Ried

Make sure you have this set properly:

Go to My Computer->Tools/View->Folder Options->View tab and make sure that 'Show hidden files and folders' (or 'Show all files') is enabled. Also make sure that 'Display the contents of system folders' is checked. If you have Windows XP, the search feature is a little different. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that 'Search system folders', 'Search hidden files and folders', and 'Search subfolders' are checked.

Please download HSFix www.atribune.org/downloads/HSFix.zip Do NOT run it yet.

Download CWShredder at http://www.greyknight17.com/spy/CWShredder.sfx.exe .

*Open CWShredder and click [I AGREE]
*Click [Check For Update]
*Close CWShredder after updating

Reboot into Safe Mode (tapping F8 or F5)

Go to Start->Run and type in services.msc and hit OK. Then look for Remote Procedure Call (RPC) Helper ( 11Fßä#·ºÄÖ`I) and double click on it. Click on the Stop button and under Startup type, choose Disabled.

DO NOT DISABLE
Remote Procedure Call (RPC) OR
Remote Procedure Call (RPC) Locator

Open HijackThis>Config>Misc Tools>Delete an NT Service

Copy/paste (11Fßä#·ºÄÖ`I) in the box and click OK

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O23 - Service: Remote Procedure Call (RPC) Helper ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\atlrm.exe" C:\WINDOWS\atlpv.exe (file missing)

Using Windows Explorer, delete the following files:

C:\WINDOWS\atlpv.exe
C:\WINDOWS\atlrm.exe

Run CWShredder & click on [Fix].

Run About Buster and click [Begin Removal].

Double-click on HSfix.reg & answer YES when prompted to merge into the registry.

Reboot into Normal Mode. run another scan with HijackThis and post the log here along with the AboutBuster log.