I have no idea how this file got on my computer or what it does, but last night I 
noticed this file that is running on my startup. I tried deleting it from msconfig 
and currentversion\run but it just keeps coming back.

The file is located in: 
'C:\Winnt\Downloaded Program Files' under the name of 'brdg class.'

I tried just deleting/removing the file but it tells me it is currently in use. I 
viewed the properties of the file and this is what I found.

Brdg Class
Type: Active-X Control
Creation Date: 12/23/03 7:26pm
Last Accessed: 12/24/03
Total Size: 57,344 bytes (56kb)
ID: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
Status: Installed
CodeBase: http://www2.flingstone.com/cab/2000XP/bridge.cab

I downloaded the file and viewed the contents with Notepad. There were 2 files, bridge.dll 
and bridge.inf.

I searched my computer for 'bridge.dll' and 'bridge.inf' but no entries were found.

The contents of 'bridge.inf' are:

; INF file for bridge

[version] 
; version signature (same for both NT and Win95) do not remove
signature="$CHICAGO$"
AdvancedINF=2.0  

[Add.Code]
bridge.dll=bridge.dll

[bridge.dll]
file-win32-x86=thiscab
clsid={9C691A33-7DDA-4C2F-BE4C-C176083F35CF}
FileVersion=1,0,0,109
RegisterServer=yes

I went to the website that it gave me and it was just a picture but I think it is 
some kind of search bar.

And and and, I can't believe I didn't think of the easiest solution. Try going to 
Add/Remove programs and seeing if it was in there.

Now I feel really stupid and I am just rambling on but I guess I am going to post 
this anyway.

Tip: Run a free scan for common Windows errors ad

re: 'Bridge Class' Thursday, December 25, 2003 at 12:09 am Posted by MaddMaxx (1988 messages posted) You have been hacked, browser type. Download CWShredder. It will remove that stuff. On Wednesday, December 24, 2003 at 4:43 pm, john wrote: >I have no idea how this file got on my computer or what it does, but last night I >noticed this file that is running on my startup. I tried deleting it from msconfig >and currentversion\run but it just keeps coming back. > >The file is located in: >'C:\Winnt\Downloaded Program Files' under the name of 'brdg class.' > >I tried just deleting/removing the file but it tells me it is currently in use. I >viewed the properties of the file and this is what I found. > >Brdg Class >Type: Active-X Control >Creation Date: 12/23/03 7:26pm >Last Accessed: 12/24/03 >Total Size: 57,344 bytes (56kb) >ID: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} >Status: Installed >CodeBase: http://www2.flingstone.com/cab/2000XP/bridge.cab > >I downloaded the file and viewed the contents with Notepad. There were 2 files, bridge.dll >and bridge.inf. > >I searched my computer for 'bridge.dll' and 'bridge.inf' but no entries were found. > >The contents of 'bridge.inf' are: > >; INF file for bridge > >[version] >; version signature (same for both NT and Win95) do not remove >signature="$CHICAGO$" >AdvancedINF=2.0 > >[Add.Code] >bridge.dll=bridge.dll > >[bridge.dll] >file-win32-x86=thiscab >clsid={9C691A33-7DDA-4C2F-BE4C-C176083F35CF} >FileVersion=1,0,0,109 >RegisterServer=yes > >I went to the website that it gave me and it was just a picture but I think it is >some kind of search bar. > >And and and, I can't believe I didn't think of the easiest solution. Try going to >Add/Remove programs and seeing if it was in there. > >Now I feel really stupid and I am just rambling on but I guess I am going to post >this anyway. [Reply or follow-up to this message] re: 'Bridge Class' Thursday, December 25, 2003 at 11:29 am Posted by Dave (813 messages posted) Yah, Here are the culprits: http://www2.flingstone.com A lot of a**holes are emulating MS .net to get to us. On Thursday, December 25, 2003 at 12:09 am, MaddMaxx wrote: >You have been hacked, browser type. Download CWShredder. It will remove that stuff. > > [Reply or follow-up to this message] re: 'Bridge Class' Friday, January 23, 2004 at 6:47 pm Posted by Jeremy (3 messages posted) Oh nice link it says click add/reomve to remove it. Ok guys NOTHING is removing this. CWShredder isn't doing. Ad-ware. McAfee... NOTHING. Best I could manage to do with this on is find the A.exe file it uses and damage it AT BEST. I think this one is a NEW one and its just not responding to anything I use to remove it. On Thursday, December 25, 2003 at 11:29 am, Daav wrote: >Yah, Here are the culprits: http://www2.flingstone.com >A lot of a**holes are emulating MS .net to get to us. > > [Reply or follow-up to this message] re: 'Bridge Class' Sunday, January 25, 2004 at 3:22 pm Posted by Robert (1 messages posted) You probably got it from the slimeballs at freeze.com that also operates 'negativebeats.com' and have a relationship with uber-scumbags at searchbarcash.com. BTW, keep away from sandralyrics.com, icelyrics.com, and lyricsdomain.com. To get rid of it you might try this: Get a program from mlin.net that allows you to easily control startup items. I use startup.exe to immediately make changes, and I use startupmonitor to prevent stuff from arbitrarily adding itself to the startup sequence. For a permanent startup editor, grab the startup control panel applet. Now, to remove this bug, try going to prcview.com and getting prcview. It should 'kill' the process that is running. Once killed, you should be able to delete the active x control. If you want to try another spyware killer, try spybot s&d from security.kolla.de FWIW, you can also deactivate automatic activation of ActiveX controls via the settings in your browser. One last thing: get yourself a good firewall that alerts you to when a spyware tries to call home. ;c) Hope this helps, Robert Reese~ On Friday, January 23, 2004 at 6:47 pm, Jeremy wrote: >Oh nice link it says click add/reomve to remove it. > >Ok guys NOTHING is removing this. CWShredder isn't doing. Ad-ware. McAfee... NOTHING. >Best I could manage to do with this on is find the A.exe file it uses and damage >it AT BEST. > >I think this one is a NEW one and its just not responding to anything I use to remove it. [Reply or follow-up to this message] re: 'Bridge Class' Tuesday, January 27, 2004 at 12:35 pm Posted by Nuts4pi (1 messages posted) I stumbled onto this forumbecause I've hadd the same bridge.dll error when I start Win98. Just wanted you to know that Robert's solution about getting the control panel appelet from mlin.net worked! Thanks everyone! PS - If you've tried to remove the"Bridge Class" by using the add/remove program from the Control Panel, it won't work. On Sunday, January 25, 2004 at 3:22 pm, Robert wrote: >You probably got it from the slimeballs at freeze.com that also operates 'negativebeats.com' >and have a relationship with uber-scumbags at searchbarcash.com. BTW, keep away >from sandralyrics.com, icelyrics.com, and lyricsdomain.com. > >To get rid of it you might try this: Get a program from mlin.net that allows you >to easily control startup items. I use startup.exe to immediately make changes, >and I use startupmonitor to prevent stuff from arbitrarily adding itself to the startup >sequence. For a permanent startup editor, grab the startup control panel applet. > >Now, to remove this bug, try going to prcview.com and getting prcview. It should >'kill' the process that is running. Once killed, you should be able to delete the >active x control. If you want to try another spyware killer, try spybot s&d from >security.kolla.de > >FWIW, you can also deactivate automatic activation of ActiveX controls via the settings >in your browser. >One last thing: get yourself a good firewall that alerts you to when a spyware tries >to call home. ;c) > >Hope this helps, >Robert Reese~ > [Reply or follow-up to this message] Removing Bridge Class Saturday, January 31, 2004 at 11:32 am Posted by SteveO (1 messages posted) ok, i've had the same problem with Bridge Class and i finally removed it, it took about 2 hours, well here is what i did, as you mentioned above, the files that come with this are bridge.dll and bridge.inf, those files are there but for some odd reason windows will not show them. they are located in windows\downloaded program files\ so heres what you do.. Restart your computer in DOS mode (Command Prompt), completely exit windows, then type in "cd\windows\downlo~1" then u should be in the directory, (note: it may not be windows to you it could be "cd\winnt\dowloa~1", etc) Once you are in that folder type "DIR", this will show you the directory file listing in that folder, if bridge.dll and bridge.inf are there, then type "del bridge.dll" and del bridge.inf" after you completed that, restart windows, and goto that same folder (C:\windows\downloaded program files" then right click on bridge class and remove it. this all worked for me, then any other adware that came along with it you can delete without a problem [Reply or follow-up to this message] re: 'Bridge Class' Wednesday, February 4, 2004 at 5:14 am Posted by BillyJ (1 messages posted) First, I'd like to propose that we all jump in my truck and head over to Flingstone's offices and just whip the crap out of that bunch! (ventmode=off) Ah, now I feel much better! OK, here ya go. These are the instructions on how to remove FS Bridge: http://www.kephyr.com/spywarescanner/library/flingstonebridge/index.phtml If you decide to do the "Manual Removal" method, be sure to EXPORT YOUR REGISTRY (its in the "File" menu pulldown in the registry editor) BEFORE YOU GO WHACKING AROUND IN YOUR REGISTRY!!!! Please do not bypass this important step. On Friday, January 23, 2004 at 6:47 pm, Jeremy wrote: >Oh nice link it says click add/reomve to remove it. > >Ok guys NOTHING is removing this. CWShredder isn't doing. Ad-ware. McAfee... NOTHING. >Best I could manage to do with this on is find the A.exe file it uses and damage >it AT BEST. > >I think this one is a NEW one and its just not responding to anything I use to remove >it. > > [Reply or follow-up to this message] re: 'Bridge Class' Tuesday, February 10, 2004 at 12:23 pm Posted by Hazel1014 (1 messages posted) Jeez, people!!!!!! One of you said it took 2 hours, I have been WEEKS with this thing! > I picked up an excellent couple of programs, IHateSpam, IHatePopups, and PestPatrol. The PestPatrol did a really good job, but I guess it missed that file. I can't even begin to tell you the hours and hours and hours I searched the web to try and find out about this. I actually thought it was a legitimate file that I deleted the rest of the program for - I didn't know what else to do or where else to look. > Needless to say, I am going right out on the web now to the website you suggested, and take care of this file once and for all. > Thanks, Hazel > PS Billy, swing by my house and pick me up on the way over to Flingstones, I have a few stones I'd like to fling their way..... On Wednesday, February 4, 2004 at 5:14 am, BillyJ wrote: >First, I'd like to propose that we all jump in my truck and head over to Flingstone's >offices and just whip the crap out of that bunch! > >(ventmode=off) > >Ah, now I feel much better! > >OK, here ya go. >These are the instructions on how to remove FS Bridge: > >http://www.kephyr.com/spywarescanner/library/flingstonebridge/index.phtml > >If you decide to do the "Manual Removal" method, be sure to EXPORT YOUR REGISTRY >(its in the "File" menu pulldown in the registry editor) BEFORE YOU GO WHACKING AROUND >IN YOUR REGISTRY!!!! Please do not bypass this important step. > [Reply or follow-up to this message] re: 'Bridge Class' Saturday, February 14, 2004 at 10:45 am Posted by Alan (1 messages posted) Thank you Hazel1014! The kephyr.com instructions removed the pest - something PestPatrol and Registry mechanic could not do!! On Tuesday, February 10, 2004 at 12:23 pm, Hazel1014 wrote: >Jeez, people!!!!!! > >One of you said it took 2 hours, I have been WEEKS with this thing! > >I picked up an excellent couple of programs, IHateSpam, IHatePopups, and PestPatrol. > The PestPatrol did a really good job, but I guess it missed that file. I can't >even begin to tell you the hours and hours and hours I searched the web to try and >find out about this. I actually thought it was a legitimate file that I deleted >the rest of the program for - I didn't know what else to do or where else to look. > >Needless to say, I am going right out on the web now to the website you suggested, >and take care of this file once and for all. > >Thanks, >Hazel > >PS Billy, swing by my house and pick me up on the way over to Flingstones, I have >a few stones I'd like to fling their way..... > > [Reply or follow-up to this message] re: 'Bridge Class' Wednesday, February 25, 2004 at 10:36 am Posted by David (1 messages posted) Likewise the Kephyr.com instruction worked for me also but they forgot one step if you can't automatically remove the bridge from Add/Remove programs but the entry is left on the list then you need to remove the entry for that as well. The process to remove this is easy enough and works for any program that was uninstalled incorrectly. This uses the registry so if you ten, behave like a ten year old or have the mentality of a ten year old "Destructive" and you know who you are then don't do this. Okay your going to do it anyway just becareful. To open your registry go to run type "regedit" 1. Back it up by selecting my computer from the top left browse window and choosing file>export give it a name like say "backup". Now to remove that pesky entry. 2. Browse to HKEY>LocalMachine>Software>Microsoft>Windows>CurrentVersion>Uninstall 3. Remove the key called "bridge" All this does is remove the entry from the Add/Remove Items list. Have a great day. On Saturday, February 14, 2004 at 10:45 am, Alan wrote: >Thank you Hazel1014! > >The kephyr.com instructions removed the pest - something PestPatrol and Registry >mechanic could not do!! > > [Reply or follow-up to this message] re: 'Bridge Class' Sunday, February 29, 2004 at 7:53 am Posted by radu (1 messages posted) Hi, It looks that I've got My Search Bar.B: I went to http://www.kephyr.com/spywarescanner/library/mysearchbar.b/index.phtml?source=app, downloaded Bazooka Spyware Scanner, and obtained this log : Result when scanning: My Search Bar.B 778.777.000 {0494D0D9-F8E0-41AD-92A3-14154ECE70AC} HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} http://www.kephyr.com/spywarescanner/library/mysearchbar.b/index.phtml but in HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar there is no ShellBrowser, just the ToolBar folder that has this key : 8E718888-423F-11D2-876E-00A0C9082467. I looked in http://www.kephyr.com/spywarescanner/library/mysearchbar.b/index.phtml?source=app and among the faulty entries indicated there I didn’t find but this one : 04079851-5845-4dea-848C-3ECD647AA554 that I deleted. I have no more Search Assistant in Add/Remove Programs. Nevertheless, Bazooka still warns me that I have the My Search Bar.B ... Besides, when I start the computer I get the message that the bridge.dll couldn’t be found ... In 'HKEY_LOCAL_MACHINE \ SOFTWARE \ Classes \ CLSID\ I have this entry: {04079854-5845-4dea-848C-3ECD647AA554} that I didn’t delete because it is not the 04079851-5845-4dea-848C-3ECD647AA554. The difference is in the 8th digit – I don’t know what this entry means. I've already removed the bridge folder in HKEY>LocalMachine>Software>Microsoft>Windows>CurrentVersion>Uninstall It looks like quite very hidden the whole thing ... On Wednesday, February 25, 2004 at 10:36 am, David wrote: >Likewise the Kephyr.com instruction worked for me also but they forgot one step if >you can't automatically remove the bridge from Add/Remove programs but the entry >is left on the list then you need to remove the entry for that as well. > >The process to remove this is easy enough and works for any program that was uninstalled >incorrectly. > >This uses the registry so if you ten, behave like a ten year old or have the mentality >of a ten year old "Destructive" and you know who you are then don't do this. > >Okay your going to do it anyway just becareful. > >To open your registry go to run type "regedit" > >1. Back it up by selecting my computer from the top left browse window and choosing >file>export give it a name like say "backup". > >Now to remove that pesky entry. > >2. Browse to HKEY>LocalMachine>Software>Microsoft>Windows>CurrentVersion>Uninstall > >3. Remove the key called "bridge" > >All this does is remove the entry from the Add/Remove Items list. > >Have a great day. > > On Wednesday, February 25, 2004 at 10:36 am, David wrote: >Likewise the Kephyr.com instruction worked for me also but they forgot one step if >you can't automatically remove the bridge from Add/Remove programs but the entry >is left on the list then you need to remove the entry for that as well. > >The process to remove this is easy enough and works for any program that was uninstalled >incorrectly. > >This uses the registry so if you ten, behave like a ten year old or have the mentality >of a ten year old "Destructive" and you know who you are then don't do this. > >Okay your going to do it anyway just becareful. > >To open your registry go to run type "regedit" > >1. Back it up by selecting my computer from the top left browse window and choosing >file>export give it a name like say "backup". > >Now to remove that pesky entry. > >2. Browse to HKEY>LocalMachine>Software>Microsoft>Windows>CurrentVersion>Uninstall > >3. Remove the key called "bridge" > >All this does is remove the entry from the Add/Remove Items list. > >Have a great day. > > [Reply or follow-up to this message] re: 'Bridge Class' Tuesday, March 9, 2004 at 11:18 pm Posted by ThatGuy (1 messages posted) The same thing popped up right now for me saying that I was missing a bridge.dll file but i doubted that it was required for windows. I am also running windows 98 and when I went to add/remove programs and chose to get rid of the program it didn't give any hassle it just said "bridge removed, reboot computer for effects to happen." On Tuesday, January 27, 2004 at 12:35 pm, Nuts4pi wrote: >I stumbled onto this forumbecause I've hadd the same bridge.dll error when I start >Win98. Just wanted you to know that Robert's solution about getting the control >panel appelet from mlin.net worked! Thanks everyone! >PS - If you've tried to remove the"Bridge Class" by using the add/remove program >from the Control Panel, it won't work. > [Reply or follow-up to this message] re: 'Bridge Class' Friday, March 12, 2004 at 5:45 am Posted by lxllxll_dragon_llxllxl (1 messages posted) I found this in my startup list: rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load Hope that helps! On Tuesday, March 9, 2004 at 11:18 pm, ThatGuy wrote: > >The same thing popped up right now for me saying that I was missing a bridge.dll >file but i doubted that it was required for windows. I am also running windows 98 >and when I went to add/remove programs and chose to get rid of the program it didn't >give any hassle it just said "bridge removed, reboot computer for effects to happen." > > > > [Reply or follow-up to this message] re: 'Bridge Class' Friday, March 12, 2004 at 8:04 am Posted by arubalady (1 messages posted) March 12, 2004 I, too, was invaded by the brdg class - active X hack. Bazooka spyware scanner was the most complete in the instructions how to remove this spyware. I downloaded this from Downloads.com. At the suggestion of one of the contributors in this thread, I blocked Active X controls in Zone Alarm Pro- under privacy and mobile code. I completed the instructions from Bazooka and shut down my computer and started in safe mode. There after running start, run, msconfig I still found a check mark by c:\windows\system\A.exe I unchecked and hit apply - I did not restart my computer at this point. I also opened internet explorer while still in safe mode - clicked on tools, internet options, settings, view objects and deleted the brdg class object - it did say damaged. Next, I ran Adaware - also down loaded from CNET's download.com - (run updates as soon as you download this one) Two more keys in my registry were found containing entries applying to this intrusion WinFavorites Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF} Entry number 2 was WinFavorites Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bridge In one of these entries I found bridge.dll and bridge.inf And of course I deleted both of these I shut down my computer and restarted and I finally am free of this hack. I think I am wondering what was possibly harvested from my computer... does anyone know the answer to this - is this a key logger or data miner item?? There is still one more file that was associated with this intrusion and that is atl.dll which I find is still a loaded component on my computer. It appears to be real player that calls up this .dll and to confirm what another contributor said --I believe I received this lovely file from the web site lyricsdomain.com Stay away from that site.. I was looking for a song and clicked on this site from google. At the time my Active X controls were not blocked. I have window ME Once again I feel real player contributed to my hack. Thanks to Zephyr and CNET for Bazooka and Adaware On Friday, March 12, 2004 at 5:45 am, lxllxll_dragon_llxllxl wrote: >I found this in my startup list: > >rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load > >Hope that helps! > > > [Reply or follow-up to this message] re: 'Bridge Class' Friday, March 12, 2004 at 6:40 pm Posted by Steve (1 messages posted) They got me too Thanks to the wonderful help from http://www.kephyr.com/spywarescanner/supportus.phtml Doing the Add/Remove programs method only worked so so for me, using the manual instructions from kephyr worked great. Below is the information on those B*&%^tards at FlingStone, aka LoudMarketing, aka imashare.com. If anyone is in the area it would be nice to stop by and let them know what a bunch of pigs they are. At the very least, we all have their email addresses below so you can sign them up for a bunch of spam. domain: flingstone.com status: production organization: CDT Inc. owner: Domain Manager email: domains@loudmarketing.com address: P.O. Box 181 address: TMR P.O. city: Mont-Royal state: Quebec postal-code: H3P3B9 country: CA admin-c: domains@loudmarketing.com#0 tech-c: domains@loudmarketing.com#0 billing-c: domains@loudmarketing.com#0 domain: loudmarketing.com status: production owner: M ARCH email: domains@loudmarketing.com address: PO BOX 181 city: Mont-Royal state: Quebec postal-code: H3P 2B9 country: CA admin-c: marty@imashare.com#1 tech-c: marty@imashare.com#1 billing-c: marty@imashare.com Biron, Thierry (IMASHARE2-DOM) CP 78524 PO Wilderton Montreal, Qc H3S 2W9 CA Domain Name: IMASHARE.COM Administrative Contact: Biron, Thierry (CRTLNMWDNI) tbiron@IMASHARE.COM CP 78524 PO Wilderton Montreal, Qc H3S 2W9 CA 514 221-2074 fax: 514 221-2074 [Reply or follow-up to this message] re: 'Bridge Class' Thursday, March 18, 2004 at 6:55 pm Posted by Armatolos (1 messages posted) I also found this in my startup list (msconfig): > >rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load I was able to remove all of the bridge Class files following the instructions except the one on the startup list. Is there any way to remove it from the startup list? thanks On Friday, March 12, 2004 at 6:40 pm, Steve wrote: > They got me too >Thanks to the wonderful help from http://www.kephyr.com/spywarescanner/supportus.phtml >Doing the Add/Remove programs method only worked so so for me, using the manual instructions >from kephyr worked great. > >Below is the information on those B*&%^tards at FlingStone, aka LoudMarketing, aka >imashare.com. > >If anyone is in the area it would be nice to stop by and let them know what a bunch >of pigs they are. > >At the very least, we all have their email addresses below so you can sign them up >for a bunch of spam. > >domain: flingstone.com status: production organization: CDT Inc. owner: >Domain Manager email: domains@loudmarketing.com address: >P.O. Box 181 address: TMR P.O. >city: Mont-Royal state: Quebec postal-code: H3P3B9 >country: CA >admin-c: domains@loudmarketing.com#0 >tech-c: domains@loudmarketing.com#0 >billing-c: domains@loudmarketing.com#0 > >domain: loudmarketing.com status: production owner: M ARCH email: >domains@loudmarketing.com address: >PO BOX 181 >city: Mont-Royal state: Quebec postal-code: H3P 2B9 >country: CA >admin-c: marty@imashare.com#1 >tech-c: marty@imashare.com#1 >billing-c: marty@imashare.com > >Biron, Thierry (IMASHARE2-DOM) CP 78524 PO Wilderton Montreal, Qc H3S 2W9 CA Domain >Name: IMASHARE.COM >Administrative Contact: Biron, Thierry (CRTLNMWDNI) >tbiron@IMASHARE.COM > CP 78524 PO Wilderton Montreal, Qc H3S 2W9 CA 514 221-2074 fax: 514 221-2074 > > [Reply or follow-up to this message] Bridge Sunday, April 18, 2004 at 1:07 pm Posted by ME (1 messages posted) Can someone plz hack or kill the m*th*rf*ck*rs who made and spread this damned bridge [Reply or follow-up to this message] re: 'Bridge Class' Saturday, April 24, 2004 at 6:23 pm Posted by Farhad (3 messages posted) I had this problem also, as you know there is an ID for this class. I went to regedit and searched for that ID and removed all the things with that ID, now I have got rid of that virus. On Wednesday, December 24, 2003 at 4:43 pm, john wrote: > >I have no idea how this file got on my computer or what it does, but last night I >noticed this file that is running on my startup. I tried deleting it from msconfig >and currentversion\run but it just keeps coming back. > >The file is located in: >'C:\Winnt\Downloaded Program Files' under the name of 'brdg class.' > >I tried just deleting/removing the file but it tells me it is currently in use. I >viewed the properties of the file and this is what I found. > >Brdg Class >Type: Active-X Control >Creation Date: 12/23/03 7:26pm >Last Accessed: 12/24/03 >Total Size: 57,344 bytes (56kb) >ID: {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} >Status: Installed >CodeBase: http://www2.flingstone.com/cab/2000XP/bridge.cab > >I downloaded the file and viewed the contents with Notepad. There were 2 files, bridge.dll >and bridge.inf. > >I searched my computer for 'bridge.dll' and 'bridge.inf' but no entries were found. > >The contents of 'bridge.inf' are: > >; INF file for bridge > >[version] >; version signature (same for both NT and Win95) do not remove >signature="$CHICAGO$" >AdvancedINF=2.0 > >[Add.Code] >bridge.dll=bridge.dll > >[bridge.dll] >file-win32-x86=thiscab >clsid={9C691A33-7DDA-4C2F-BE4C-C176083F35CF} >FileVersion=1,0,0,109 >RegisterServer=yes > >I went to the website that it gave me and it was just a picture but I think it is >some kind of search bar. > >And and and, I can't believe I didn't think of the easiest solution. Try going to >Add/Remove programs and seeing if it was in there. > >Now I feel really stupid and I am just rambling on but I guess I am going to post >this anyway. [Reply or follow-up to this message] re: 'Bridge Class' Saturday, April 24, 2004 at 6:31 pm Posted by Farhad (3 messages posted) I had this problem also, as you know there is an ID for this class. I went to regedit and searched for that ID and removed all the things with that ID, now I have got rid of that virus. On Friday, January 23, 2004 at 6:47 pm, Jeremy wrote: >Oh nice link it says click add/reomve to remove it. > >Ok guys NOTHING is removing this. CWShredder isn't doing. Ad-ware. McAfee... NOTHING. >Best I could manage to do with this on is find the A.exe file it uses and damage >it AT BEST. > >I think this one is a NEW one and its just not responding to anything I use to remove >it. > > [Reply or follow-up to this message] re: Bridge Saturday, April 24, 2004 at 6:33 pm Posted by Farhad (3 messages posted) I had this problem also, as you know there is an ID for this class. I went to regedit and searched for that ID and removed all the things with that ID, now I have got rid of that virus. On Sunday, April 18, 2004 at 1:07 pm, ME wrote: >Can someone plz hack or kill the m*th*rf*ck*rs who made and spread this damned bridge [Reply or follow-up to this message] re: Bridge Wednesday, April 28, 2004 at 6:56 pm Posted by Kellie (1 messages posted) Hey, you said, to remove the bug, go the site etc. I went to the site got the program, but don't know how to kill the bug, it isn't showing up as one of the processes, but I know it is still there. what do I do after to kill it, etc... I downloaded the Spybot S&D, but it didn't kill bridge. thanks kellie I'll put my stones in to throw as well... Now, to remove this bug, try going to prcview.com and getting prcview. It should 'kill' the process that is running. Once killed, you should be able to delete the active x control. If you want to try another spyware killer, try spybot s&d from security.kolla.de FWIW, you can also deactivate automatic activation of ActiveX controls via the settings in your browser. One last thing: get yourself a good firewall that alerts you to when a spyware tries to call home. ;c) Hope this helps, Robert Reese~ [Reply or follow-up to this message] re: Bridge Monday, May 10, 2004 at 8:11 am Posted by brendon (1 messages posted) Ive had this same problem and spysweeper took care of it www.spysweeper.com On Wednesday, April 28, 2004 at 6:56 pm, Kellie wrote: >Hey, >you said, to remove the bug, go the site etc. I went to the site got the program, >but don't know how to kill the bug, it isn't showing up as one of the processes, >but I know it is still there. >what do I do after to kill it, etc... I downloaded the >Spybot S&D, but it didn't kill bridge. >thanks >kellie > > >I'll put my stones in to throw as well... > > > >Now, to remove this bug, try going to prcview.com and getting prcview. It should >'kill' the process that is running. Once killed, you should be able to delete the >active x control. If you want to try another spyware killer, try spybot s&d from >security.kolla.de FWIW, you can also deactivate automatic activation of ActiveX controls >via the settings in your browser. One last thing: get yourself a good firewall that >alerts you to when a spyware tries to call home. ;c) Hope this helps, Robert Reese~ [Reply or follow-up to this message] re: 'Bridge Class' Tuesday, May 25, 2004 at 10:38 pm Posted by ryan (1 messages posted) G'Day there, I have this virus as well. Thanks for your input. I was wondering, how can people find out the IP address the way you did? I am amazed that my info could be on the net like that, thanks Ryan On Friday, March 12, 2004 at 6:40 pm, Steve wrote: >They got me too >Thanks to the wonderful help from http://www.kephyr.com/spywarescanner/supportus.phtml >Doing the Add/Remove programs method only worked so so for me, using the manual instructions >from kephyr worked great. > >Below is the information on those B*&%^tards at FlingStone, aka LoudMarketing, aka >imashare.com. > >If anyone is in the area it would be nice to stop by and let them know what a bunch >of pigs they are. > >At the very least, we all have their email addresses below so you can sign them up >for a bunch of spam. > >domain: flingstone.com status: production organization: CDT Inc. owner: >Domain Manager email: domains@loudmarketing.com address: >P.O. Box 181 address: TMR P.O. >city: Mont-Royal state: Quebec postal-code: H3P3B9 >country: CA >admin-c: domains@loudmarketing.com#0 >tech-c: domains@loudmarketing.com#0 >billing-c: domains@loudmarketing.com#0 > >domain: loudmarketing.com status: production owner: M ARCH email: >domains@loudmarketing.com address: >PO BOX 181 >city: Mont-Royal state: Quebec postal-code: H3P 2B9 >country: CA >admin-c: marty@imashare.com#1 >tech-c: marty@imashare.com#1 >billing-c: marty@imashare.com > >Biron, Thierry (IMASHARE2-DOM) CP 78524 PO Wilderton Montreal, Qc H3S 2W9 CA Domain >Name: IMASHARE.COM >Administrative Contact: Biron, Thierry (CRTLNMWDNI) >tbiron@IMASHARE.COM > CP 78524 PO Wilderton Montreal, Qc H3S 2W9 CA 514 221-2074 fax: 514 221-2074 > [Reply or follow-up to this message] re: 'Bridge Class' Sunday, May 30, 2004 at 5:47 pm Posted by JuneBone (2 messages posted) (this applies to Windows any version & Internet Explorer users) To remove the Bridge Class or brdg class registry key: Right click your Internet Explorer browser & then click properties. In the middle where it says Temporary Internet files in blue, click the settings button & then click the view objects button. Now here you will see all the registry keys that are installed on your computer. (*Note that most of these registry keys are legitimate and you can find out by simply right clicking on one of them and clicking on properties ) Right click the Bridge object registry key and select remove. You might receive a message telling you that you cannot remove it because another application is currently using or has exclusive rights or blah blah blah that simply tells you that the key is currently running so you must stop it from running before you can delete the registry object. To stop bridge from running before windows lets you delete it do the following: Press & hold the ctrl button on your keyboard while pressing it also press & hold the alt button and also the delete button ( ctrl + alt + del ) <--- this will bring up the Windows Task Manager Under the processes tab you now see all the running applications(programs) I want you to find the one called Rundll32 and right click it and click end process tree. There might be more than one so look for any Rundll32 and end its process tree or end task. On a side note you might also want to stop any dla applications from running in order to delete the bridge ActiveX control. DLA is your computer's Drag & drop application to burn onto recordable media. The reason why I say this is because the only reason I found out about the bridge active x control is because my friend Jennifer's computer got it. She told me that every time she would turn off her notebook she had to click end now to 2 programs because she got a message saying that rundll32 and her dla program were not shutting down every time she would try & turn off her computer so it was begining to be an annoyance so then she called me. but if you can now delete or remove the Bridge object without having to end task any other application other than rundll32 then you are set to go. what sucks is that the program might still be listed as a startup. Click the start button and now click Run (run is ussually close to search) at the prompt type MSCONFIG now click OK and click the startup tab look for bridge and uncheck it. Now that your computer no longer has that evil bridge ActiveX control registry key object you might feel relieved but just do one more thing for me. Bridge might still appear on the Add/Remove Programs list in Control Panel you can choose to ignore this or you can do the following and I promise this is the last step. Click Start then Run type REGEDIT click OK. You now see a bunch of things that say HKEY well look for the one that says HKEY_LOCAL_MACHINE click the little plus on its left now look for SOFTWARE (also click the little plus) now look for MICROSOFT now look for WINDOWS now look for CURRENT VERSION now look for UNINSTALL now look for BRIDGE <--right click on bridge and click delete. Close everything now and restart your computer. I urge most of you who still do not have a firewall installed to do so if you love your notebook as much as I do. Thanks & goodbye [Reply or follow-up to this message] re: 'Bridge Class' Friday, June 4, 2004 at 7:56 am Posted by Citrine (1 messages posted) You can take the quick way out and simply go to Start\Run and type in "regedit", do the find option for "bridge.dll" and delete "RunDLL = rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load" from the list of results. I had this problem and it took me 2 minutes to rid my system of it. On Saturday, February 14, 2004 at 10:45 am, Alan wrote: >Thank you Hazel1014! > >The kephyr.com instructions removed the pest - something PestPatrol and Registry >mechanic could not do!! > > [Reply or follow-up to this message] re: 'Bridge Class' Friday, June 4, 2004 at 8:22 pm Posted by Harvey (2 messages posted) I also had this malware, and had no problem getting rid of it...I ran adaware, emptied my registry, removed a.exe, and the dll and inf files via dos...but the spyware comes back as soon as I visit a website that contains the scripting for it. It used to be that when I visited the site, a prompt would pop up asking if I wanted to install the malware...this is no longer the case..it now installs it without my permission..ugh.. Any advice would be great. Thanks. On Friday, June 4, 2004 at 7:56 am, Citrine wrote: >You can take the quick way out and simply go to Start\Run and type in "regedit", >do the find option for "bridge.dll" and delete "RunDLL = rundll32.exe "C:\WINDOWS\Downloaded >Program Files\bridge.dll",Load" from the list of results. I had this problem and >it took me 2 minutes to rid my system of it. > > > > [Reply or follow-up to this message] re: 'Bridge Class' Friday, June 18, 2004 at 11:35 pm Posted by reason (2 messages posted) Ok.... read all the threads, tried everything!!!! this $#%#^&* thing keeps coming back!!!!!!!! very annoying... does anyone else have any other suggestions before my cpu commits the ultime suicide (format)????? Thanks [Reply or follow-up to this message] re: 'Bridge Class' Friday, June 18, 2004 at 11:39 pm Posted by reason (2 messages posted) p.s im using xp.... [Reply or follow-up to this message] re: 'Bridge Class' Monday, July 12, 2004 at 2:30 pm Posted by Gareth Oakes (2 messages posted) I have same problem on XP. the http://www.kephyr.com/spywarescanner/library/flingstonebridge/index.phtml link is giving a "Cannot find server error" I'm currently running adaware and zonealarm to block, tried to run system restore but had to go Open with...then choose program. but when restarted didn't work, has anyone on XP solved problem? On Friday, June 18, 2004 at 11:39 pm, reason wrote: >p.s im using xp.... [Reply or follow-up to this message] re: 'Bridge Class' Monday, July 12, 2004 at 2:42 pm Posted by Gareth Oakes (2 messages posted) Has anyone tried deleting "brdg class" from the windows/downloaded program files? I'm guessing this wouldn't be this easy to remove, but I'm not sure whether to risk it or not.... On Friday, June 18, 2004 at 11:39 pm, reason wrote: >p.s im using xp.... [Reply or follow-up to this message] re: 'Bridge Class' Tuesday, July 13, 2004 at 5:23 pm Posted by Harvey (2 messages posted) It won't cause damage, but it is somewhat difficult. I had to boot into DOS then delete everything through there. I found that I was able to hold off all Bridge Class attacks by using three programs: Lavasoft Ad-Aware (www.lavasoft.de) SpyBot Search And Destroy (http://www.security.kolla.de/) SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html) Just install them all, and run updates. I'd suggest running ad-aware first, then running spyware blaster and enabeling all protection. THen run SpyBot Search and Destroy and have it fix all problems. SpyBot seemed to have issues when trying to fix the DSO exploit..I ended up modifying the registry manually... Good Luck! On Monday, July 12, 2004 at 2:42 pm, Gareth Oakes wrote: >Has anyone tried deleting "brdg class" from the windows/downloaded program files? >I'm guessing this wouldn't be this easy to remove, but I'm not sure whether to risk >it or not.... > > > [Reply or follow-up to this message] Tip: Use one of the [Reply or follow-up to this message] links above to add a message to this thread Search this forum Start a new thread on a different subject Report abuse of the forum Return to the Windows 2000 Discussion Forum