Stubborn ads234, wildmedia, eZula, Peper Trojan...

Please run these:
http://www.memorywatcher.com/uninst.exe
http://www.windowsecurity.com/trojanscan/

Then check out the attachment and let me know if it helps!


If still having a problem after the above, make sure you have HijackThis version 1.98.2 and post a log as a text attachment.
A tutorial and guidelines for HijackThis log postings is here: http://forums.majorgeeks.com/showthread.php?t=38752

 

Can you tell me what these are?

C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
C:\Program Files\Le Robert\Le Robert & Collins\rcwinHyper.exe

 

Run HijackThis and put checks on the following 10 lines BUT DO NOT CLICK FIX until you have exited ALL browser sessions first (or it may not work):
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [7NbqJa] C:\documents and settings\mason\local settings\temp\7NbqJa.exe
O4 - HKLM\..\Run: [gfI] C:\documents and settings\mason\local settings\temp\gfI.exe
O4 - HKLM\..\Run: [276U3pP] cdfjmon.exe
O4 - HKLM\..\Run: [7NbqJa.exe] C:\documents and settings\mason\local settings\temp\7NbqJa.exe
O4 - HKLM\..\Run: [gfI.exe] C:\documents and settings\mason\local settings\temp\gfI.exe
O4 - HKCU\..\Run: [Jwp8Rfj9R] cerxress.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)



Now reboot in safe mode: http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406
Enable viewing of hidden files and folders: http://forums.majorgeeks.com/showthread.php?t=37650
Delete the following:
C:\documents and settings\mason\local settings\temp\7NbqJa.exe
C:\documents and settings\mason\local settings\temp\gfI.exe

Not sure where cdfjmon.exe and cerxress.exe are located so I will list several directories to look in for each of these files. Let me know where you find them. My best guess is c:\windows.
c:\
c:\windows
c:\windows\system
c:\windows\system32
C:\documents and settings\mason\local settings\temp\

When you find, them delete them. Be sure to look in each directory to make sure they do not appear in multiple places.

After deleting the 4 files, empty your Recycle Bin and go to c:\windows\Prefetch and delete any occurrences of those files that you see there.

Boot normal and tell me how things are working.

 

No leave those two alone. They are system files do not delete anything that is not an exact match.

When you ran HijackThis to do the fix, did all lines I gave to fix still exist?

If you have rebooted your PC since giving me a HijackThis log we may have to start again. You can check for yourself by running a new HijackThis scan. See if the filenames that I gave you from your last log still appear. If not and you see new random character filenames, we need to analayze the new HijackThis log. This time do not shut your PC down or reboot for any reason in between posting your log and me giving you a procedure. Sometimes these programs can change their names on the fly especially if they detect you trying to delete them.

Also double check these settings are made:
Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab.
Under the Hidden files and folders heading select Show hidden files and folders.
Uncheck the Hide extensions for known file types option.
Uncheck the Hide protected operating system files (recommended) option.
Click Apply.
Click OK.

 

Looks to me like your problem is gone. All those lines are no longer in your log. I do see some additional stuff from McAfee I did not see last time. Did you add some feature?

Are your problems all gone? If not, what problems do you still have?

 

Your welcome!

Here is a list of things I always send (you may have some of these or a similar program like a virus scanner, so just ignore):

How to protect yourself and things to have

Anti Virus
http://majorgeeks.com/download1968.html Avast
http://majorgeeks.com/download886.html AVG
The top two hands down. Beat the heck out of Norton or McAfee (big resource hogs)
Only run ONE AV!!!!!

Firewall
Don't care if your on dial up or High Speed....you must have a firewall
http://www.majorgeeks.com/download388.html ZoneAlarm Free
http://majorgeeks.com/download3356.html SygatePersonal Firewall Free
http://majorgeeks.com/download738.html Kerio Personal Firewall (not free)


Temp File/Cookies/index.dat cleaner
http://majorgeeks.com/download4191.html Ccleaner


SpyWare Prevention Notice I did not say scanner...yet
http://majorgeeks.com/download2859.html SpyWare Blaster
http://majorgeeks.com/download3045.html SpyWare Guard

SpyWare Scanners/Removers
http://majorgeeks.com/download2471.html SpyBot ( I don't activate the TeaTimer)
http://majorgeeks.com/download506.html AdAware SE Personal


Make sure you use SpyBot's Immunize feature.