C:\DOCUME~1\Chris\LOCALS~1\
Temp\Rar$EX00.328\HijackThis.exe
Put
HijackThis in e.g.
C:\Program Files\HJT and
NOT in Temp or on the Desktop!.
First
Read: Only use these HJT-instructions when asked!
/R/ unRegister the xxx.DLL in that line
The text between the dotted lines underneath goes between the dotted lines of that post.
Make sure to follow
ALL instructions
in SEQUENCE, and in HiJackThis tick/fix
ALL lines!
...................................................................................................
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=presario&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=presario&pf=laptop
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - Global Startup: BTTray.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=presario&pf=laptop
O16 - DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} (WebIQ Technology Client) -
http://webiq001.webiqonline.com/WebIQ/bin/WebIQ.cab
/R/ O20 - Winlogon Notify: ShellScrap - C:\WINDOWS\system32\
h2j4lc1q1f.dll
O23 - Service: Apache2 - Unknown owner - C:\Program Files\Apache Group\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
...................................................................................................