What's wrong and how can I fix this?
Take a look at this article HERE.
It should help you to stop the system32 folder opening on bootup.
Okay, so I have found the registry entry that opens it but what should I do? Is kernel32.dll important? This is the entry that opens the system32 folder but I don't know if I should edit the entry or delete it.
I recently downloaded the zlob trojan disguised as a WMP codec (stupid, I know) and when I open IE (to compare HTML code to firefox) it comes up with sysnetsecurity.com even when I have the homepage as blank. How do I remove this?
edit: many claim to have used Sysinternals Autoruns program to remove this, but I want to know what I would do without the program. The people who have used the program say that <registry entry> pops up on some screen and there is a checkbox next to it - they uncheck it and it is fixed. I will use the Autoruns tool now, and thanks for all of your help.
I have a hjt log attached. The "hp" entries appear to be bad I think...
You have the Smitfraud infection.
Go HERE and follow the instructions carefully.
Post a fresh HJT log after doing the above.
I ran the program, and a here is my log when I am in safe mode with networking.
I opened IE and MSN home came up. I will reboot normally now and see if things are the same.
I have booted normally and here is my new log. The system32 window did not open and IE appears to be fine. Thank you for all of your help! =]
Well done, your HJT log is now clean.