C:\Documents and Settings\Owner\
Desktop\hijackthis\HijackThis.exe
Put
HijackThis in e.g.
C:\Program Files\HJT and
NOT in Temp or on the Desktop!.
First
Read: Only use these HJT-instructions when asked!
/P/ Process needs to be stopped
Transfer the text from between these dotted lines underneath to between the dotted lines of that post.
Make sure to follow
ALL instructions
in SEQUENCE, and in HiJackThis tick/fix
ALL lines indicated here!
...................................................................................................
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.gateway.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
/P/ O4 - HKLM\..\Run: [dmcvc.exe] C:\WINNT\System32\
dmcvc.exe
Fix ALL your O16 - DPF: entries
Unless these IP-numbers are from your ISP, fix this O17
O17 - HKLM\System\CCS\Services\Tcpip\..\{81B1B5CB-08AD-49C7-A5FA-2EFE9D923DCA}: NameServer = 85.255.114.91,85.255.112.108
...................................................................................................
STOP using that crappy IE (other than for Windows-updates) and install Firefox from www.getfirefox.com
And it's also HIGH TIME you install SP2!