User Name Password Register
DaniWeb IT Discussion Community
All
What is DaniWeb IT Discussion Community?
You're currently browsing the Viruses, Spyware and other Nasties section within the Tech Talk category of DaniWeb, a massive community of 403,504 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 4,206 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our Viruses, Spyware and other Nasties advertiser: Programming Forums
Views: 254259 | Replies: 61
Closed Thread
Join Date: Jan 2004
Posts: 25
Reputation: scyth02 is an unknown quantity at this point 
Rep Power: 5
Solved Threads: 0
scyth02 scyth02 is offline Offline
Light Poster

What is BRIDGE.DLL

  #1  
Jan 26th, 2004
I keep getting a post-start up message about a "BRIDGE.DLL" missing from the system file. I have no clue what it is or where it went. Any help is appreciated.
AddThis Social Bookmark Button
 
Join Date: Aug 2003
Posts: 7,238
Reputation: caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light 
Rep Power: 24
Solved Threads: 311
Colleague
caperjack's Avatar
caperjack caperjack is offline Offline
Posting Sage

Re: What is BRIDGE.DLL

  #2  
Jan 27th, 2004
The file is spyware releated ,download the spyware programs at the bottom of my post and update them and run them ,do not remove anything with hijsckthis ,copy and paste the log in here ,
Boo!!!!! Sarcastic Jack
 
Join Date: Jan 2004
Posts: 25
Reputation: scyth02 is an unknown quantity at this point 
Rep Power: 5
Solved Threads: 0
scyth02 scyth02 is offline Offline
Light Poster

Re: What is BRIDGE.DLL

  #3  
Jan 27th, 2004
Spybot found nothing but bad cookies. Here is the hijackthis log:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE
C:\PROGRAM FILES\VERIZON ONLINE\WINPOET\WINPPPOVERETHERNET.EXE
C:\PROGRAM FILES\OFFICE KEYBOARD UTILITY\1.2\OFFICEKB.EXE
C:\WINDOWS\SYSTEM\HPZTSB07.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\PROGRAM FILES\OFFICE KEYBOARD UTILITY\1.2\MMKEYB.EXE
C:\PROGRAM FILES\OFFICE KEYBOARD UTILITY\1.2\TRAYMON.EXE
C:\PROGRAM FILES\OFFICE KEYBOARD UTILITY\1.2\OSD.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\PROFILES\BENJI\MY DOCUMENTS\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wizards.com/default.asp?x=mtgcom/welcome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer customized for Verizon Online
F1 - win.ini: run=hpfsched
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\SYSTEM\BRIDGE.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [a-winpoet-service] "C:\Program Files\Verizon Online\WinPoET\winpppoverethernet.exe"
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe C:\PROGRA~1\AIM95\DeadAIM.ocm,ExportedCheckODLs
O4 - HKLM\..\Run: [FLMOFFICEKEYBOARD] C:\Program Files\Office keyboard utility\1.2\OFFICEKB.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb07.exe
O4 - HKLM\..\Run: [CFJ] C:\WINDOWS\CFJ.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\SYSTEM\BRIDGE.DLL",Load
O4 - HKLM\..\Run: [systray] C:\WINDOWS\SYSTEM\A.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - User Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: AIM (HKLM)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.142/code/PWActiveXImgCtl.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex...trol_v1-32.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/sof...iveXPlugin.cab
 
Join Date: Aug 2003
Posts: 7,238
Reputation: caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light 
Rep Power: 24
Solved Threads: 311
Colleague
caperjack's Avatar
caperjack caperjack is offline Offline
Posting Sage

Re: What is BRIDGE.DLL

  #4  
Jan 27th, 2004
I'm new to reading these file I am getting help on another site,but the 2 that you should remove are :
Have hijack fix this
O2 - BHO: (no name) - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - C:\WINDOWS\SYSTEM\BRIDGE.DLL

O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\SYSTEM\BRIDGE.DLL",Load


run cwshreadder and then hijack again and post new log
Last edited by caperjack : Jan 27th, 2004 at 12:01 pm.
Boo!!!!! Sarcastic Jack
 
Join Date: Jan 2004
Posts: 25
Reputation: scyth02 is an unknown quantity at this point 
Rep Power: 5
Solved Threads: 0
scyth02 scyth02 is offline Offline
Light Poster

Re: What is BRIDGE.DLL

  #5  
Jan 27th, 2004
Done

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\NAVAPW32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE
C:\PROGRAM FILES\VERIZON ONLINE\WINPOET\WINPPPOVERETHERNET.EXE
C:\PROGRAM FILES\OFFICE KEYBOARD UTILITY\1.2\OFFICEKB.EXE
C:\WINDOWS\SYSTEM\HPZTSB07.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\PROGRAM FILES\OFFICE KEYBOARD UTILITY\1.2\MMKEYB.EXE
C:\PROGRAM FILES\OFFICE KEYBOARD UTILITY\1.2\TRAYMON.EXE
C:\PROGRAM FILES\OFFICE KEYBOARD UTILITY\1.2\OSD.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\PROFILES\BENJI\MY DOCUMENTS\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wizards.com/default.asp?x=mtgcom/welcome
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer customized for Verizon Online
F1 - win.ini: run=hpfsched
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [Adaptec DirectCD] C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [a-winpoet-service] "C:\Program Files\Verizon Online\WinPoET\winpppoverethernet.exe"
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe C:\PROGRA~1\AIM95\DeadAIM.ocm,ExportedCheckODLs
O4 - HKLM\..\Run: [FLMOFFICEKEYBOARD] C:\Program Files\Office keyboard utility\1.2\OFFICEKB.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb07.exe
O4 - HKLM\..\Run: [CFJ] C:\WINDOWS\CFJ.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [systray] C:\WINDOWS\SYSTEM\A.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O4 - User Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: AIM (HKLM)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.142/code/PWActiveXImgCtl.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex...trol_v1-32.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/sof...iveXPlugin.cab
 
Join Date: Aug 2003
Posts: 7,238
Reputation: caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light 
Rep Power: 24
Solved Threads: 311
Colleague
caperjack's Avatar
caperjack caperjack is offline Offline
Posting Sage

Re: What is BRIDGE.DLL

  #6  
Jan 27th, 2004
ok ,I will post back when i get answer from hijackthis log school!
Boo!!!!! Sarcastic Jack
 
Join Date: Aug 2003
Posts: 7,238
Reputation: caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light 
Rep Power: 24
Solved Threads: 311
Colleague
caperjack's Avatar
caperjack caperjack is offline Offline
Posting Sage

Re: What is BRIDGE.DLL

  #7  
Jan 27th, 2004
you need to delete this file ,BRIDGE.DLL
O4 - HKLM\..\Run: [RunDLL] rundll32.exe "C:\WINDOWS\SYSTEM\BRIDGE.DLL",Load

Also run hijack again and remve these

O4 - HKLM\..\Run: [systray] C:\WINDOWS\SYSTEM\A.EXE


Others often remove these
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe

And these activeX controls could go - if the user goes back to that site they would reinstall if required.
O16 - DPF: {6B4788E2-BAE8-11D2-A1B4-00400512739B} (PWMediaSendControl Class) - http://216.249.24.142/code/PWActiveXImgCtl.CAB
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/active...ntrol_v1-32.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/so...tiveXPlugin.cab


This you I need to do research on,
O4 - HKLM\..\Run: [CFJ] C:\WINDOWS\CFJ.exe
Last edited by caperjack : Jan 27th, 2004 at 1:50 pm.
Boo!!!!! Sarcastic Jack
 
Join Date: Aug 2003
Posts: 7,238
Reputation: caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light 
Rep Power: 24
Solved Threads: 311
Colleague
caperjack's Avatar
caperjack caperjack is offline Offline
Posting Sage

Re: What is BRIDGE.DLL

  #8  
Jan 27th, 2004
Also when you post a log make sure to post the top section simular to this .

Logfile of HijackThis v1.97.7
Scan saved at 2:03:50 PM, on 1/24/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boo!!!!! Sarcastic Jack
 
Join Date: Jan 2004
Posts: 25
Reputation: scyth02 is an unknown quantity at this point 
Rep Power: 5
Solved Threads: 0
scyth02 scyth02 is offline Offline
Light Poster

Re: What is BRIDGE.DLL

  #9  
Jan 27th, 2004
The first one I already deleted. I'm no longer getting the error message on post start up. Thanks for the help! I'll also delete the others.
 
Join Date: Aug 2003
Posts: 7,238
Reputation: caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light caperjack is a glorious beacon of light 
Rep Power: 24
Solved Threads: 311
Colleague
caperjack's Avatar
caperjack caperjack is offline Offline
Posting Sage

Re: What is BRIDGE.DLL

  #10  
Jan 27th, 2004
trying to figure out what this is --
O4 - HKLM\..\Run: [CFJ] C:\WINDOWS\CFJ.exe

Please search for it, then right-click the file and give me the information under it's "Properties". You may have to unhide system files and folders.
Boo!!!!! Sarcastic Jack
 
Closed Thread

Only community members can participate in forum threads. You must register or log in to contribute.

DaniWeb Viruses, Spyware and other Nasties Marketplace
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

 

Thread Tools Display Modes

Similar Threads
Other Threads in the Viruses, Spyware and other Nasties Forum

All times are GMT -4. The time now is 12:34 pm.
Forum system based on vBulletin Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
©2003 - 2008 DaniWeb® LLC