|
| ||
| Error Message on Start-up... RUNDLL: Error loading C:\windows\system 32\bridge.dll Logfile of HijackThis v1.99.1 Scan saved at 1:49:44 PM, on 12/17/2005 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\System32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\atiptaxx.exe C:\Program Files\ahead\InCD\InCD.exe C:\PROGRA~1\NORTON~1\navapw32.exe C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Common Files\Real\Update_OB\rndal.exe F:\ipod\itunes\iTunesHelper.exe U:\program files\quicktime\qttask.exe F:\ipod\bin\iPodService.exe U:\program files\logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\WINNT\System32\svchost.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe U:\program files\logitech\SetPoint\KEM.exe U:\program files\logitech\SetPoint\KHALMNPR.EXE C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINNT\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Aim\aim.exe C:\hijack\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINNT\system32/left.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.xmradio.com/xstream/servi...ount/index.jsp R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: (no name) - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - (no file) O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [CrazyTalk Serve] rundll32.exe C:\WINNT\System32\crazytalk.dll,DllServeMediaFile O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [RunWindowsUpdate] C:\WINNT\uptodate.exe O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINNT\Downloaded Program Files\bridge.dll",Load O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] "F:\ipod\itunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "U:\program files\quicktime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe O4 - HKCU\..\Run: [LDM] U:\program files\logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart O4 - Global Startup: InterVideo WinCinema Manager.lnk = InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = U:\program files\logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = U:\program files\logitech\SetPoint\KEM.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &iSearch The Web - res://C:\WINNT\system32\toolbar.dll/SEARCH.HTML O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0819.dll (file missing) O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0819.dll (file missing) O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\Aim\aim.exe O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/potb_x.cab O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?Link...04&clcid=0x409 O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} - http://toolbar.isearch.com/general/drm.cab O16 - DPF: {1CC506A7-1B8D-11D4-BDD5-0060977007E0} (CrazyTalk Player) - http://www.reallusion.com/Stuff/CrazyTalk.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/29a8ee0cc3a9a35...zip/RdxIE2.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.microline.org:8081/active...CamControl.cab O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://webcamnow.com/broadcast/ActiveXWebCam.cab O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/hitth...ave/wtinst.cab O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = zooville O17 - HKLM\System\CCS\Services\Tcpip\..\{06E088B0-49A0-415D-8C6E-35C6E72CBD8C}: Domain = zooville O17 - HKLM\System\CCS\Services\Tcpip\..\{06E088B0-49A0-415D-8C6E-35C6E72CBD8C}: NameServer = 207.69.188.185,207.69.188.186 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = zooville O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = zooville,mindspring.com O17 - HKLM\System\CS1\Services\Tcpip\..\{06E088B0-49A0-415D-8C6E-35C6E72CBD8C}: Domain = zooville O17 - HKLM\System\CS1\Services\Tcpip\..\{06E088B0-49A0-415D-8C6E-35C6E72CBD8C}: NameServer = 207.69.188.185,207.69.188.186 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = zooville O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = zooville,mindspring.com O17 - HKLM\System\CS2\Services\Tcpip\..\{06E088B0-49A0-415D-8C6E-35C6E72CBD8C}: Domain = zooville O17 - HKLM\System\CS2\Services\Tcpip\..\{06E088B0-49A0-415D-8C6E-35C6E72CBD8C}: NameServer = 207.69.188.185,207.69.188.186 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = zooville,mindspring.com O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - F:\ipod\bin\iPodService.exe O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe |
| ||
| Re: Error Message on Start-up... RUNDLL: Error loading C:\windows\system 32\bridge.dl You have a few different "unwanted guests" listed in your log. Please do the following: - Open your Add/Remove Programs control panel and uninstall these programs if they appear in the list of installed programs: My Way/My Search/My Bar Wild Tangent BrowserAid BrowserPal CashToolbar Web Toolbar iSearch If you did not knowingly install the "CrazyTalk" program, remove that as well. You will need to close/quit all web browser programs and disconnect from the Internet for the following, so you should print out these instructions or save them into a text file with Notepad. 1. Download and install these utilities (but do not run scans with them yet): ewido Security Suite (trial version) - http://www.ewido.net/en/download/ Microsoft Anti-Spyware beta - http://www.microsoft.com/downloads/...&displaylang=en - Open ewido. In the main screen, click "Update" and click "Start Update". After the update process completes, exit from Ewido. - Open MS Antispyware beta. Make sure the "AntiSpyware Autoupdater" feature is enabled, and that it has downloaded the most current antispyware updates. Close the program after you've verified this. - Open Norton Anti-virus and use its LiveUpdate feature to make sure that you have the most current virus definitions installed. As with the above programs, don't run a scan with it; just close it once it is updated. 3. Download and install the CCleaner utility, but don't run it yet. 4. Run HijackTHis again, put a check mark next to the following entries, and then click the "Fix checked" button. Close HJT once it has finished performing its fixes: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINNT\system32/left.html R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: (no name) - {1C78AB3F-A857-482e-80C0-3A1E5238A565} - (no file) O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O4 - HKLM\..\Run: [CrazyTalk Serve] rundll32.exe C:\WINNT\System32\crazytalk.dll,DllServeMediaFile <--if "CrazyTalk" was not intentionally installed O4 - HKLM\..\Run: [RunWindowsUpdate] C:\WINNT\uptodate.exe O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINNT\Downloaded Program Files\bridge.dll",Load O8 - Extra context menu item: &iSearch The Web - res://C:\WINNT\system32\toolbar.dll/SEARCH.HTML O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/hitt...wave/wtinst.cab 5. Reboot into Safe Mode (you get to the safe mode boot option by hitting the F8 key as your computer is starting up). 6. Run CCleaner. It may take a while for the program to perform its cleaning, so be patient. Close the program when it has finished. 7. Run Norotn, ewido, and MS Antispyware beta consecutively; have the programs fix all malicious items they find. When ewido finds the first malicious object on your system, it will ask you if it should clean it. When it asks this, put a checkmark in the lower left corner of the box that says "Perform action on all infections", then choose clean and click OK. Save the log file that ewido will create after it finishes scanning; you'll be including that log in your next post here. 8. Open Windows Explorer, and in the Folder Options->View settings under the Tools menu, select "show hidden files and folders", and uncheck "Hide protected operating system files" and "Hide extentions for known file types". - Locate and delete the following files (some of these should already have been deleted by the removal utilities): C:\WINNT\System32\crazytalk.dll <--if "CrazyTalk" was not intentionally installed C:\WINNT\uptodate.exe C:\WINNT\Downloaded Program Files\bridge.dll C:\WINNT\system32\toolbar.dll - Delete the following folders entirely if they exist: C:\Program Files\MyWay C:\Program Files\WildTangent C:\WINNT\WT 9. Empty your Recycle Bin, reboot normally, run HijackThis again, and post the new log. Also post the log that ewido generated. |
| ||
| Re: Error Message on Start-up... RUNDLL: Error loading C:\windows\system 32\bridge.dl Logfile of HijackThis v1.99.1 Scan saved at 9:07:52 AM, on 1/14/2006 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\svchost.exe U:\program files\ewido anti-malware\ewidoctrl.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\mcshield.exe C:\Program Files\Network Associates\VirusScan\vstskmgr.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\Explorer.EXE C:\WINNT\System32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\atiptaxx.exe C:\Program Files\ahead\InCD\InCD.exe C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe F:\ipod\itunes\iTunesHelper.exe U:\program files\quicktime\qttask.exe C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe U:\program files\logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe U:\program files\logitech\SetPoint\KEM.exe U:\program files\logitech\SetPoint\KHALMNPR.EXE F:\ipod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Aim\aim.exe C:\hijack\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.xmradio.com/xstream/servi...ount/index.jsp R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - U:\program files\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\evntsvc.exe -osboot O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] "F:\ipod\itunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "U:\program files\quicktime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKCU\..\Run: [LDM] U:\program files\logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart O4 - Global Startup: InterVideo WinCinema Manager.lnk = InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = U:\program files\logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = U:\program files\logitech\SetPoint\KEM.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINNT\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\WINNT\system32\shdocvw.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\Aim\aim.exe O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/game...s/y/potb_x.cab O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?Link...04&clcid=0x409 O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/29a8ee0cc3a9a35...zip/RdxIE2.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://www.microline.org:8081/active...CamControl.cab O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://webcamnow.com/broadcast/ActiveXWebCam.cab O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = zooville O17 - HKLM\System\CCS\Services\Tcpip\..\{06E088B0-49A0-415D-8C6E-35C6E72CBD8C}: Domain = zooville O17 - HKLM\System\CCS\Services\Tcpip\..\{06E088B0-49A0-415D-8C6E-35C6E72CBD8C}: NameServer = 207.69.188.185,207.69.188.186 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = zooville O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = zooville,mindspring.com O17 - HKLM\System\CS1\Services\Tcpip\..\{06E088B0-49A0-415D-8C6E-35C6E72CBD8C}: Domain = zooville O17 - HKLM\System\CS1\Services\Tcpip\..\{06E088B0-49A0-415D-8C6E-35C6E72CBD8C}: NameServer = 207.69.188.185,207.69.188.186 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = zooville O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = zooville,mindspring.com O17 - HKLM\System\CS2\Services\Tcpip\..\{06E088B0-49A0-415D-8C6E-35C6E72CBD8C}: Domain = zooville O17 - HKLM\System\CS2\Services\Tcpip\..\{06E088B0-49A0-415D-8C6E-35C6E72CBD8C}: NameServer = 207.69.188.185,207.69.188.186 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = zooville,mindspring.com O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: ewido security suite control - ewido networks - U:\program files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - U:\program files\ewido anti-malware\ewidoguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - F:\ipod\bin\iPodService.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe + Created on: 7:56:17 PM, 1/13/2006 + Report-Checksum: A69409DA + Scan result: HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Spyware.Altnet : Cleaned with backup HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup HKLM\SOFTWARE\Classes\Interface\{4438A5DC-E00B-41A0-B0E6-B63FD3B86EEE} -> Spyware.NetworkEssentials : Cleaned with backup HKLM\SOFTWARE\Classes\TypeLib\{4767C447-EF15-42F2-8809-68ADB7FA76F1} -> Spyware.NetworkEssentials : Cleaned with backup HKLM\SOFTWARE\DelFin -> Spyware.Delfin : Cleaned with backup HKLM\SOFTWARE\DelFin\PromulGate -> Spyware.Delfin : Cleaned with backup HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1C78AB3F-A857-482E-80C0-3A1E5238A565} -> Spyware.iSearch : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DelFin Media Viewer -> Spyware.Delfin : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaLoads Enhanced -> Spyware.Downloadware : Cleaned with backup HKU\S-1-5-21-2000478354-1682526488-1957994488-1002\Software\DelFin -> Spyware.Delfin : Cleaned with backup HKU\S-1-5-21-2000478354-1682526488-1957994488-1002\Software\DelFin\PromulGate -> Spyware.Delfin : Cleaned with backup :mozilla.7:C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\6yxmbinl.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\Cache\EE2576BEd01 -> Spyware.BookedSpace : Cleaned with backup :mozilla.9:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Clickagents : Cleaned with backup :mozilla.10:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.11:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.12:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.13:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup :mozilla.14:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.15:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Popuptraffic : Cleaned with backup :mozilla.20:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup :mozilla.23:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup :mozilla.24:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.25:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.26:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.27:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.28:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.29:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup :mozilla.30:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup :mozilla.34:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Euniverseads : Cleaned with backup :mozilla.35:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup :mozilla.37:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Popuptraffic : Cleaned with backup :mozilla.38:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Popuptraffic : Cleaned with backup :mozilla.41:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Popuptraffic : Cleaned with backup :mozilla.50:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Popuptraffic : Cleaned with backup :mozilla.57:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.58:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.59:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.61:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.62:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.63:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.64:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.66:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.67:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.68:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.69:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.70:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.71:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.72:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.73:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.74:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.77:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup :mozilla.78:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.79:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.80:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.81:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.82:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup :mozilla.92:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.93:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.96:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.98:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.99:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup :mozilla.101:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup :mozilla.107:C:\Documents and Settings\Justin\Local Settings\Application Data\Mozilla\Profiles\default\rpqjcya1.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Spyware.Wheaterbug : Cleaned with backup C:\Program Files\Common Files\Sony Shared\Visualizer\ExlGen.dll -> Dialer.Generic : Cleaned with backup C:\Program Files\MediaLoads\notify\notify.exe -> Spyware.ClipGenie : Cleaned with backup C:\Program Files\MediaLoads\v1\ML.exe -> Spyware.DownloadWare : Cleaned with backup C:\Program Files\Mozilla Firefox\plugins\npwthost.dll -> Spyware.WildTangent : Cleaned with backup C:\Program Files\NavExcel\NavHelper\v2.0.4\NHelper.dll -> Spyware.NavExcel : Cleaned with backup C:\Program Files\NavExcel\NavHelper\v2.0.4\NHUninstaller.exe -> Adware.NavExcel : Cleaned with backup C:\Program Files\NavExcel\NavHelper\v2.0.4\NHUpdater.exe -> Spyware.NavExcel : Cleaned with backup C:\Program Files\NavExcel\NavHelper\v2.0.4\v2.0.4.cab/NHUninstaller.exe -> Adware.NavExcel : Error during cleaning C:\Program Files\NavExcel\NavHelper\v2.0.4\v2.0.4.cab/NHelper.dll -> Spyware.NavExcel : Error during cleaning C:\Program Files\NavExcel\NavHelper\v2.0.4\v2.0.4.cab/NHUpdater.exe -> Spyware.NavExcel : Error during cleaning C:\Program Files\Netscape\Netscape 6\Plugins\npwthost.dll -> Spyware.WildTangent : Cleaned with backup C:\WINNT\NDNuninstall5_40.exe -> Spyware.NewDotNet : Cleaned with backup C:\WINNT\NDNuninstall5_48.exe -> Adware.NewDotNet : Cleaned with backup C:\WINNT\NDNuninstall5_64.exe -> Spyware.NewDotNet : Cleaned with backup C:\WINNT\system32\chktrust.exe -> Spyware.BargainBuddy : Cleaned with backup |
| ||
| Re: Error Message on Start-up... RUNDLL: Error loading C:\windows\system 32\bridge.dl Looks good. Your HTJ log is clean now, and ewido apppears to have done its job as well. Does everything seem to be functioning properly now? |
| ||
| Re: Error Message on Start-up... RUNDLL: Error loading C:\windows\system 32\bridge.dl yes. |
| ||
| Re: Error Message on Start-up... RUNDLL: Error loading C:\windows\system 32\bridge.dl Quote:
|
| All times are GMT -4. The time now is 1:47 pm. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC