re: 'Bridge Class'
Friday, March 12, 2004 at 8:04 am
Windows 2000 Annoyances Discussion Forum
Posted by arubalady
(1 messages posted)
March 12, 2004
I, too, was invaded by the brdg class - active X hack. Bazooka spyware scanner was
the most complete in the instructions how to remove this spyware. I downloaded this
from Downloads.com.
At the suggestion of one of the contributors in this thread, I blocked Active X
controls in Zone Alarm Pro- under privacy and mobile code.
I completed the instructions from Bazooka and shut down my computer and started in
safe mode. There after running start, run, msconfig I still found a check mark by
c:\windows\system\A.exe
I unchecked and hit apply - I did not restart my computer at this point.
I also opened internet explorer while still in safe mode - clicked on tools, internet
options, settings, view objects and deleted the brdg class object - it did say damaged.
Next, I ran Adaware - also down loaded from CNET's download.com - (run updates
as soon as you download this one) Two more keys in my registry were found containing
entries applying to this intrusion
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
Entry number 2 was
WinFavorites Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bridge
In one of these entries I found bridge.dll and bridge.inf
And of course I deleted both of these
I shut down my computer and restarted and I finally am free of this hack. I think
I am wondering what was possibly harvested from my computer... does anyone know the
answer to this - is this a key logger or data miner item??
There is still one more file that was associated with this intrusion and that is
atl.dll which I find is still a loaded component on my computer. It appears to be
real player that calls up this .dll and to confirm what another contributor said
--I believe I received this lovely file from the web site lyricsdomain.com
Stay away from that site..
I was looking for a song and clicked on this site from google. At the time my Active
X controls were not blocked.
I have window ME
Once again I feel real player contributed to my hack.
Thanks to Zephyr and CNET for Bazooka and Adaware
On Friday, March 12, 2004 at 5:45 am, lxllxll_dragon_llxllxl wrote:
>I found this in my startup list:
>
>rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load
>
>Hope that helps!
>
>
>
- Written in response to:
- re: 'Bridge Class' (lxllxll_dragon_llxllxl: Friday, March 12, 2004 at 5:45 am)
Responses to this message:
|
|
All messages in this thread [show all]
 |  | | | | | | |  | re: 'Bridge Class' (arubalady: Fri, Mar 12, 2004, 8:04 am) |
| | | | | | | | | | | | Bridge (ME: Sun, Apr 18, 2004, 1:07 pm) |
| |
| |
Return to the Windows 2000 Discussion Forum
|
|
