?
Solved

2020Search Toolbar Removal

Posted on 2004-04-19
8
Medium Priority
?
1,540 Views
Last Modified: 2009-07-29
How can I get rid of the 2020Search Toolbar that comes up every time I go to IE 6?  I have tried SpyBot S&D, Ad-Aware, Hijack This and Norton Antivirus 2003.
0
Comment
Question by:LinBro
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 32

Expert Comment

by:LucF
ID: 10861683
Hi LinBro,

Post the hijackthis logfile and we will be able to point out what to remove.

Greetings,

LucF
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 10861797
Make a backup of your registry

Check these registry entries

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
HKCU\Software\Microsoft\Internet Explorer\SearchURL
HKCU\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
HKCU\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
HKCU\Software\Microsoft\Internet Explorer\Search\SearchAssistant
HKCU\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar

and remove that 2020search if you find them
0
 

Author Comment

by:LinBro
ID: 10862339
I've tried removing these items and they reappear.  Here is the Hijack This Log:

Logfile of HijackThis v1.97.7
Scan saved at 1:31:03 PM, on 4/19/2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\mnmsrvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINNT\System32\NMSSvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\Promon.exe
C:\WINNT\system32\Smtray.exe
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb03.exe
C:\WINNT\system32\wfxsnt40.exe
C:\winnt\system32\infwin.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINNT\System32\spool\DRIVERS\W32X86\3\fppdis1.exe
C:\Program Files\Media\Media\UpdateStats.exe
C:\WINNT\system32\pcs\pcsvc.exe
C:\Program Files\Common Files\Dpi\dpi.exe
C:\Program Files\Symantec\WinFax\WFXCTL32.EXE
C:\LLB\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\System32\cngc.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\System32\cngc.dll/sp.html (obfuscated)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\System32\cngc.dll/sp.html (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\System32\cngc.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\System32\cngc.dll/sp.html (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\System32\cngc.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: (no name) - {00DF1284-083D-488C-A031-CE0D9CEE9142} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {04245EC0-5E97-4B59-A1C9-CFFD8C99F0C1} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {0D78E984-944D-4457-8D04-AEED39AD86DE} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {0E2DA6DB-B0A7-4E32-BC85-8AB5D9803AB4} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {0F4B40C4-5B05-432A-9CE3-5E9BE7B884E5} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {15A50002-ED39-4081-82A6-46829ED1CB19} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {1E4064FB-766B-4DF5-BC02-81F941767A6C} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {2115FCF3-3AB9-4D0B-982C-DCB9AE75562B} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {2405028D-769B-43A9-9AF4-CC531F6E33A0} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {2CF0B992-5EEB-4143-99C0-5297EF71F443} - C:\WINNT\System32\stlbdist.DLL
O2 - BHO: (no name) - {32C4571B-DBE1-4E12-91B8-098773B85C68} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {336CDBA8-1A88-47F6-8142-B87D71FBD4D6} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {36594D8C-7C76-492B-AB41-223C7000A76C} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {38B1D185-FDEE-4704-BE22-E6D5A7122C0E} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {3CACCCEC-1737-4CC2-AAF1-EE14FFFDE42B} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {3FF5E0A5-8F1B-4E80-8852-75480E81E71D} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {45F36E29-9351-41D6-80B3-6CADC9FD7E53} - C:\WINNT\System32\cngc.dll
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\LLB\BACKUP~3.DLL
O2 - BHO: (no name) - {5E271C40-28A4-4355-A4C3-7DAA1561A5F9} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {7272C341-1C7A-4E63-B55C-08710A81F4FD} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINNT\2_0_1browserhelper2.dll
O2 - BHO: (no name) - {858F6D92-58E5-4316-A0D2-0DA755E3C819} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {881E3858-04BB-4D6F-BCA3-C30FC71DD880} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {8BB9F018-AD8A-4B96-9291-BBCBE42EBCE3} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {8F921655-8D69-43AE-AF26-86A69810A1E9} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINNT\System32\bridge.dll
O2 - BHO: (no name) - {A39112CA-FFC5-4CFD-BC43-FF51303E0A97} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {A3EE71AE-5DA6-47DB-9B64-6936CBEB75AE} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {B2C28E6D-F16A-425D-94E6-BC198187E93D} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {C0090A19-4CD1-41EF-8FBF-79DE94F8F30E} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {C8BF565E-145B-4B6D-9D5F-2C04B1FEAD39} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {CDA3D1A7-0EAE-41C7-BE78-F5B9543CEB25} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {CE76FDEB-E257-4475-BBA4-0306B189020D} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {CEE83B7B-FFE5-44DA-B864-8A60EA04B940} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {D05652FB-E3E5-4D4B-A661-CE7ACF21F45B} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {D0A0450F-B92F-4439-9811-C83BCDCB5DB2} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {D0C5654E-BF7C-4C73-9384-6E77AB38ED25} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {D498F354-E92E-4B30-B554-AC2C532E2982} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {D90F98C3-5C8D-4C0B-A7D4-C2DB6F2E3372} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {DDCBED59-0A7C-4C1C-B267-01862EF1D36F} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {E2F5A057-BFF3-4BB7-9C63-AF916D6592D1} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {F17678D5-9740-4AB2-9D18-A4555070EE26} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {FABFAE6D-366A-4F7E-BDB2-B274FEE395B6} - C:\WINNT\System32\cngc.dll
O4 - HKLM\..\Run: [tourpath] regedit /s c:\winnt\tour.reg
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Promon.exe] Promon.exe
O4 - HKLM\..\Run: [Smapp] Smtray.exe
O4 - HKLM\..\Run: [ConfigSafe] C:\CFGSAFE\NTFSCLUP.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [WinFaxAppPortStarter] wfxsnt40.exe
O4 - HKLM\..\Run: [infwin] c:\winnt\system32\infwin.exe /noconnect
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Mscnt] c:\winnt\system32\mscnt.exe /noconnect
O4 - HKLM\..\Run: [pdfFactory Dispatcher v1] C:\WINNT\System32\spool\DRIVERS\W32X86\3\fppdis1.exe
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINNT\System32\bridge.dll",Load
O4 - HKLM\..\Run: [UpdateStats] C:\Program Files\Media\Media\UpdateStats.exe
O4 - HKLM\..\Run: [{2CF0B992-5EEB-4143-99C0-5297EF71F444}] rundll32.exe C:\WINNT\System32\stlbdist.DLL,DllRunMain
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [Pcsv] C:\WINNT\system32\pcs\pcsvc.exe
O4 - HKLM\..\Run: [Dpi] C:\Program Files\Common Files\Dpi\dpi.exe
O4 - HKLM\..\Run: [updater] C:\Program Files\Common files\updater\wupdater.exe
O4 - Startup: AUTODISC.BAT.lnk = C:\AUTODISC.BAT
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Controller.LNK = C:\Program Files\Symantec\WinFax\WFXCTL32.EXE
O8 - Extra context menu item: &RSDN Search - res://C:\WINNT\2020SE~1.DLL/GoRSDN.dll.htm
O9 - Extra 'Tools' menuitem: MaxSpeed (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst.cab
O16 - DPF: {55A548B3-AFA8-41E3-8057-FD24931C6388} (FXExec Control) - http://216.87.37.188/app/FXCtrl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38093.4636689815
O16 - DPF: {C3A57B60-C117-11D2-BD9B-00105A0A7E89} (SAXFile ActiveX Control) - https://imaging.emitchell.com/../../saxfile.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DED22F57-FEE2-11D0-953B-00C04FD9152D} (CarPoint Auto-Pricer Control) - http://autos.msn.com/components/ocx/autopricer/autopricer.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O16 - DPF: {ED03E47C-D12B-4798-B016-E6EAA05FD1FA} (MitFIOCX.FIData) - https://imaging.emitchell.com/FIData.CAB
O16 - DPF: {F5820AD3-9B20-423E-B2AA-7AF2B4055746} (CRegistryDownload Class) - http://www.paltalk.com/prod/RegDload.CAB
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {FC3A74E5-F281-4F10-AE1E-733078684F3C} (Downloader Class) - http://www.2020search.com/toolbar/2020Search.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E3C7FBDE-F64E-4EE8-A15D-7EC619B68C20}: NameServer = 216.167.161.35,216.167.161.36

Thanks for your help!
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
LVL 32

Accepted Solution

by:
LucF earned 200 total points
ID: 10862391
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\System32\cngc.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\System32\cngc.dll/sp.html (obfuscated)
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\System32\cngc.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\System32\cngc.dll/sp.html (obfuscated)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\System32\cngc.dll/sp.html (obfuscated)
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\System32\cngc.dll/sp.html (obfuscated)
O2 - BHO: (no name) - {00DF1284-083D-488C-A031-CE0D9CEE9142} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {04245EC0-5E97-4B59-A1C9-CFFD8C99F0C1} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {0D78E984-944D-4457-8D04-AEED39AD86DE} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {0E2DA6DB-B0A7-4E32-BC85-8AB5D9803AB4} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {0F4B40C4-5B05-432A-9CE3-5E9BE7B884E5} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {15A50002-ED39-4081-82A6-46829ED1CB19} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {1E4064FB-766B-4DF5-BC02-81F941767A6C} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {2115FCF3-3AB9-4D0B-982C-DCB9AE75562B} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {2405028D-769B-43A9-9AF4-CC531F6E33A0} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {2CF0B992-5EEB-4143-99C0-5297EF71F443} - C:\WINNT\System32\stlbdist.DLL
O2 - BHO: (no name) - {32C4571B-DBE1-4E12-91B8-098773B85C68} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {336CDBA8-1A88-47F6-8142-B87D71FBD4D6} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {36594D8C-7C76-492B-AB41-223C7000A76C} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {38B1D185-FDEE-4704-BE22-E6D5A7122C0E} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {3CACCCEC-1737-4CC2-AAF1-EE14FFFDE42B} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {3FF5E0A5-8F1B-4E80-8852-75480E81E71D} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {45F36E29-9351-41D6-80B3-6CADC9FD7E53} - C:\WINNT\System32\cngc.dll
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:\LLB\BACKUP~3.DLL
O2 - BHO: (no name) - {5E271C40-28A4-4355-A4C3-7DAA1561A5F9} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {7272C341-1C7A-4E63-B55C-08710A81F4FD} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINNT\2_0_1browserhelper2.dll
O2 - BHO: (no name) - {858F6D92-58E5-4316-A0D2-0DA755E3C819} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {881E3858-04BB-4D6F-BCA3-C30FC71DD880} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {8BB9F018-AD8A-4B96-9291-BBCBE42EBCE3} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {8F921655-8D69-43AE-AF26-86A69810A1E9} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINNT\System32\bridge.dll
O2 - BHO: (no name) - {A39112CA-FFC5-4CFD-BC43-FF51303E0A97} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {A3EE71AE-5DA6-47DB-9B64-6936CBEB75AE} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {B2C28E6D-F16A-425D-94E6-BC198187E93D} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {C0090A19-4CD1-41EF-8FBF-79DE94F8F30E} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {C8BF565E-145B-4B6D-9D5F-2C04B1FEAD39} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {CDA3D1A7-0EAE-41C7-BE78-F5B9543CEB25} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {CE76FDEB-E257-4475-BBA4-0306B189020D} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {CEE83B7B-FFE5-44DA-B864-8A60EA04B940} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {D05652FB-E3E5-4D4B-A661-CE7ACF21F45B} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {D0A0450F-B92F-4439-9811-C83BCDCB5DB2} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {D0C5654E-BF7C-4C73-9384-6E77AB38ED25} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {D498F354-E92E-4B30-B554-AC2C532E2982} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {D90F98C3-5C8D-4C0B-A7D4-C2DB6F2E3372} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {DDCBED59-0A7C-4C1C-B267-01862EF1D36F} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {E2F5A057-BFF3-4BB7-9C63-AF916D6592D1} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {F17678D5-9740-4AB2-9D18-A4555070EE26} - C:\WINNT\System32\cngc.dll
O2 - BHO: (no name) - {FABFAE6D-366A-4F7E-BDB2-B274FEE395B6} - C:\WINNT\System32\cngc.dll
O4 - HKLM\..\Run: [tourpath] regedit /s c:\winnt\tour.reg
O4 - HKLM\..\Run: [infwin] c:\winnt\system32\infwin.exe /noconnect
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINNT\System32\bridge.dll",Load
O4 - HKLM\..\Run: [UpdateStats] C:\Program Files\Media\Media\UpdateStats.exe
O4 - HKLM\..\Run: [{2CF0B992-5EEB-4143-99C0-5297EF71F444}] rundll32.exe C:\WINNT\System32\stlbdist.DLL,DllRunMain
O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe"
O4 - HKLM\..\Run: [Pcsv] C:\WINNT\system32\pcs\pcsvc.exe
O4 - HKLM\..\Run: [Dpi] C:\Program Files\Common Files\Dpi\dpi.exe
O4 - HKLM\..\Run: [updater] C:\Program Files\Common files\updater\wupdater.exe
O4 - Startup: AUTODISC.BAT.lnk = C:\AUTODISC.BAT
O8 - Extra context menu item: &RSDN Search - res://C:\WINNT\2020SE~1.DLL/GoRSDN.dll.htm
O16 - DPF: {FC3A74E5-F281-4F10-AE1E-733078684F3C} (Downloader Class) - http://www.2020search.com/toolbar/2020Search.cab

After ticking all these lines and clicking "fix checked" reboot your computer and start updating windows fast!
http://windowsupdate.microsoft.com

Then, use this tool to remove all traces of the virusses you have running loose in your computer:
http://vil.nai.com/vil/stinger/

0
 

Author Comment

by:LinBro
ID: 10864182
So far, it's working like a charm!  Thanks!
0
 
LVL 32

Expert Comment

by:LucF
ID: 10866370
So your problem is solved?
You did update windows?
You removed the virusses with stinger?

LucF
0
 

Author Comment

by:LinBro
ID: 10885130
Solved!  Yes, I did the updates and used stinger.
0
 
LVL 32

Expert Comment

by:LucF
ID: 10886065
Can you then please click the "accept" link on the comment that helped you the most?

Anyway, glad to help :)

LucF
0

Featured Post

Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Change your password...do it now!. Probably the easiest point of access to your account is through guessing your password. If your password is guessable, do change it now. If not for your sake but for everyone else in your friends list. Remember …
By the time you finish reading this article, you may have already lost all your money because you don't know the simple steps to securing your BitCoin wallet. BitCoin is an incredible invention. It is a decentralized currency system, which is the…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question