• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
Monte_NZ

Help me clean my system please :)

6 posts in this topic

I have the CleverIEHooker.Jeired and DSO Exploit (which I'm told does nothing as long as you have SP1 for XP, which I do) which always appear after doing a Spybot search. Here is my long from HJT:

 

Logfile of HijackThis v1.98.0

Scan saved at 1:14:29 p.m., on 3/07/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\Mixer.exe

C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE

C:\Program Files\QuickTime\qttask.exe

C:\WINDOWS\System32\scrgrd.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\Silkie\Desktop\HijackThis1980.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.strclan.com/

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)

R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)

F0 - system.ini: Shell=

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

O1 - Hosts: 66.98.178.19 06272002-dbase.hitcountz.net

O1 - Hosts: 66.98.178.19 1ca.cqcounter.com

O1 - Hosts: 66.98.178.19 2001-007.com

O1 - Hosts: 66.98.178.19 ad-logics.com

O1 - Hosts: 66.98.178.19 ad.trafficmp.com

O1 - Hosts: 66.98.178.19 adclient.rottentomatoes.com

O1 - Hosts: 66.98.178.19 adcounter.globeandmail.com

O1 - Hosts: 66.98.178.19 adcounter.theglobeandmail.com

O1 - Hosts: 66.98.178.19 adlog.com.com

O1 - Hosts: 66.98.178.19 admanmail.com

O1 - Hosts: 66.98.178.19 ads.specificpop.com

O1 - Hosts: 66.98.178.19 adtech.de

O1 - Hosts: 66.98.178.19 askmen.thruport.com

O1 - Hosts: 66.98.178.19 banner.0catch.com

O1 - Hosts: 66.98.178.19 bilbo.counted.com

O1 - Hosts: 66.98.178.19 c1.statcounter.com

O1 - Hosts: 66.98.178.19 c1.thecounter.com

O1 - Hosts: 66.98.178.19 c2.gostats.com

O1 - Hosts: 66.98.178.19 c2.thecounter.com

O1 - Hosts: 66.98.178.19 c3.thecounter.com

O1 - Hosts: 66.98.178.19 c3.xxxcounter.com

O1 - Hosts: 66.98.178.19 cashcounter.com

O1 - Hosts: 66.98.178.19 cgi.hotstat.nl

O1 - Hosts: 66.98.178.19 clit6.sextracker.com

O1 - Hosts: 66.98.178.19 clit8.sextracker.com

O1 - Hosts: 66.98.178.19 cookies.cmpnet.com

O1 - Hosts: 66.98.178.19 counter.aaddzz.com

O1 - Hosts: 66.98.178.19 counter.bloke.com

O1 - Hosts: 66.98.178.19 counter.hitslink.com

O1 - Hosts: 66.98.178.19 counter.yadro.ru

O1 - Hosts: 66.98.178.19 counter14.sextracker.com

O1 - Hosts: 66.98.178.19 counter16.bravenet.com

O1 - Hosts: 66.98.178.19 counter17.bravenet.com

O1 - Hosts: 66.98.178.19 counter2.hitslink.com

O1 - Hosts: 66.98.178.19 counter26.bravenet.com

O1 - Hosts: 66.98.178.19 counter32.bravenet.com

O1 - Hosts: 66.98.178.19 counter34.breavenet.com

O1 - Hosts: 66.98.178.19 counter41.bravenet.com

O1 - Hosts: 66.98.178.19 counter47.bravenet.com

O1 - Hosts: 66.98.178.19 counter6.sextracker.com

O1 - Hosts: 66.98.178.19 counter8.bravenet.com

O1 - Hosts: 66.98.178.19 data.coremetrics.com

O1 - Hosts: 66.98.178.19 delivery.loopingclick.com

O1 - Hosts: 66.98.178.19 dwclick.com

O1 - Hosts: 66.98.178.19 ebay.doubleclick.net

O1 - Hosts: 66.98.178.19 ehg-amerix.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-bestbuy.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-crain.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-dig.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-eckounlimited.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-espn.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-idg.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-liveperson.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-oreilley.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-space.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-sportsline.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-techtarget.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-tigerdirect.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-uniontrib.hitbox.com

O1 - Hosts: 66.98.178.19 ehg-viacom.hitbox.com

O1 - Hosts: 66.98.178.19 ehg.commjun.hitbox.com

O1 - Hosts: 66.98.178.19 ehg.hitbox.com

O1 - Hosts: 66.98.178.19 fastclick.net

O1 - Hosts: 66.98.178.19 fcstats.bcentral.com

O1 - Hosts: 66.98.178.19 flycast.com

O1 - Hosts: 66.98.178.19 g-wizzads.net

O1 - Hosts: 66.98.178.19 gostats.com

O1 - Hosts: 66.98.178.19 gtcc1.acecounter.com

O1 - Hosts: 66.98.178.19 hc2.humanclick.com

O1 - Hosts: 66.98.178.19 hit2.hotlog.ru

O1 - Hosts: 66.98.178.19 hit37.chark.dk

O1 - Hosts: 66.98.178.19 hitbox.com

O1 - Hosts: 66.98.178.19 hits.webstat.com

O1 - Hosts: 66.98.178.19 images.dailydiscounts.com

O1 - Hosts: 66.98.178.19 imp.clickability.com

O1 - Hosts: 66.98.178.19 impacts.alliancehub.com

O1 - Hosts: 66.98.178.19 insightfirst.com

O1 - Hosts: 66.98.178.19 int.sitestat.com

O1 - Hosts: 66.98.178.19 jkearns.freestats.com

O1 - Hosts: 66.98.178.19 linktrack.bravenet.com

O1 - Hosts: 66.98.178.19 logs.comics.com

O1 - Hosts: 66.98.178.19 m1.nedstatbasic.net

O1 - Hosts: 66.98.178.19 media101.sitebrand.com

O1 - Hosts: 66.98.178.19 mediatrack.revenue.net

O1 - Hosts: 66.98.178.19 mt122.mtree.com

O1 - Hosts: 66.98.178.19 nedstat.s0.nl

O1 - Hosts: 66.98.178.19 nl.sitestat.com

O1 - Hosts: 66.98.178.19 partner.alerts.aol.com

O1 - Hosts: 66.98.178.19 paxito.sitetracker.com

O1 - Hosts: 66.98.178.19 perso.estat.com

O1 - Hosts: 66.98.178.19 pmg.ad-logics.com

O1 - Hosts: 66.98.178.19 postclick.adcentriconline.com

O1 - Hosts: 66.98.178.19 prof.estat.com

O1 - Hosts: 66.98.178.19 s10.sitemeter.com

O1 - Hosts: 66.98.178.19 s11.sitemeter.com

O1 - Hosts: 66.98.178.19 s12.sitemeter.com

O1 - Hosts: 66.98.178.19 s13.sitemeter.com

O1 - Hosts: 66.98.178.19 s14.sitemeter.com

O1 - Hosts: 66.98.178.19 s15.sitemeter.com

O1 - Hosts: 66.98.178.19 s16.sitemeter.com

O1 - Hosts: 66.98.178.19 s2.statcounter.com

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE

O4 - HKLM\..\Run: [EPSON Stylus C41 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P32 "EPSON Stylus C41 Series (Copy 1)" /O5 "LPT1:" /M "Stylus C41"

O4 - HKLM\..\Run: [EPSON Stylus C41 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C41 Series" /O6 "USB001" /M "Stylus C41"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe

O4 - HKLM\..\Run: [sysUpd] C:\WINDOWS\sysupd.exe

O4 - HKLM\..\Run: [Microsoft Restore] scrgrd.exe

O4 - HKLM\..\Run: [Microsoft Update] wuamgrd.exe

O4 - HKLM\..\Run: [FFADDC66] C:\WINDOWS\System32\whqvdckfubj.exe

O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\khbpwaf.exe

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\RunServices: [Microsoft Restore] scrgrd.exe

O4 - HKLM\..\RunServices: [Microsoft Update] wuamgrd.exe

O4 - HKLM\..\RunServices: [1D3AB15F] C:\WINDOWS\System32\whqvdckfubj.exe

O4 - HKLM\..\RunServices: [msvsrv32] msvsrv32.exe

O4 - HKLM\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe

O4 - HKCU\..\Run: [Microsoft Restore] scrgrd.exe

O4 - HKCU\..\Run: [Microsoft Update] wuamgrd.exe

O4 - HKCU\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {0BE35204-8F91-11CE-9DE3-00AA004BB851} (CLSID_StdPict) - http://wwwau.kodak.com/AU/en/consumer/prin...e/OPW_25900.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab28177.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab

O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab

O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} - http://download.rfwnad.com/cab/crack.CAB

O17 - HKLM\System\CCS\Services\Tcpip\..\{4AFCB9B8-C9A6-44D5-B5DA-A88E81E0A5F0}: NameServer = 203.96.152.4 203.96.152.12

O18 - Protocol: msref - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\PROGRA~1\COMMON~1\MICROS~1\REFERE~1\msref.dll

Share this post


Link to post
Share on other sites

Updated Log:

 

Logfile of HijackThis v1.98.0

Scan saved at 7:20:39 p.m., on 3/07/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\Mixer.exe

C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE

C:\Program Files\QuickTime\qttask.exe

C:\WINDOWS\System32\scrgrd.exe

C:\WINDOWS\System32\wuamgrd.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Documents and Settings\Silkie\Desktop\Ex-Desktop Folder\mIRC\mirc.exe

C:\Documents and Settings\Silkie\Desktop\HijackThis1980.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.strclan.com/

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)

R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - C:\Program Files\TV Media\TvmBho.dll

F0 - system.ini: Shell=

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE

O4 - HKLM\..\Run: [EPSON Stylus C41 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P32 "EPSON Stylus C41 Series (Copy 1)" /O5 "LPT1:" /M "Stylus C41"

O4 - HKLM\..\Run: [EPSON Stylus C41 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C41 Series" /O6 "USB001" /M "Stylus C41"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe

O4 - HKLM\..\Run: [sysUpd] C:\WINDOWS\sysupd.exe

O4 - HKLM\..\Run: [Microsoft Restore] scrgrd.exe

O4 - HKLM\..\Run: [Microsoft Update] wuamgrd.exe

O4 - HKLM\..\Run: [FFADDC66] C:\WINDOWS\System32\rbsrxsxkm.exe

O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\khbpwaf.exe

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\RunServices: [Microsoft Restore] scrgrd.exe

O4 - HKLM\..\RunServices: [Microsoft Update] wuamgrd.exe

O4 - HKLM\..\RunServices: [1D3AB15F] C:\WINDOWS\System32\rbsrxsxkm.exe

O4 - HKLM\..\RunServices: [msvsrv32] msvsrv32.exe

O4 - HKLM\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe

O4 - HKCU\..\Run: [Microsoft Restore] scrgrd.exe

O4 - HKCU\..\Run: [Microsoft Update] wuamgrd.exe

O4 - HKCU\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {0BE35204-8F91-11CE-9DE3-00AA004BB851} (CLSID_StdPict) - http://wwwau.kodak.com/AU/en/consumer/prin...e/OPW_25900.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab28177.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab

O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab

O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} - http://download.rfwnad.com/cab/crack.CAB

O17 - HKLM\System\CCS\Services\Tcpip\..\{4AFCB9B8-C9A6-44D5-B5DA-A88E81E0A5F0}: NameServer = 203.96.152.4 203.96.152.12

O18 - Protocol: msref - {74D92DF3-6D9D-11D1-8B38-006097DBED7A} - C:\PROGRA~1\COMMON~1\MICROS~1\REFERE~1\msref.dll

Share this post


Link to post
Share on other sites

Okay... looks like a couple nasties have inserted themselves as services... no biggie. First thing is to stop the services from running. To do this (you might have to login as Administrator), open the control panel, open the Administrative Tools control panel, and double-click Services. In that list, locate, right-click and click Stop for the following:

msvsrv32

1D3AB15F

 

Once those two are stopped, wait a few seconds to see if they start themselves again. If they do... do the same thing and this time, go into properties and set them as Disabled.

 

Next, open HiJackThis, click Scan and then click the little checkboxes next to the following items:

 

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)

R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - C:\Program Files\TV Media\TvmBho.dll

F0 - system.ini: Shell=

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe

O4 - HKLM\..\Run: [FFADDC66] C:\WINDOWS\System32\rbsrxsxkm.exe

O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\khbpwaf.exe (submissions@atribune.org)

O4 - HKLM\..\RunServices: [1D3AB15F] C:\WINDOWS\System32\rbsrxsxkm.exe

O4 - HKLM\..\RunServices: [msvsrv32] msvsrv32.exe

O4 - HKLM\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [TV Media] C:\Program Files\TV Media\Tvm.exe

O4 - HKCU\..\RunOnce: [TV Media] C:\Program Files\TV Media\Tvm.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O16 - DPF: {F5192746-22D6-41BD-9D2D-1E75D14FBD3C} - http://download.rfwnad.com/cab/crack.CAB

 

When you're done ticking boxes, click Fix Checked and let it remove the checked items. When that's done removing those entries, reboot.

When you're done rebooting, locate and delete the following folders/files( make sure you have Windows set to show all files by:

On the Tools menu in Windows Explorer, click Folder Options.

Click the View tab.

Under Hidden files and folders, click Show hidden files and folders.

Note: To access Windows Explorer, click Start, point to All Programs, and then click Windows Explorer.)

 

Using Find Files, locate and delete the following items:

C:\Program Files\TV Media\ (delete the whole folder)

rbsrxsxkm.exe

khbpwaf.exe

msvsrv32.exe

 

Once you have those deleted again, reboot and see if that fixed anything/everything.

 

You might also want to consider getting some sort of AntiVirus program and running it at least once a week. A free online one can be found at http://housecall.trendmicro.com or if you prefer to download one and run it locally, you can try AVG which can be found and downloaded from http://www.grisoft.com/ .

 

If anything comes up or you don't understand something, feel free to come back and ask in the chatroom or here on the forums.

 

Oh, you'll also want to download and install http://www.microsoft.com/downloads/details...&displaylang=en to patch up at least one hole in XP.

Edited by Aaron B.

Share this post


Link to post
Share on other sites

Thanks alot everyone who's helped me.. :) You guys rock! :D My internet is alot smoother and consistent now. I got AVG btw.

Share this post


Link to post
Share on other sites

It would be a good idea to post a fresh log to make sure you are clean....

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0