error loading C:\windows\system32\bridge.dll

Discussion in 'adware, spyware & hijack cleaning' started by nunezo, Jun 4, 2004.

Thread Status:
Not open for further replies.
  1. nunezo

    nunezo Registered Member

    Joined:
    Jun 4, 2004
    Posts:
    1
    I need help with this error

    below is my log file

    Logfile of HijackThis v1.97.7
    Scan saved at 9:54:59 PM, on 6/4/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
    C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\DSentry.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    C:\Program Files\Common Files\Dell\EUSW\Support.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    C:\WINDOWS\wt\updater\wcmdmgr.exe
    C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
    C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\WINDOWS\System32\msiexec.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Documents and Settings\Carol\Local Settings\Temporary Internet Files\Content.IE5\C12JSLUB\HijackThis[1].exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O1 - Hosts: 66.132.173.82 search.kazaa.com
    O1 - Hosts: 66.132.173.82 desktop.kazaa.com
    O2 - BHO: (no name) - {00041A26-7033-432C-94C7-6371DE343822} - (no file)
    O2 - BHO: (no name) - {001F2570-5DF5-11d3-B991-00A0C9BB0874} - (no file)
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [DwlClient] C:\Program Files\Common Files\Dell\EUSW\Support.exe
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [FSW] C:\Program Files\FSW\FSW.EXE
    O4 - HKLM\..\Run: [KAZAA] C:\Program Files\KaZaA Lite\kpp.exe "C:\Program Files\KaZaA Lite\kazaa.exe" /SYSTRAY
    O4 - HKLM\..\Run: [sr1exe] "C:\Documents and Settings\All Users\Application Data\Dell\Alert\252\updtSup3.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load
    O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - Global Startup: America Online 7.0 Tray Icon.lnk = C:\Program Files\America Online 7.0\aoltray.exe
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: AIM (HKLM)
    O9 - Extra button: Real.com (HKLM)
    O9 - Extra button: MoneySide (HKLM)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {731918D2-517A-47E2-886A-3BC1380C591D} - http://webpdp.gator.com/v3/download/pdpplugin_4094_hd3ptdm.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38142.535150463
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
     
  2. illukka

    illukka Spyware Fighter

    Joined:
    Jun 23, 2003
    Posts:
    633
    Location:
    S.A.V.O
    first you're running hjt from the temp folder, which is not recommended..

    so unzip hjt to a folder of it's own, like c:\hijackthis for example.

    close all windows except hijackthis, tick the boxes next to these lines and click FIX:

    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

    O1 - Hosts: 66.132.173.82 search.kazaa.com

    O1 - Hosts: 66.132.173.82 desktop.kazaa.com

    O2 - BHO: (no name) - {00041A26-7033-432C-94C7-6371DE343822} - (no file)

    O2 - BHO: (no name) - {001F2570-5DF5-11d3-B991-00A0C9BB0874} - (no file)

    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE

    O4 - HKLM\..\Run: [KAZAA] C:\Program Files\KaZaA Lite\kpp.exe "C:\Program Files\KaZaA Lite\kazaa.exe" /SYSTRAY

    O4 - HKLM\..\Run: [sr1exe] "C:\Documents and Settings\All Users\Application Data\Dell\Alert\252\updtSup3.exe"

    O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch

    O4 - HKLM\..\Run: [FSW] C:\Program Files\FSW\FSW.EXE

    O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load

    O16 - DPF: {731918D2-517A-47E2-886A-3BC1380C591D} - http://webpdp.gator.com/v3/download...094_hd3ptdm.cab


    then

    1. Download and install Adaware (free edition) . (Click on "Adaware" in the left-hand column near the top at their website to download the free edition.)

    2. Go to Start > Programs > Lavasoft and click on AdAware 6 to open the program

    3. Look at the icons on the top right of the page and click on the ‘world’ and let AdAware update the spyware reference list

    4. Once the update is finished click on the ‘Gear’ icon (second from the left) to access the preferences/settings window

    1. In the ‘General’ window make sure the following are selected:
    · Automatically save log-file
    · Automatically quarantine objects prior to removal
    · Safe Mode (always request confirmation)

    2. Click on the ‘Scanning’ button on the left and select :
    · Scan Within Archives
    · Scan Active Processes
    · Scan Registry
    · Deep Scan Registry
    · Scan my IE favorites for banned URL’s
    · Scan my Hosts file
    · Under ‘Click here to select drives + folders’, choose:
    · All of your hard drives

    3. Click on the ‘Advanced’ button on the left and select:
    · Include additional process information
    · Include additional file information
    · Include environment information
    · Include additional object details

    4. Click the ‘Tweak’ button and select:
    · Under the ‘Scanning Engine’:
    · Unload recognized processes during scanning
    · Include basic Ad-aware settings in logfile
    · Include additional Ad-aware settings in logfile
    · Under the ‘Cleaning Engine’:
    · Let Windows remove files in use at next reboot

    5. Click on ‘Proceed’ to save the settings.

    6. Click ‘Start’ and on the next screen choose ‘Activate in-depth Scan’ at the bottom of the page and then choose:
    · Use Custom Scanning Options

    7. Click ‘Next’ and AdAware will scan your hard drive(s) with the options you have selected.

    8. Save the log file when it asks and then click ‘finish’

    9. REBOOT
    ----------------------------------------------------------
    SPYBOT SEARCH & DESTROY

    1. Next, download and install Spybot Search and Destroy .

    2. Go to Start > Programs >Spybot - Search & Destroy and choose ‘Spybot S&D - easy mode’

    3. Close ALL windows except Spybot S&D

    4. Click the button to ‘Search for Updates’ and download and install the Updates.

    5. Next click the button ‘Check for Problems’

    6. When Spybot is complete, it will be showing ‘RED’ entries ‘BLACK’ entries and ‘GREEN’ entries in the window

    7. Put a check mark beside the RED entries ONLY.

    8. Choose ‘Fix Selected Problems’ and allow Spybot to fix the RED entries.

    9. REBOOT


    reboot and post a fresh log

    i would uninstall kazaa, it is a huge security risk
     
Thread Status:
Not open for further replies.