stopped actualspy.exe from running. It later found both w32.tidserv.G and Backdoor.Tidserv and removed them. Those 3 don't seem to be present.
I've attached the hijack this, spybot and malware bytes logs in a zip file.

I didn't notice anything obvious in the hijack logs.

Please Help :thanks:

Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
"BEFORE you POST" (READ this Procedure before Requesting Assistance) http://forums.spybot.info/showthread.php?t=288
All advice given is taken at your own risk.
Please make sure you have read this information so we are on the same page.

You must have read and followed the "Before you Post" instructions.

Please review this information:
http://forums.spybot.info/showpost.php?p=25712&postcount=5

Thanks

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.

Everyone else please begin a New Topic.