Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Motohelperservice.exe removed now No Internet


  • Please log in to reply

#76
SleepyDude

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,386 posts

Hi Jlurie,

 

Thank You for your kind words. Always appreciated. :thumbsup:

 

Hi SleepyDude, Thank you for all of your help :geek: . I was able to use the link for the uninstall of Malwarebytes and the reinstall, and everything is working Great! :yes: . It looked to me like two things went wrong with the conputer after that email was opened. I could not get to the internet and I could not install any programs to try to fix this problem. Is there a known name for the infection that my computer had? Have you seen this before? My Wife and I thank you for your hard work and effort in this matter. We could not have fixed this computer without your help. It is very nice to know that there are people like yourself who are willing to donate their time to help out people like myself. I have learned a lot from you regarding how my computer works!   Keep up the GREAT work and thank you VERY much!. My computer is now fixed :D .

 

Sometime is difficult to identify the exact infection. Eset confirmed several Adware and PUP (Potentially Uwanted Application) and one of them uses some protection techniques that make it hard to remove.

 

Before you go there are some housekeeping steps I would like you to do and also some final recommendations to keep your computer safe...

 

Step 1 - Remove the Tools we use

Please open Start > Control Panel > then Add or Remove Programs, locate these programs on the list and uninstall them:

  • Tweaking.com - Windows Repair (All in One)
  • MCShield ::Anti-Malware Tool (Optional not needed now that you have an AV installed)

» Remove disinfection tools
delfix_icon.gifDownload DelFix and save it to your Desktop, execute the tool. (If running on Windows Vista or above accept all the security prompts).

DelFix-WinXP.png

  • place a checkmark next to:
    • Remove disinfection tools
    • Create registry backup
    • Purge system restore
    • Reset System Settings
  • Click the Run button

When the tool is finished, a log will open in notepad. Please copy and paste the log in your next reply.

» Others

  • Delete any .exe, .log, .txt, file created on the Desktop during the cleaning process.

 

Step 2 - How to prevent new infections

To protect your computer from being infected again its very important to keep Windows Updated and all the programs related with the internet, Web Browser, Flash Player, Adobe Reader and Java only to mention the most targeted by today security exploits. Follow the instructions below to keep these critical programs updated:

  • Windows and Internet Explorer
    To keep Windows and Internet Explorer updated make sure you have Windows Update enabled on the Control Panel applet, follow the instructions for Windows XP on this MS article How to configure and use Automatic Updates in Windows or use the FixIt tool provided. Another option is to visit every month the Microsoft Windows Update site.
    .
  • Antivirus and Antimalware programs
    Make sure you have a Antivirus program always updated and running.
    Sometimes Antivirus can miss some malware, when that happens its good to have Malwarebytes free installed, Update and run weekly to keep your system clean. Malwarebytes is also good to revert some system changes made by the malware.
    .
  • Enable the Firewall
    No system can be considered safe if not protected by a Firewall. If you are connected to the Internet by a Router you should check its configuration and make sure the firewall is active.
    If you connect by modem or to a open Local Network you should enable the Windows XP built-in firewall. Because the firewall included on Windows XP isn't very powerful its recommended to install a 3rd party firewall, choose one from this list:

Note: If you have a Netbook type computer running Windows XP, the machine most likely don't have resources needed to run a 3rd party firewall skip that and enable the built-in firewall.

  • Adobe Flash Player
    To update Adobe Flash Player accept any prompt to update or manually initiate the update by opening Start Menu > Settings > Control Panel open the applet called Flash Player, on the Advanced tab click the Check Now button. Accept any prompt to install an updated version.
  • Adobe Reader
    Adobe Reader, can be updated if you Open Adobe Reader from the Start Menu, when the program full load click on the Help menu next click the Check for updates now option. Follow the prompts to install any new update.
    .
  • Java Runtime
    When java is installed its extremely important to update immediately when you get a notification pop-up from the Java Updater. Or update manually by opening the Start Menu > Settings > Control Panel, open the applet called Java on the Update tab click the Update Now button. The program will prompt you to install any new updated version available.
    Every time you update Java make sure you uncheck the box asking to Install the Ask Toolbar and make Ask my default search provider

    For safety you can have Java installed but disabled in your browsers and only enable it when you need it. You can Enable/Disable Java by executing the following steps:
    Click  Start > Control Panel > Java/Java (32-bit), click the Security tab and uncheck the box Enable Java content in the browser and click OK
    javapanel.jpeg
    .
  • Keep Installed Programs Up to Date
    It's important to keep all other programs on your computer updated because they can also have security vulnerability explored by the malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications to fix vulnerabilities, this can be done manually by using the Update feature included in most programs or you can use one of the following programs to help you with this task:
    < >Secunia Personal Software Inspector (PSI)FileHippo.com Update CheckerSurf the Net with extra Security
    Every web browser is a target for malware, the bad guys are always trying to explorer security holes to infect the computers, and this is especially true for Internet Explorer because is one of the most used. Using alternatives like Mozilla Firefox or Google Chrome can help protecting your computer from infections.
    You can add a extra layer of protection to your web browser by installing two add-ons AdBlockPlus and Web Of Trust (WOT).

:alarm: Security Alert :alarm:

Eventually you may not know but there is a new threat that's currently doing the rounds called Cryptolocker. This is a particularly nasty piece of work as it scans your files for certain file types (*.doc, *.pdf, *.xls, *.jpg, *.odt, and many more) and encrypts them, rendering the files worthless unless you have a decryption key that is generated by the malware specifically for your computer and sent to the Cryptolocker creators. This kind of malware is called RansomWare because they hold the key and ask for a ransom (about $300 USD) to unlock your files, also there is no warranty that you will actually recover your files!

There is no way to guarantee that you are 100% secure against the Cryptolocker threat because the malware is constantly evolving. Presently there is a tiny utility that you can install to minimize the risk called CryptoPrevent, it will set some windows policy restrictions to block the execution of the malware.

cryptoprevent41.png
The tool can be downloaded here. More information about Cryptolocker can be found on the following topic @bleepingcomputer.com.

::: Some final recommendations :::

And last but not least, if you are not aware Microsoft ended the Support for Windows XP on April 8th, 2014! you can find more information, alternatives, etc. one the following link Windows XP - The Elephant In The Room.

In terms of security this is something that should be addressed in a short term. I don't know the specs of your machine to advise you properly but if you follow the guides available on the link above it should be easy to take your own conclusions. If not you could ask for help on the Windows XP section of the forum.
 

Best Regards and have a Safe surfing! :wave:

 

 


  • 0

Advertisements


#77
jlurie

jlurie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts

Hi SleepyDude, below is the DelFix log: Once again THANK YOU for your help. Everything is working so I guess that this will be my last post. Thank you for the additional information that you posted for me.

 

# DelFix v10.7 - Logfile created 27/04/2014 at 16:07:30
# Updated 27/04/2014 by Xplode
# Username : ATS - PWICP005
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\_OTL
Deleted : C:\Combofix
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Documents and Settings\ATS\Desktop\RK_Quarantine
Deleted : C:\ComboFix.txt
Deleted : C:\Documents and Settings\ATS\Desktop\Fixlog.txt
Deleted : C:\Documents and Settings\ATS\Desktop\FRST.exe
Deleted : C:\Documents and Settings\ATS\Desktop\FSS.exe
Deleted : C:\Documents and Settings\ATS\Desktop\JRT.exe
Deleted : C:\Documents and Settings\ATS\Desktop\MiniToolBox.exe
Deleted : C:\Documents and Settings\ATS\Desktop\OTL.exe
Deleted : C:\Documents and Settings\ATS\Desktop\Result.txt
Deleted : C:\Documents and Settings\ATS\Desktop\RogueKiller.exe
Deleted : C:\Documents and Settings\ATS\Desktop\SecurityCheck.exe
Deleted : C:\Documents and Settings\ATS\My Documents\Downloads\esetsmartinstaller_enu.exe
Deleted : C:\Documents and Settings\ATS\My Documents\Downloads\SecurityCheck(1).exe
Deleted : C:\Documents and Settings\ATS\My Documents\Downloads\SecurityCheck.exe
Deleted : C:\WINDOWS\grep.exe
Deleted : C:\WINDOWS\PEV.exe
Deleted : C:\WINDOWS\NIRCMD.exe
Deleted : C:\WINDOWS\MBR.exe
Deleted : C:\WINDOWS\SED.exe
Deleted : C:\WINDOWS\SWREG.exe
Deleted : C:\WINDOWS\SWSC.exe
Deleted : C:\WINDOWS\SWXCACLS.exe
Deleted : C:\WINDOWS\Zip.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

########## - EOF - ##########
 


Edited by jlurie, 27 April 2014 - 05:12 PM.

  • 0

#78
SleepyDude

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,386 posts

Hi SleepyDude, below is the DelFix log: Once again THANK YOU for your help. Everything is working so I guess that this will be my last post. Thank you for the additional information that you posted for me.

 

You are welcome. :thumbsup:

 

Regards.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP