Infamous helper.dll issue..

Welcome to Major Geeks!

You need to attach the Malwarebytes log. You attached a HijackThis log which we did not ask for instead of the Malwarebytes log.

Your logs look pretty clean. Please uninstall SUPERAntiSpyware and then download and install the current version from the below link. Be sure to update again during the installation. It may ask you to reboot. If it does, then reboot immediately. Then run a new scan and attach the new log.

Also uninstall Viewpoint Media Player as requested in step 1.

Now just in case the problem folder is still present, do the below.


Now download The Avenger by Swandog46, and save it to your Desktop.

• Extract avenger.exe from the Zip file and save it to your desktop
• Run avenger.exe by double-clicking on it.
• Do not change any check box options!!
• Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

• Now click the Execute button.
• Click Yes to the prompt to confirm you want to execute.
• Click Yes to the Reboot now? question that will appear when Avenger finishes running.
• Your PC should reboot, if not, reboot it yourself.
• A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• C:\avenger.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Run this procedure: Resetting Registry and File Permissions Make sure you reboot as instructed.

Afer reboot, run SUPERAntiSpyware and first check for updates. Then run a new scan and attach the new log. Do the exact same with Malwarebytes.

Then reboot and run another scan with SUPERAniSpyware and Malwarebytes to see if they come back clean or still has detections. Let me know.

 

Please run it again and tell me which registry locations it says this about.

Are you logged with an account that has adminstrator priviledges. After getting the info to tell me which locations could not be modified, please reboot your PC into Safe Mode and logon to the real user account that is named Administrator. The run the same procedure to reset permissions again and see if you still get error messages. If not, then run SUPERAntiSpyware and Malwarebytes in safe boot mode while logged in as Adminstrator.

Then reboot and log into your regular user account and see if a new scan is clean or finds the problems again.

 

A new version of SUPERAntiSpyware is out. Let's see if this helps. Make sure you follow the below instructions exactly.

• Please uninstall your current version (this is necessary).
• Then download this SUPERAntiSpyware
• Install this new version. It may tell you that you need to reboot to complete the installation. You must reboot at this time.
• After the reboot, run SUPERAntiSpyware and immediately click the Check for Updates button to get more updates for the database.
• Now run a new full scan of your system. And attach this first log later.
• Since this infection has been reappearing after a reboot, you will have to reboot again and then run an additional scan to make sure it comes back clean. Attach this second log too.

 

You're welcome.

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /u
     • Notes: The space between the combofix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
   • Delete the C:\combofix folder from combofix (if it exists)
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
6. Go to add/remove programs and uninstall HijackThis.
7. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
8. If you are running Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
9. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!