File Helper Blitware malware removal

Hello and thanks in advance for your time and help.

I recently noticed a program called file helper which I recognized as bogus. A blurry red shield with an x would appear at the bottom right of my desktop on the taskbar. It said i had files it needed to fix. I've been tricked by these types of programs before.

I searched the internet and found complaints about the program and directions on how to remove it.

Eventually i was able to remove it from program files and it does not pop up any more.

However, there was one instance where I mistakenly allowed it to run. Now there is a slight but not terrible slowdown when I use the internet.

Also, I use the program CCleaner to remove all cookies. Once I know the cookies are cleaned out, I then use Safari and only go to one page like msn.com then close the browser.

I then reopen CCleaner and go to the section where it allows you to see the cookies on your computer and decide which ones to keep and to delete. Even though I've only been to one site there are about 50 cookies that CCleaner sees. I'm assuming there's some type of hidden malware causing this to happen.

I use Norton antivirus, Superantispyware and malwarebytes to look for unwanted malware/files/programs etc. All of them say nothing bad is detected.

Any advice on what action I should take?

Thank You

 

okay so i just saw the read me first post I will post again if i still need help.

 

Okay so the symptoms i was seeing have improved.

However the computer freezes up sometimes.

Also some of my memory capacity seems to have dissappeared and I haven't added anything substantial.

I may just be overreacting.

This is not urgent but if anyone has the time to look over these logs and explain if I have any problems or need to do anything I would appreciate it.

Unfortunately i saved MGtools to my desktop and cannot find the logs to it.

Also i did not attach the malware bytes logs as I am not sure exactly which one it was as i was doing a lot of scans around a similar time period. I know that no malicious items were detected in the scan and that it was up to date.

 

Okay here is the MGtools log. Thanks for your time and help.

 

okay, I posted two logs because I had run the first scan without first restoring to normal startup mode.

the second scan was done with normal startup mode activated. hope i didnt screw anything up.

mgtools log file is attached

thank you!


All processes killed
========== FILES ==========
C:\Users\worrywart\AppData\Roaming\Babylon folder moved successfully.
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\x86 folder moved successfully.
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86 folder moved successfully.
C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 folder moved successfully.
C:\ProgramData\Babylon folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cca2e567-1987-4100-a3c6-5b4267084510}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{DC24CEDE-9E1C-4809-B8FF-1A478F31EDAD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DC24CEDE-9E1C-4809-B8FF-1A478F31EDAD}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B362DA46-5674-48ED-BBEE-6DB813242E9D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B362DA46-5674-48ED-BBEE-6DB813242E9D}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cca2e567-1987-4100-a3c6-5b4267084510}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DC24CEDE-9E1C-4809-B8FF-1A478F31EDAD}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DC24CEDE-9E1C-4809-B8FF-1A478F31EDAD}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: worrywart
->Temp folder emptied: 10027604 bytes
->Temporary Internet Files folder emptied: 9847205 bytes
->Java cache emptied: 1639898 bytes
->Apple Safari cache emptied: 122795008 bytes
->Flash cache emptied: 1543 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3894 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 41513783 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 177.00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 09282012_192921

Files moved on Reboot...
File C:\Windows\temp\JETD2E7.tmp not found!

Registry entries deleted on Reboot...


All processes killed
========== FILES ==========
File/Folder C:\Users\worrywart\AppData\Roaming\Babylon not found.
File/Folder C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 not found.
File/Folder C:\ProgramData\Babylon not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cca2e567-1987-4100-a3c6-5b4267084510}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{DC24CEDE-9E1C-4809-B8FF-1A478F31EDAD}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DC24CEDE-9E1C-4809-B8FF-1A478F31EDAD}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B362DA46-5674-48ED-BBEE-6DB813242E9D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B362DA46-5674-48ED-BBEE-6DB813242E9D}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cca2e567-1987-4100-a3c6-5b4267084510}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DC24CEDE-9E1C-4809-B8FF-1A478F31EDAD}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DC24CEDE-9E1C-4809-B8FF-1A478F31EDAD}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: worrywart
->Temp folder emptied: 33250 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Apple Safari cache emptied: 2933760 bytes
->Flash cache emptied: 492 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3.00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 09282012_194525

Files moved on Reboot...
File C:\Windows\temp\JET1B0E.tmp not found!

Registry entries deleted on Reboot...

 

also I looked under task manager and the memory about doubled :-D I will let you know if anything else comes up