I was messin around with my uncles comp uninstalling shite apps, cleaning virus and spyware. After I rebooted, got the blue screen of death (Fatal error some bullshit) I had no other way of fixing the problem and since this comp didnt have SP2 on it at the time, I decided to put it on and see if that would fix the problem which it did but now when I boot up I can do anything cuz the comp just like gets stuck loading, no like freezing but when I go to click anywhere on the taskbar or anything the cursor changes to the sand timer icon and stays like that so I cant do anything. :( :cry:

Also this comp has a bunch of transponder spyware bullshit that I can seem to get rid of with anything, and some other spyware.

Hijack This! et al.

I think ive fixed all the problems, did a google seach and there it was....

Fuck, just when I thought it was good to go, these transponders dont give up. There back!

Logfile of HijackThis v1.99.1
Scan saved at 6:28:09 AM, on 07/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.exe
c:\windows\system32\tjhxomv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Documents and Settings\Andy\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://websearch.drsnsrch.com/sidesearch.cgi?id=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = websearch.drsnsrch.com/q.cgi?q=
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: Band Class - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - C:\WINDOWS\systb.dll
O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120644612781
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

lots of crap in that list.

load the log file in 'http://www.hijackthis.de/'


also use a reg cleaner like CCleaner.

lots of crap in that list.

load the log file in 'http://www.hijackthis.de/'


also use a reg cleaner like CCleaner.

It keeps reinstalling itself.

Post your Log here at SpywareInfo (http://forums.spywareinfo.com/index.php?)....this is waht they do & the make of HijackThis is on Staff.

lots of crap in that list.

load the log file in 'http://www.hijackthis.de/'


also use a reg cleaner like CCleaner.

It keeps reinstalling itself.

remove the crap. run a reg cleaner and check your program files folder for empty/useless folders. delete them. run Microsoft antispyware.

Clear "Downloaded program files" - even if you think you know what they are, they may not be. That's usually in C:\WINDOWS\Downloaded Program Files.

Then check the security settings, these things often drop security level to low so that they can re-infect.

Get rid of Nail.exe and tjhxomv.exe. Nail is known spyware, tjhxomv doesn't show up anywhere so it is probably also spyware.

Make sure you are in safe mode when you do this so it can'r re-infect while you are doing it.

Edit: oh, and get rid of that drsnsrch stuff, that's more spyware.
Edit2: and systb.dll too.

Clear "Downloaded program files" - even if you think you know what they are, they may not be. That's usually in C:\WINDOWS\Downloaded Program Files.

Then check the security settings, these things often drop security level to low so that they can re-infect.

Get rid of Nail.exe and tjhxomv.exe. Nail is known spyware, tjhxomv doesn't show up anywhere so it is probably also spyware.

Make sure you are in safe mode when you do this so it can'r re-infect while you are doing it.

Edit: oh, and get rid of that drsnsrch stuff, that's more spyware.
Edit2: and systb.dll too.

K, Ill give that a try and see what happens.

blah, I just reformatted it. Now its all good to go.

That's good.

Now stop double and tripple posting to increase your postcount. Use the http://filesharingtalk.com/vb3/synapse_kt8c/buttons/edit.gif button instead.

Now stop double and tripple posting to increase your postcount. Use the http://filesharingtalk.com/vb3/synapse_kt8c/buttons/edit.gif button instead.

:cry: It wasnt meant for that purpose, I just did it cuz I find it easier. :schnauz: