Help, I don't understand

All of this Hijack stuff. I am also running ad aware as I am typing this. My browser is not working right since someone sent me something. It keeps saying this page cannot be displayed. I did have a couple bugs, Backdoor.OptixPro.13 and Backdoor.Litmus.Gen But I got rid of them and followed Nortons instruction to a T on resetting the values. That still did not help. So I am wondering if I might have been hijacked... ??? Here is my log.


Thanks so much
Katie

 

Hi

I am sorry for posting my files. I did not see your rules. I still do not understnad even after looking through the information though. Could one of you e-mail me personally and help me? I have to constantly reload to get in.

Will check in the morning, going to bed..

I would like to verify with the mojor though before I get help. Please do not take offense, but I just do not want to mess up a new computer more then I already have.

Thanks
Katie

 

Ok Katie,
YOu have a virus and a Trojan on your machine.

I want you go here
http://housecall.trendmicro.com/housecall/start_corp.asp

and run the online virus scan. Hopefully it will find the Gaobot variant that is on your machine.
Once that scan is done, I want you to download this program (Free registration required) and run it while in safe mode.

http://www.majorgeeks.com/download.php?det=4281
a-squared (a²) Free edition 1.1

Hopefully this will find the Litmus trojan that is on your machine.

After you've done all this, still in safe mode, I want you open up HJT (Katie, make sure you run HiJackThis.exe from its' own folder like C:\HJT <----this is important!!) and remove the following lines.

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O4 - HKLM\..\Run: [Windex Service] windex.exe
O4 - HKLM\..\RunServices: [Windex Service] windex.exe
O4 - HKCU\..\Run: [Windows Manager] C:\WINDOWS\system32\winsrv.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

Once you've done this, reboot into normal mode and make another HJT log for us to look at and please report if the trojan and worm were found and cleaned.

 

Oh No really?

Thank you so much Kodo, I am following your advice as I type. Thanks for not getting upset with me for posting my Hijack thingy,, I just did not understand it..

I will let you know how things turn out..

Again thank you so much

Katie

 

Hi Kodo



I did all that you wrote. First none of the worms or trojans where picked up. I then went into safe mode and ran the programs. HJK did not pick up 06 or or 04 {windows manager} while in safe mode. I had to come back into regular mode to fix it. Hope that is okay. Here is a copy of the new log.



Thanks so much and please let me know if I still have them bad boys. My computer seems to be working a little better.

 

I agree, looks clean.

Let us know if you have any more problems

 

Thank you both so much. I am running fine now..

You guys are wonderful ..