Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

Smart Security - Desktop Missing[CLOSED]

  • This topic is locked This topic is locked



    New Member

  • Member
  • Pip
  • 1 posts
Smart Security took over my laptop to the point that I could no longer use my computer. A friend took a look at my computer and was able to get me back to the desktop. However, all of my icons, except for the recycle bin, are gone, the right-click on my mouse does not work and my wall paper is gone. I've gone into control panel, display, web, but there was no security check mark to remove. I was able to run House Call and download Hijack This. Here is my log:

Logfile of HijackThis v1.99.1

Scan saved at 10:07:34 PM, on 5/23/2005

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:







C:\Program Files\Common Files\WinTools\WToolsS.exe



C:\Program Files\QuickTime\qttask.exe


C:\Program Files\Survey Alerts Manager\skinkers.exe


C:\Documents and Settings\LWD.YOUR-GICOY58REH.000\Application Data\usai.exe

C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

C:\Program Files\Common Files\WinTools\WSup.exe



C:\Program Files\Internet Explorer\iexplore.exe


C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\WinTools\WToolsA.exe

C:\Documents and Settings\LWD.YOUR-GICOY58REH.000\Local Settings\Temporary Internet Files\Content.IE5\FS99NWWG\hijackthis[1]\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ezytraffi...embers/surf.php

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapp...rch/search.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - (no file)

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn0\ycomp5_3_12_0.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {3DA3DC80-423B-12B5-46C2-46710108D2BF} - C:\WINDOWS\System32\uwzwnh.dll

O2 - BHO: (no name) - {3DA3DCF4-423D-67B4-46B5-40717108D2CF} - C:\WINDOWS\System32\uwzwnh.dll

O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\COMPAN~1\INSTALLS\cpn0\ycomp5_3_12_0.dll

O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe

O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet

O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup

O4 - HKCU\..\Run: [ConsumerIdentity] "C:\PROGRA~1\CONSUM~1\ConsumerIdentity.exe" /s

O4 - HKCU\..\Run: [SAMCluster] C:\Program Files\Survey Alerts Manager\skinkers.exe

O4 - HKCU\..\Run: [Ein] C:\WINDOWS\Olg.exe

O4 - HKCU\..\Run: [Khdzfb] C:\WINDOWS\System32\??ool32.exe

O4 - HKCU\..\Run: [Nrf] C:\WINDOWS\Cfp.exe

O4 - HKCU\..\Run: [Reg] C:\WINDOWS\System32\Ghb.exe

O4 - HKCU\..\Run: [Gkj] C:\WINDOWS\Nqa.exe

O4 - HKCU\..\Run: [Oou] C:\WINDOWS\Rqr.exe

O4 - HKCU\..\Run: [Lhr] C:\WINDOWS\System32\Hpp.exe

O4 - HKCU\..\Run: [Eas] C:\WINDOWS\System32\Kll.exe

O4 - HKCU\..\Run: [Mrd] C:\WINDOWS\System32\Fiu.exe

O4 - HKCU\..\Run: [Mad] C:\WINDOWS\System32\Ntv.exe

O4 - HKCU\..\Run: [Tdg] C:\WINDOWS\Mtn.exe

O4 - HKCU\..\Run: [Gee] C:\WINDOWS\Bah.exe

O4 - HKCU\..\Run: [Equ] C:\WINDOWS\Ilp.exe

O4 - HKCU\..\Run: [Ihp] C:\WINDOWS\Mio.exe

O4 - HKCU\..\Run: [Kur] C:\WINDOWS\Nom.exe

O4 - HKCU\..\Run: [Quo] C:\WINDOWS\System32\Bau.exe

O4 - HKCU\..\Run: [Gek] C:\WINDOWS\System32\Jtj.exe

O4 - HKCU\..\Run: [Rcs] C:\WINDOWS\System32\Fpe.exe

O4 - HKCU\..\Run: [Slt] C:\WINDOWS\System32\Gni.exe

O4 - HKCU\..\Run: [Uue] C:\WINDOWS\System32\Rue.exe

O4 - HKCU\..\Run: [Pan] C:\WINDOWS\Som.exe

O4 - HKCU\..\Run: [Lgq] C:\WINDOWS\Ipl.exe

O4 - HKCU\..\Run: [Udc] C:\WINDOWS\Ccj.exe

O4 - HKCU\..\Run: [Dgj] C:\WINDOWS\System32\Hpp.exe

O4 - HKCU\..\Run: [Sno] C:\WINDOWS\Dvp.exe

O4 - HKCU\..\Run: [Phe] C:\WINDOWS\System32\Kec.exe

O4 - HKCU\..\Run: [Srn] C:\WINDOWS\Ijq.exe

O4 - HKCU\..\Run: [Crao] C:\Documents and Settings\LWD.YOUR-GICOY58REH.000\Application Data\usai.exe

O4 - Startup: PowerReg SchedulerV2.exe

O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll

O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM95\aim.exe

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

O9 - Extra button: Microsoft AntiSpyware helper - {C9F5CB1D-D58D-4DBF-877F-9F34B3652704} - (no file) (HKCU)

O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {C9F5CB1D-D58D-4DBF-877F-9F34B3652704} - (no file) (HKCU)

O10 - Broken Internet access because of LSP provider 'connwsp.dll' missing

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O15 - Trusted Zone: *.horse-active.net

O15 - Trusted Zone: *.slotchbar.com

O15 - Trusted Zone: *.horse-active.net (HKLM)

O15 - Trusted Zone: *.slotchbar.com (HKLM)

O15 - Trusted IP range:

O15 - Trusted IP range: (HKLM)

O16 - DPF: {084F552D-19EB-4668-9788-984CBC781A8F} (AsyncDownloader Class) - http://survey.otxres...m/Preloader.dll

O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:C:\abcsp.chm::/on-line.exe

O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q330995.exe

O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg...v45/yacscom.cab

O16 - DPF: {40289096-9F72-4A04-BCB3-E434ECDCEE33} (AppDLCtrl Class) - http://download.howu...nload/appdl.cab

O16 - DPF: {40C6FCD5-4B1E-4114-B335-9AC19B50A1D0} (Export Class) - https://www.claimsma.../ExportCtrl.ocx

O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com...kup/qdiagcc.cab

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.av.a...83/mcinsctl.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/.../GrooveAX28.cab

O16 - DPF: {8823D9EC-C1C3-46D2-B3FE-0BB23CE8AE7C} (PrintControl Class) - https://www.claimsma...n/PrintCtrl.ocx

O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} (WTHoster Class) - http://install.wildt...yle/install.cab

O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.c...utocomplete.cab

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsec...scan/axscan.cab

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.a...,20/mcgdmgr.cab

O16 - DPF: {BF116476-3238-4EDA-A2D7-6D6814EF0DEC} (Quicksilver Class) - http://scpwbg.ops.pl...quicksilver.cab

O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - http://download.toon...3.16/ttinst.cab

O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://guard.gunboun...Crypt/npkcx.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcaf...379/mcfscan.cab

O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} (WildTangent Control) - http://install.wildt...ll2/install.cab

O20 - Winlogon Notify: Sebring - C:\WINDOWS\System32\LgNotify.dll

O21 - SSODL: NTDBGTOOL - {A88D35AA-3921-484D-A53B-1A5DFEAC5B50} - C:\WINDOWS\System32\lfcgwdeb.dll (file missing)

O23 - Service: WinTools for IE service (WinToolsSvc) - Unknown owner - C:\Program Files\Common Files\WinTools\WToolsS.exe
  • 0




    Visiting Staff

  • Member
  • PipPipPip
  • 172 posts
Hello there!

I'm sorry you've had such a long wait. If you still need help please post a fresh HijackThis log to this thread & I'll be right with you.

  • 0



    Visiting Staff

  • Member
  • PipPipPip
  • 172 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member with address of this thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP