problem with the file system32\bridge.dll

Discussion in 'adware, spyware & hijack cleaning' started by zoolzi, Jun 28, 2004.

Thread Status:
Not open for further replies.
  1. zoolzi

    zoolzi Registered Member

    Joined:
    Jun 28, 2004
    Posts:
    1
    hi!
    when i switch on my computer this message appears:
    "error loading c:\windows\system32\bridge.dll
    the module cannot be found"
    this message just appeared after i deleted some files infected by the worm sasser. since that time my computer is much slower than before.
    the program i ran is spybot.
    please help me.
    thanks

    Logfile of HijackThis v1.97.7
    Scan saved at 17:42:17, on 28/06/2004
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
    C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\WINDOWS\System32\ezSP_Px.exe
    C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe
    C:\WINDOWS\ehome\ehmsas.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\EzButton\CplBTQ00.EXE
    C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    C:\WINDOWS\System32\xvshost.exe
    C:\WINDOWS\System32\dumfzf.exe
    C:\WINDOWS\mdqr.exe
    C:\windows\system32\mstask32.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\oxedup.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\WINDOWS\System32\DVDRAMSV.exe
    C:\WINDOWS\ehome\ehSched.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Downloads\HijackThis.exe

    R3 - Default URLSearchHook is missing
    O2 - BHO: IE Agent - {00000000-0000-0000-0000-000000000221} - C:\Program Files\ClearSearch\CSIE.DLL
    O2 - BHO: (no name) - {0000607D-D204-42C7-8E46-216055BF9918} - C:\WINDOWS\mxTarget.dll
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - C:\WINDOWS\2_0_1browserhelper2.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\fr\msntb.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
    O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
    O4 - HKLM\..\Run: [Drag'n Drop CD+DVD] C:\Program Files\Drag'n Drop CD+DVD\BinFiles\DragDrop.exe /StartUp
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [CplBTQ00] C:\Program Files\EzButton\CplBTQ00.EXE
    O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
    O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\System32\oczwicnv.exe
    O4 - HKLM\..\Run: [Microsoft Update] esplorer.exe
    O4 - HKLM\..\Run: [NAVSCANNER32] NAVSCANNER32.EXE
    O4 - HKLM\..\Run: [Microsoft Services] lsrv.exe
    O4 - HKLM\..\Run: [Microsoft Update Machine] xvshost.exe
    O4 - HKLM\..\Run: [lxvbsvp] C:\WINDOWS\System32\dumfzf.exe
    O4 - HKLM\..\Run: [mdqr] C:\WINDOWS\mdqr.exe
    O4 - HKLM\..\Run: [lsasss.exe] C:\WINDOWS\lsasss.exe
    O4 - HKLM\..\Run: [Windows Task Scheduler] C:\windows\system32\mstask32.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [oxedup] C:\WINDOWS\oxedup.exe
    O4 - HKLM\..\RunServices: [Microsoft Update] esplorer.exe
    O4 - HKLM\..\RunServices: [NAVSCANNER32] NAVSCANNER32.EXE
    O4 - HKLM\..\RunServices: [Microsoft Services] lsrv.exe
    O4 - HKLM\..\RunServices: [Microsoft Update Machine] xvshost.exe
    O4 - HKLM\..\RunServices: [Windows Task Scheduler] C:\windows\system32\mstask32.exe
    O4 - HKCU\..\Run: [Microsoft Update] esplorer.exe
    O4 - HKCU\..\Run: [NAVSCANNER32] NAVSCANNER32.EXE
    O4 - HKCU\..\Run: [Microsoft Update Machine] xvshost.exe
    O4 - HKCU\..\Run: [Microsoft Services] lsrv.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra button: Research (HKLM)
    O9 - Extra button: Related (HKLM)
    O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
    O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) - http://www.microsoft.com/security/controls/Sasser/20/SassCln.CAB
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
     
  2. Marianna

    Marianna Spyware Fighter

    Joined:
    Apr 23, 2002
    Posts:
    1,215
    Location:
    B.C. Canada
    Hi zoolzi

    Wow - will be worth the "trip" to AV on-line scans:

    http://housecall.antivirus.com/

    http://www.bitdefender.com/scan/Msie/index.php

    http://www.pandasoftware.es/activescan/activescan-com.asp

    http://www.ravantivirus.com/scan/

    Be sure and put a check in the box by "Auto Clean" before you do the scan. If it finds anything that it cannot clean have it delete it or make a note of the file location so you can delete it yourself.

    After you scanned and cleaned -

    Then reboot and use AdAware as described here:
    https://www.wilderssecurity.com/showthread.php?t=15913

    Then use the Disk Cleanup Utility to empty all your Temp folders.

    Then Disable system restore: Instructions here
    Reboot

    Enable System Restore.

    Pls. post another log.
     
Thread Status:
Not open for further replies.