Helper.sig - already ran "Run Me First"

Discussion in 'Malware Help (A Specialist Will Reply)' started by jjprice, Aug 29, 2008.

  1. jjprice

    jjprice Private E-2

    Good Evening Everyone!

    I have been having the helper.dll and helper.sig in the common folder problem for about a week and a half now. I ran everything under the READ & RUN ME FIRST and the Windows XP Cleaning Procedure. I managed to get rid of the helper.dll file, however the helper.sig still shows upon rebooting. Here are my logs from all of the scans. Any help will be greatly appreciated!!!

    Thanks!
    :confused
     

    Attached Files:

    jjprice, Aug 29, 2008
    #1
  2. jjprice

    jjprice Private E-2

    Here is the other log that you have requested....Thanks again!
     

    Attached Files:

    jjprice, Aug 29, 2008
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Well....I'm not really seeing any thing in particular, although there are a few things to do.

    You need to disable the guest account in user accounts.

    Also....Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

    Run C:\MGtools\analyse.exe by double clicking on it. (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
    After clicking Fix, exit HJT.

    Now tell me what the exact message is on start up ....( You may wish to use a Startup Manager).
     
    TimW, Aug 29, 2008
    #3
  4. jjprice

    jjprice Private E-2

    Thanks!

    I did what you said, and rebooted, the message that came up was that my security software was turned off, and the common file opened with the helper.sig file in it. I then used the startup manager, and disabled the following....

    C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\QTTask.exe

    and the Folder Windows Search.lnk

    I rebooted again, and the common folder was gone....
     
    jjprice, Aug 29, 2008
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Re-enable this:
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe

    Any other problems?
     
    TimW, Aug 29, 2008
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds