could anyone help with my log ?

hi, find-it-easy.org seems to be taking over my comp.

here is my log.

 

Hi Lee!

You should go through the 'Read me first before before asking for support.' sticky posted by Major Attitude.
http://forums.majorgeeks.com/showthread.php?t=35407. It's located above the posts on this Spyware Specific forum page. It'll help out a lot.

Make sure to try to complete all the steps, and write down any problems you encounter with them, and what symptoms remain when you're finished. Then post back with the results.



Good Luck!

 

First, please follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.

After doing ALL of the above if you still have a problem:

Make sure you have HijackThis 1.99 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

Now post a HijackThis as a .txt file attachment to your message. All running programs should be closed,including your web browser, e-mail. Close before running Hijack This!

Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT

 

hi, i have ran through what you said and didnt really get any where. dont really know what to do now?

 

Ok, First thing I notice is that your not up-to-date on your OS updates. For your safety you need at LEAST WinXP Service Pack 1a, I would highly suggest installing WinXP Service Pack 2 ASAP to get all the latest security fixes because as of right now your vulnerable to a lot. Also from viewing your log you have no signs of running the online virus scans. In order to repair your infections you need to completely read what we post. Please run the online virus scans and follow the threads to make it easier on both of us.

TrendMicro Online Virus Scan

Symantec Online Virus Scan

 

right, did both the virus scans,

one came up with 4 and i deleted them and the other came up with these

C:\Documents and Settings\lee\Local Settings\Temporary Internet Files\Content.IE5\CPEBOHQJ\file[1].exe is infected with Downloader.Trojan
C:\Documents and Settings\lee\Local Settings\Temporary Internet Files\Content.IE5\GX27CLIN\1632[2] is infected with Bloodhound.Exploit.6
C:\Documents and Settings\lee\Local Settings\Temporary Internet Files\Content.IE5\OVERSPQV\index[1].htm is infected with MHTMLRedir.Exploit


i just done another log as well.
hope this will help

 

Ok, lets do this:

1)Download and run CCleaner

2)This will clean your temp files, cookies, etc; After you run this tool go into the folder "C:\Documents and Settings\lee\Local Settings\Temporary Internet Files" and delete "Content.IE5" if it still exist.

Complete this and I will be back shortly to tell you about the log. If I dont make it back im sure chaslang will take a look at it.

 

Ok, Im back for a little while, Ok lets run HJT again and fix this item. Before removing anything with HJT please close all browsers.

O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.145/x15.chm::/trs15.exe

After removing this reboot, other than this your log looks fine.

Are you still having the problem?

 

seem to of fixed it.

Thanks mate.

any more probs ill give u a shout.

 

invaded by homepage hijacker! Help!

hi, i had it the other day and it went and now its back.

Please could you check me log and see if there is any problems.

Thanks lee

 

Right, the same problem has come back.
Ive put a new log up.
Lee

 

Hi, right ive updated windows, im not to sure what any of the lines on the log mean so you might have to help me, this is my new log.

Thanks lee

 

right when i open explorer it get an ad come up find-it-easy.org, cant get rid of that, also, if i go got google and search for something, when i click on my search the page starts to load and then an ad takes over the page, click back and the page starts to load then a different add takes over the page.

Very anoying.
Any ideas.

Lee

 

Yea i do you ebay stuf, i have ebay toolbar as well.

here is my ad-aware info.
Definitions File Loaded:
Reference Number : SE1R23 16.12.2004
Internal build : 28
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 418765 Bytes
Total size : 1325342 Bytes
Signature data size : 1295582 Bytes
Reference data size : 29248 Bytes
Signatures total : 36831
Fingerprints total : 624
Fingerprints size : 23478 Bytes
Target categories : 15
Target families : 634

13-01-2005 19:12:04 Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R25 11.01.2005
Internal build : 30
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 412196 Bytes
Total size : 1300547 Bytes
Signature data size : 1270864 Bytes
Reference data size : 29171 Bytes
Signatures total : 36186
Fingerprints total : 604
Fingerprints size : 22767 Bytes
Target categories : 15
Target families : 632


13-01-2005 19:12:20 Success
Update successfully downloaded and installed.



I think that site applies to me but there is so much info on there.

Lee

 

hi, yea it is 1.05, ive removed the ebay and google tool bar and i think that got rid of it, i also did the system scan after, it found 18 objects, ive deleted them now.
Any thing else i can do now to flush out anything that is still on my comp.

Lee

 

yes, thanks for all your help mate.

Lee