My Hijack log

Discussion in 'adware, spyware & hijack cleaning' started by pbadke, Jul 7, 2004.

Thread Status:
Not open for further replies.
  1. pbadke

    pbadke Registered Member

    Jul 7, 2004
    Here is how my problem has started:

    Last week I was unable to stay connected to the internet (dialup) for longer than just a couple of minutes. After trying various connection cords I decided to get a new modem to see if my modem was bad... it has happened before (not like this, just my modem going bad). So, I begin to install the new modem, after plugging it into it's slot, I turn the PC on and attempt to install the driver. While installing the driver, it appears to have finished, yet does not go to the completion portion of the install, and the PC froze. I restarted and attempted to sign onto the internet with the new modem, computer froze. So I restart and try to reinstall the driver... froze again. I open Norton Antivirus, and apparently my auto-check virus protection is disabled and it cannot be turned back on. Also, when I open Norton, it closes itself after about 30 seconds, forcing me to reopen it.

    Now, a couple weeks ago I deleted some spyware with Ad-aware and started to get this error: Error Loading C:\windows\system32\bridge.dll

    That's the only thing I could think of as being a reason for this to happen, so I Google'd it and came across this post on these forums. I've followed the tips as to run HijackThis... so now maybe you guys can figure out what the problem is. I've run out of patience, and come thisclose to throwing the PC against the wall.

    BTW, I'm not on my 'normal' computer (the one with the problems), this is a old computer... just so ya know, like I said, I cannot access the internet from the 'normal' computer.


    Logfile of HijackThis v1.97.7
    Scan saved at 8:15:59 PM, on 7/7/2004
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\Program Files\Compaq\Compaq Message Screener\bin\compaq-rba.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Program Files\AT&T Worldnet Accelerator\PropelAC.exe
    C:\Program Files\Norton SystemWorks\CKA.exe
    C:\Program Files\AIM\aim.exe
    C:\Documents and Settings\Paul\Application Data\cpml.exe
    C:\Program Files\FinePixViewer\QuickDCF.exe
    C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
    C:\Program Files\GetRight\getright.exe
    C:\Program Files\GetRight\getright.exe
    C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\FRU\Remind32.exe
    C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
    C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by AT&T WorldNet Service
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =
    R3 - Default URLSearchHook is missing
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {0F660F64-F4C9-477F-8529-44181B717472} - C:\Program Files\AT&T\WnClient\Programs\CSMBHO.dll
    O2 - BHO: (no name) - {30FF6155-E617-79E6-8756-64550DA62F4B} - C:\WINDOWS\System32\ibwuwx.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O2 - BHO: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\Program Files\AIM\\DeadAIM.ocm",ExportedCheckODLs
    O4 - HKLM\..\Run: [Propel Accelerator] "C:\Program Files\AT&T Worldnet Accelerator\trayctl.exe" /STARTUPLAUNCH
    O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [Win32 USB2 Driver] smsc.exe
    O4 - HKLM\..\Run: [Microsoft Message Machine] msmesg32.exe
    O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\ykxiwlh.exe
    O4 - HKLM\..\Run: [Microsoft Update Machine] taskmngrs.exe
    O4 - HKLM\..\Run: [CARPService] carpserv.exe
    O4 - HKLM\..\RunServices: [Win32 USB2 Driver] smsc.exe
    O4 - HKLM\..\RunServices: [Microsoft Message Machine] msmesg32.exe
    O4 - HKLM\..\RunServices: [Microsoft Update Machine] taskmngrs.exe
    O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
    O4 - HKCU\..\Run: [SymKeepAlive] C:\Program Files\Norton SystemWorks\CKA.exe
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - HKCU\..\Run: [Win32 USB2 Driver] smsc.exe
    O4 - HKCU\..\Run: [Ecnn] C:\Documents and Settings\Paul\Application Data\cpml.exe
    O4 - HKCU\..\Run: [Microsoft Message Machine] msmesg32.exe
    O4 - HKCU\..\Run: [Microsoft Update Machine] taskmngrs.exe
    O4 - HKCU\..\Run: [Zfhadfgd] C:\WINDOWS\System32\ogb.exe
    O4 - HKLM\..\RunOnce: [Compaq_RBA] C:\Program Files\Compaq\Compaq Message Screener\bin\compaq-rba.exe -z
    O4 - HKLM\..\RunOnce: [Win32 USB2 Driver] smsc.exe
    O4 - HKCU\..\RunOnce: [Win32 USB2 Driver] smsc.exe
    O4 - Startup: Hewlett-Packard Recorder.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\FRU\Remind32.exe
    O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
    O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
    O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
    O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
    O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
    O8 - Extra context menu item: Refresh Pa&ge with Full Quality - C:\Program Files\AT&T Worldnet Accelerator\pac-page.html
    O8 - Extra context menu item: Refresh Pi&cture with Full Quality - C:\Program Files\AT&T Worldnet Accelerator\pac-image.html
    O8 - Extra context menu item: Si&milar Pages - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
    O9 - Extra button: AnyWho (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
    O9 - Extra button: HuntBar (HKLM)
    O9 - Extra button: AIM (HKLM)
    O9 - Extra button: (HKLM)
    O9 - Extra button: Netnews (HKCU)
    O12 - Plugin for .wma: C:\Program Files\Netscape\Communicator\Program\PLUGINS\npdsplay.dll
    O16 - DPF: Dialpad US Java Applet -
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
    O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) -
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) -
    O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) -
    O16 - DPF: {886DDE35-E955-11D0-A707-000000521958} -
    O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) -
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
    O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78D} (DoomCln Object) -
    O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} -
    O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) -
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
    O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) -
    O16 - DPF: {D97287B6-4018-4060-948D-54D2122FC5C3} -
  2. pbadke

    pbadke Registered Member

    Jul 7, 2004
Thread Status:
Not open for further replies.