Theme

Welcome · log in · join

Search similar:

[HSI] help

Forums → The Site → Old Forums →

Security Cleanup → I Need Help!!

uniqs
353

« (topic move) HJT Log, MSMSGS.exe consumes 50% of CPU • New FAQ for SpywareQuake removal »

Lilly4 I Need A Vacation Premium Member join:2002-04-18 Brentwood, NY	Lilly4 Premium Member 2006-Mar-21 4:08 pm I Need Help!! I am trying to fix my friends computer that has been compromised with spyware. I followed the recommended steps and most of the spyware was taken care of but there are some that just won't fix. These are the ones: Ad-aware says: mdieftp.dll guard.tmp adware.look2me Spybot comes up with this: Command Service Hkey_Local_Machine\system\controlset003\services\cmdservice Hkey_Local_Machine\system\currentcontrolset\services\cmdservice Ewido Anti-Malaware can't take care of these cause after many attempts of trying to fix and trying to delete, these still come up: C:\windows\system32\ICXSAP.dll adware.look2me C:\windows\system32\KZDFI1.dll Adware.look2me A0087593.dll Adware.look2me A0087595.dll Adware.look2me I also have the hijack this log if you need it. I would definitely appriciate it if someone could help me with this. Thanks.
	· actions · 2006-Mar-21 4:08 pm · (locked)
siggyx Siggy Premium Member join:2003-12-10 Cambridge	siggyx Premium Member 2006-Mar-21 4:14 pm Please post the hijackthis log if you have followed all of the steps.
	· actions · 2006-Mar-21 4:14 pm · (locked)
Lilly4 I Need A Vacation Premium Member join:2002-04-18 Brentwood, NY 1 edit	Lilly4 Premium Member 2006-Mar-21 4:15 pm Logfile of HijackThis v1.99.1 Scan saved at 5:47:19 AM, on 3/21/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\wanmpsvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\BCMSMMSG.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Microsoft AntiSpyware\gcasServ.exe C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\explorer.exe C:\Program Files\Common Files\Symantec Shared\NMain.exe C:\Documents and Settings\*****\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost; O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O20 - Winlogon Notify: RunOnceEx - C:\WINDOWS\system32\mdieftp.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
	· actions · 2006-Mar-21 4:15 pm · (locked)
Lilly4	Lilly4 Premium Member 2006-Mar-21 4:19 pm i just finished scanning the computer with norton antivirus and this is what it says: mwinprag.exe adware.zenosearch mwinprai.exe adware.zenosearch
	· actions · 2006-Mar-21 4:19 pm · (locked)
siggyx Siggy Premium Member join:2003-12-10 Cambridge	siggyx to Lilly4 Premium Member 2006-Mar-21 4:29 pm to Lilly4 Please download Look2Me-Destoyer to your desktop. http://www.atribune.org/ccount/click.php?id=7 [] Close all windows before continuing. [] Double-click Look2Me-Destroyer.exe to run it. [] Put a check next to Run this program as a task* . [] You will receive a message saying Look2Me-Destroyer will close and re-open in approximately 10 seconds. Click OK [] When Look2Me-Destroyer re-opens, click the Scan for L2M button , your desktop icons will disappear, this is normal. [] Once it's done scanning, click the Remove L2M button* . [] You will receive a Done Scanning message, click OK . [] When completed, you will receive this message: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, click OK . [] Your computer will then shutdown. [] Turn your computer back on. If you receive a message from your firewall about this program accessing the internet please allow it. If you receive a runtime error '339'. please download MSWINSCK.OCX from the link below and place it in your C:\Windows\System32. Directory http://www.ascentive.com/support/new/images/lib/MSWINSCK.OCX NEXT Please download the trial version of Ewido Security Suite here: http://www.ewido.net/en/ Install it, and update the definitions to the newest files. Next, please reboot your computer in Safe Mode by doing the following: 1) Restart your computer 2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8. 3) Instead of Windows loading as normal, a menu should appear 4) Select the first option, to run Windows in Safe Mode. Then please run Ewido, and run a full scan. Save the logfile from the scan. [] Please post the contents of C:\Look2Me-Destroyer.txt* the Ewido log and a new HiJackThis log.
	· actions · 2006-Mar-21 4:29 pm · (locked)
Lilly4 I Need A Vacation Premium Member join:2002-04-18 Brentwood, NY	Lilly4 Premium Member 2006-Mar-21 6:44 pm ok im now running ewido in full scan...its gonna take a while cause the computer is slow...darn thing only has 128 megs of ram. siggyx...thank you for helping me...i really appriciate it
	· actions · 2006-Mar-21 6:44 pm · (locked)
Lilly4 2 edits	Lilly4 Premium Member 2006-Mar-21 8:02 pm ok sorry it took so long. EWIDO REPORT: --------------------------------------------------------- ewido anti-malware - Scan report --------------------------------------------------------- + Created on: 7:49:18 PM, 3/21/2006 + Report-Checksum: 49DCD592 + Scan result: C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP979\A0087605.dll -> Adware.Look2Me : Cleaned with backup C:\WINDOWS\SYSTEM32\ICXSAP.DLL -> Adware.Look2Me : Cleaned with backup ::Report End LOOK2ME REPORT: Look2Me-Destroyer V1.0.11 Scanning for infected files..... Scan started at 3/21/2006 6:16:05 PM Infected! C:\WINDOWS\system32\gp22l3fo1.dll Infected! C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP979\A0087602.dll Infected! C:\WINDOWS\SYSTEM32\gp22l3fo1.dll Infected! C:\WINDOWS\SYSTEM32\k208lcdu1f08.dll Attempting to delete infected files... Attempting to delete: C:\WINDOWS\system32\gp22l3fo1.dll C:\WINDOWS\system32\gp22l3fo1.dll Deleted successfully! Attempting to delete: C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP979\A0087602.dll C:\System Volume Information\_restore{11B4CBB0-31B0-483C-A4FE-D6E9E8C1A928}\RP979\A0087602.dll Deleted successfully! Attempting to delete: C:\WINDOWS\SYSTEM32\gp22l3fo1.dll C:\WINDOWS\SYSTEM32\gp22l3fo1.dll Deleted successfully! Attempting to delete: C:\WINDOWS\SYSTEM32\k208lcdu1f08.dll C:\WINDOWS\SYSTEM32\k208lcdu1f08.dll Deleted successfully! Making registry repairs. Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Extensions Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{F904F3BD-3B14-47A9-B210-F88CCA45F66A}" HKCR\Clsid\{F904F3BD-3B14-47A9-B210-F88CCA45F66A} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{1CDEA0D3-437E-482B-8F20-0E1515E834C4}" HKCR\Clsid\{1CDEA0D3-437E-482B-8F20-0E1515E834C4} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{31CE741F-B469-4226-854B-155615D0758B}" HKCR\Clsid\{31CE741F-B469-4226-854B-155615D0758B} Restoring Windows certificates. Replaced hosts file with default windows hosts file Restoring SeDebugPrivilege for Administrators - Succeeded HIJACK THIS REPORT: Logfile of HijackThis v1.99.1 Scan saved at 11:03:52 PM, on 3/21/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\BCMSMMSG.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Program Files\America Online 9.0\aoltray.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\wanmpsvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\****\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost; O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
	· actions · 2006-Mar-21 8:02 pm · (locked)
siggyx Siggy Premium Member join:2003-12-10 Cambridge	siggyx to Lilly4 Premium Member 2006-Mar-21 11:43 pm to Lilly4 If you dont have these three programs I would recommend that you get them.Spywareblaster,Spywareguard and IESPY AD. They will add 1000's of sites to your resticted zone and block some hijacks from happening. In my signature below is also a tutorial on how to harden IE, a good read and very helpful to stop these things in the future. I also have a FREE FIREWALL and FREE ANTI VIRUS if you need one. It is critical to have both a firewall and anti virus to protect your system. Keep your system up to date and run Adaware & Spybot, once a week works, and hopefully you will be ok from here on. Safe Surfing.
	· actions · 2006-Mar-21 11:43 pm · (locked)
Lilly4 I Need A Vacation Premium Member join:2002-04-18 Brentwood, NY	Lilly4 Premium Member 2006-Mar-23 1:17 am thanks for helping me again siggyx. i do have a question, can Spywareblaster,Spywareguard and IESPY AD be run on a computer that only has 128 megs of ram? its my friends computer that had all these problems with spyware and i did install norton antivirus on it, though the computer is now slower. also, if your on dialup is it necessary to have a firewall?
	· actions · 2006-Mar-23 1:17 am · (locked)
CajunTek Insane Cajun Premium Member join:2003-08-08 Arlington, TX	CajunTek Premium Member 2006-Mar-23 9:40 am said by Lilly4: thanks for helping me again siggyx. i do have a question, can Spywareblaster,Spywareguard and IESPY AD be run on a computer that only has 128 megs of ram? its my friends computer that had all these problems with spyware and i did install norton antivirus on it, though the computer is now slower. also, if your on dialup is it necessary to have a firewall? Neither SpywareBlaster nor IE-Spyad use an resources.. SpywareGuard is minimal.. ANd firewall.. YES
	· actions · 2006-Mar-23 9:40 am · (locked)
Lilly4 I Need A Vacation Premium Member join:2002-04-18 Brentwood, NY	Lilly4 Premium Member 2006-Mar-24 9:03 am thank you for the reply and the help cajuntek
	· actions · 2006-Mar-24 9:03 am · (locked)
CajunTek Insane Cajun Premium Member join:2003-08-08 Arlington, TX	CajunTek Premium Member 2006-Mar-24 9:30 am Sure.. but siggyx did all the work..
	· actions · 2006-Mar-24 9:30 am · (locked)
siggyx Siggy Premium Member join:2003-12-10 Cambridge	siggyx to Lilly4 Premium Member 2006-Mar-24 4:14 pm to Lilly4 It is all about a team effort
	· actions · 2006-Mar-24 4:14 pm · (locked)
CalamityJane Premium Member join:2002-08-27 Eustis, FL	CalamityJane Premium Member 2006-Mar-24 7:31 pm said by siggyx: It is all about a team effort I'll second that! But we do thank you for helping out, siggyx and CajunTek both! {{{Group Hug, everybody}}} That includes you too, Lilly for helping your friend and getting him/her protected from future infections! Good job
	· actions · 2006-Mar-24 7:31 pm · (locked)

Forums → The Site → Old Forums → Security Cleanup	« (topic move) HJT Log, MSMSGS.exe consumes 50% of CPU • New FAQ for SpywareQuake removal »