eZula removal please!

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

Click the Reply button to reply to my message. Then at the bottom of the message box window, click Go Advanced. Then scroll down to find the Manage Attachments button and click it. Then Browse to your file and double click. Then click Upload and then close the Manage Attachments window. Now submit your message.

 

Please do not attach logs as Word documents. Attach them exactly as HijackThis saves them and that is as a .log file. This is a pure text file. Word files are larger and more time consuming for us to deal with.

Also note that you installed HijackThis where I requested that you not install it:
C:\Documents and Settings\WAYNE\Desktop\Spytools\HijackThis.exe

 

Unless you purchase SpyHunter, you should go to Add/Remove programs and unintall it. It was on a rogue/suspect spyware removal tool list for quite some time. They now have reclassified it to not be a rogue. But it is still not a very good program.
See info on it here: http://www.spywarewarrior.com/rogue_anti-spyware.htm#sh_note

Also look in Add/Remove programs for an uninstall to MySearch or MySearch Bar and uninstall if found.

If you are using WinXP or WinMe, make sure you have system restore disabled (per the tutorial).
For all OS types, make sure viewing of hidden files is enabled (per the tutorial).

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
O3 - Toolbar: (no name) - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/1762dc368faecfc05301/netzip/RdxIE601.cab


After clicking Fix, exit HJT.

Boot into safe mode and use Windows Explorer to delete:
C:\Program Files\MySearch <--- the whole folder

If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. If it is, uncheck it and try again. Other wise open Task Manager and kill the process if running then delete the file.


Now run Ccleaner (installed while running the READ ME FIRST). Now if running Win XP goto c:\windows\Prefetch and delete all files in this folder.

Now reboot in normal mode and post a new HJT log. And tell us how things are working.

 

You can still just copy the hijackthis.log file as is to the other computer and then upload it. You do not have to change it to a Word document.

See if you can post the follow up log. Do you get any error messages? What do they say (exactly word for word)?

 

OK! That last log was clean. But I need logs from normal boot mode not safe mode. Are you still having problems?

 

You do not have any malware related problems. You would be better off posting your question related to the DirectX 3D drivers in the Software Forum.

 

You're welcome. And good luck with your other problems!