Help please. 180search removal.

Please follow the steps below exactly as written:

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

No signs of them in your log.

Although I don't personally like crud like:

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe

What program is reporting the stuff? Is it reported by Norton? Post a log of exactly what and where it is reporting the stuff. Have you run Norton in Safe Mode?

 

It could be just left over registry keys that it is find. See if you can write them down and post the info.

You can also give the below a run (perhaps it may help).


- run CCleaner again before doing the below

Download this trial version of Ewido Security Suite

• Install ewido security suite
• Launch ewido, there should be an icon on your desktop double-click it.
• The program will have a window come up. One of the buttons on the left is to Update. Click the Update button.and then Start the Update. The update will start and a progress bar will show the updates being installed.
• After it completes the update, click the Scanner button

Now exit Ewido. Now print the below instructions or save them locally because I want you do have no browsers opened and also have no connection to the internet (unplug your cable) while doing the below.

Okay, reboot into safe mode and follow the steps below. (If you have any problems at all trying to get into safe mode to complete these steps, just run them in normal boot mode and make sure you tell me when you come back.)

Open up Ewido and do the following:

• Click on Scanner
• Then click Settings
• Under What to Scan? Select Scan every file
• Then click OK
• Click on Complete System Scan and the scan will start.
• Let the program scan the machine

While the scan is in progress you will be prompted to clean files that are infected. Leave the defaults selections (to Remove and backup) and click OK. To save yourself some time, you can select Perform action with all infections and then click OK. With the option to scan every file, a lot of cookies will be removed.

Once the scan has completed, there will be a button located on the bottom of the screen named Save report

• Click Save report
• Save the report to your desktop or anyplace you will be able to find it to upload here.

Reboot into normal mode and reconnect to the internet.

Come back here and post the Ewido Scan Report .

 

But what was it that Ewido was find so much of. Was it really a virus/trojan problem or was it just loads of cookies and MRU type things? You can save and view the logs even when you cancel the scan. You could also try setting Ewido up to scan with less detail. Instead of scanning all files, select Choose files by extension and just leave whatever they have by default. Also uncheck the Scan for tracking-cookies selection. Then also back on the scanning screen just use the Fast System Scan option.


If you truly have that many infected virus/trojan type files on your system, you could be better off with an FDISK, format and reinstall. Depends on what the infections were and if they are truly cleanable. I need more info on what was being found.

 

You need to disable Norton's feature that is protecting the Recycle bin. I believe it is named as indicated, Nprotect. They must have info in your program that tells you how to do this. There must be some kind of control panel that allows you to empty the Recycle bin. I find this feature to be more of an annoyance then a help. Especially in the malware world.


See: http://service1.symantec.com/SUPPORT/nsw.nsf/0f75ab1a9982283d88256c250066dc94/831aa5c6ef0d750685256c370048ad89?OpenDocument&src=bar_sch_nam

 

You're welcome!