Possible Virus? Help requested

darkblade986 · November 13, 2006

Ok, here's what happened. About 15 minutes ago, if some of you were on General P2P, there was a thread opened where someone said that Uloveme was selling a ton of rares on the official forums, and posted false links to the forums. They weren't anywhere near long enough, but I had a mind lapse and clicked one. McAfee SiteAdvisor (a security add-on to Firefox) caught it because the site "made unauthorized changes to the PC."

I engaged my internet lock (ZoneAlarm), actually disconnected the internet cord from my computer, and ran a virus scan using Ewido. I then ran a system restore after it caught stuff, and I'm running the scan again.

I did not enter my password on the fake site, although it did make itself look like the Runescape Forum login page. I have not logged into Runescape since, but the site aparantly deleted the Cookie to tip.it that held my auto-log in information for these forums. My passwords are not the same, so I've reset that.

Any other suggestions you can give, either in the line of additional virus scanners, or additional steps to prevent this from happening again?

*Note: Don't say "don't click on links you don't know about, I know it was stupid, and I caught myself quickly.

*Note2: The system restore I did was a System Checkpoint way back from Nov. 1, so I don't think that it'll restore back into the virus, if there is one.

Chris · November 13, 2006

Run a HijackThis scan and post the log here, someone should be able to tell you if you're OK to go again.

darkblade986 · November 13, 2006

Logfile of HijackThis v1.99.1

Scan saved at 7:36:15 AM, on 11/13/2006

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

C:\WINDOWS\system32\services[Caution: ExecutableFile]

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: ExecutableFile]

C:\WINDOWS\Explorer[Caution: ExecutableFile]

C:\WINDOWS\System32\issearch[Caution: ExecutableFile]

C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: ExecutableFile]

C:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: ExecutableFile]

C:\PROGRA~1\CA\ETRUST~1\realmon[Caution: ExecutableFile]

C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]

C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]

C:\PROGRA~1\MICROS~3\wcescomm[Caution: ExecutableFile]

C:\PROGRA~1\MICROS~3\rapimgr[Caution: ExecutableFile]

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

C:\Program Files\ewido anti-spyware 4.0\guard[Caution: ExecutableFile]

C:\Program Files\CA\eTrust Antivirus\InoRpc[Caution: ExecutableFile]

C:\Program Files\CA\eTrust Antivirus\InoRT[Caution: ExecutableFile]

C:\Program Files\CA\eTrust Antivirus\InoTask[Caution: ExecutableFile]

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

C:\WINDOWS\System32\wuauclt[Caution: ExecutableFile]

C:\Documents and Settings\Home\Desktop\School Projects\New Folder\HijackThis[Caution: ExecutableFile]

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.yahoo.com/

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: (no name) - {7fcf04b6-6354-47ef-b45e-a48268e92757} - C:\WINDOWS\System32\ixt0.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: ExecutableFile]"

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched[Caution: ExecutableFile]

O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon[Caution: ExecutableFile] -s

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]" -osboot

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~3\wcescomm[Caution: ExecutableFile]"

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA[Caution: ExecutableFile]

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL[Caution: ExecutableFile]/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O16 - DPF: {03774222-9FC9-6E3C-6BB8-549E6601CC31} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {0414803A-9BF9-7C04-BE55-5F3331232C98} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {046DD0F2-1FDD-1261-5DE0-645F0C7DCA13} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {04BA6AA6-AF58-2DDC-3081-77A22BE4FBD1} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {07B51561-5E48-1CA5-D55B-66803DD35F60} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {083694B0-4DA1-5F3C-F637-01AB5CEFCFEE} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {0B0DC25F-1F2D-1366-D4D6-64675CA1A395} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {0EA7D47B-75A7-2347-CC29-23B1450586E2} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {0F04EE8C-8653-0782-964F-245B2F67F8A0} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {11C272A9-9D67-2402-6047-6C7E419F1824} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {18D754EC-A348-58C6-4068-7B1C2B2F2A89} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {1CAD1A4A-9E17-302A-B8B7-270E1A507350} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {1DF28507-6573-3CC3-0981-473D2BE54506} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {1E5BD107-96C2-1D10-5D80-41544089112A} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {1ED7AEB0-F582-6B63-30D6-06BB21D47C13} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {1F81E3DF-8919-7BF3-5F21-403F409BEB9C} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {1F913B37-0EBD-4276-BE7E-1B446CB6F9B9} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {210F3A4E-F659-6D2D-C964-10CA34C1D35A} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {22A45AA5-992E-3805-670A-45B1298430F5} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {246EC947-FDBF-0BB9-CB4D-42D4494A59DB} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {26D1239A-8492-0C76-EC95-6A9F63E39186} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {29CC3890-753C-0D04-47BB-47D7669B7BEB} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {2A7D9B8B-FD85-611B-63E7-58695CD4D1A8} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {2E7E7458-01FD-382E-2E49-397B3B3161B2} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {2EA8E30A-4C37-4078-3977-1BED311516DF} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.c ... 040510.cab

O16 - DPF: {31949447-087E-2F70-0DB1-6C392C4008A0} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {3544905E-718A-7A1D-0AAC-5B9B65DEF31D} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {379C2761-EEBD-5699-23E8-387B2916794C} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {3C531EBE-A946-14EB-02F5-4A2358839060} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {3C91A97C-FF47-44C1-40A2-4F210ACC7F8E} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {3DBC80AE-AD99-00B5-9CE9-1A4952CE963E} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {3DF624D2-D03B-5EAD-2CF0-4DCE5931F0CC} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {4039F8F0-2594-375E-4627-2E7E4FCE626D} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {420F0AF7-76B9-677C-4FB5-36930CC9BF58} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {42457D2D-30F0-5E53-3C97-050C5BDD871B} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {42AEA83D-19F0-0826-57B1-5AED59103DD9} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {433C5591-5F95-51C3-EDAC-0D3151B84079} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {478481E0-D581-2544-13B7-56381FB13ED7} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {49254DCB-1FF1-0FE7-BD80-6FA118965CC2} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {4B147F0C-C598-1461-076A-26546D2F1E4C} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {4C5EA985-2CD6-2888-BD25-06C6467A0351} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {4C9A46CE-9E5C-489A-D1CD-265A10FA3D21} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {4D936582-0C59-5EFB-5BB6-285C6FFBE0B3} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {4F00A242-661C-2D92-BFCA-2AA9531C87F6} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {50B4EF94-64FB-5D34-2401-04840B7A388E} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {53307F22-DB03-09DE-4405-6B2D69567093} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {55689F7E-092E-6B33-3E0E-72CC3BC740F6} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {59274F03-9A4E-1C8B-7441-7123568F83B9} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {5A0CE126-7E69-70AF-1013-51BB2D398CEB} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {61720549-6761-4D20-7120-4647666A5418} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {6217414C-075D-5F22-5B38-45D87E073C07} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7132614624

O16 - DPF: {64A2C161-6A73-4B66-C217-2351783EC19C} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {64C054F5-2953-3681-2C58-3F511B672C2A} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {65257BD1-54AF-50F0-806E-663E4F9831B0} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {6871F389-1996-044E-A680-7E4B0D64B904} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {68BEA96E-00D4-56EA-2DAE-034A47EA35EC} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {69F02A88-A34D-462B-B0BC-1EB15418CE9D} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {6A816BC9-ED18-4500-5AB2-7C830EB04FFD} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {6AFA2F88-0789-7FF4-1236-65FC33FBCFF5} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {6C122F22-1E66-7A61-3CEF-56D324005DBF} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {6C59BA80-E555-764E-0571-09C86E314938} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {6C7E8C05-358A-5CB4-34A6-01AF275E1FDC} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {6FD563E7-7634-76B4-B66A-482420C66D56} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {7190201B-0A6B-64B4-B65E-1A636F1EA754} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {73D46E34-ECFA-7CFA-D558-38A813A731A0} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {75669262-299E-52A2-2DB9-5A9C3DD61B46} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://download.shockwave.com/pub/otoy/OTOYAX.cab

O16 - DPF: {781E5293-0BCF-07A5-CF07-0F3A1AC2090B} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {7886E938-C388-1BA0-1D9C-0DE84352EDFA} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {79953E8E-5DDF-63EC-184B-023B225EA83F} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {799B4855-073C-1872-3551-409F06652DEC} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} (Sandlot Loader Control) - http://www.shockwave.com/content/ballis ... nstall.cab

O16 - DPF: {7D786BF5-222C-312D-19DA-29FC2A307C8E} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {7DD95D3E-EBBA-263A-0B90-75BD6E15854A} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {7E3A5032-E53D-6040-5459-31947CCFA9DD} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {7E7D3E44-4E9E-7005-D59F-073956CFC4E3} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {7FBD42FB-7BBE-29C4-CB71-2DA766092DC1} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {7FFC3C04-13C6-68CA-FF65-4DBE34A53BC9} - ]http://85.255.113.214/1/gdnUS2218[Caution: ExecutableFile]

O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/S ... anager.ocx

O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?326

O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard[Caution: ExecutableFile]

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: ExecutableFile]

O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc[Caution: ExecutableFile]

O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT[Caution: ExecutableFile]

O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask[Caution: ExecutableFile]

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: ExecutableFile]

NOTE: I know there's a bunch of other crap up with my computer, I'm just concerned about not getting hacked.

darkblade986 · November 13, 2006

Ok, new problem now.

I shutdown my computer cause I wasn't gonna use it for a while. Now I'm having to use my mother's laptop because the system won't boot.

It gets to the screen in Windows where you'd choose your log-in name, however it doesn't even display those names (I'm the only user of the computer). It just displays the Windows Logo on the blue screen, and stops.

I've located my Windows XP installer disc and me and my mother are gonna have a field day with it later. If anyone has any tips for me, please tell.

Either way, I know this computer is virus free so I'll be safe to play runescape here.

coltm4carbine · November 13, 2006

Hi,

there's a bunch of other crap up with my computer

Ditto.

Fix the following entries:

O2 - BHO: (no name) - {7fcf04b6-6354-47ef-b45e-a48268e92757} - C:\WINDOWS\System32\ixt0.dll

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O16 - DPF: {03774222-9FC9-6E3C-6BB8-549E6601CC31} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {0414803A-9BF9-7C04-BE55-5F3331232C98} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {046DD0F2-1FDD-1261-5DE0-645F0C7DCA13} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {04BA6AA6-AF58-2DDC-3081-77A22BE4FBD1} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {07B51561-5E48-1CA5-D55B-66803DD35F60} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {083694B0-4DA1-5F3C-F637-01AB5CEFCFEE} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {0B0DC25F-1F2D-1366-D4D6-64675CA1A395} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {0EA7D47B-75A7-2347-CC29-23B1450586E2} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {0F04EE8C-8653-0782-964F-245B2F67F8A0} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {11C272A9-9D67-2402-6047-6C7E419F1824} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {18D754EC-A348-58C6-4068-7B1C2B2F2A89} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {1CAD1A4A-9E17-302A-B8B7-270E1A507350} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {1DF28507-6573-3CC3-0981-473D2BE54506} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {1E5BD107-96C2-1D10-5D80-41544089112A} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {1ED7AEB0-F582-6B63-30D6-06BB21D47C13} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {1F81E3DF-8919-7BF3-5F21-403F409BEB9C} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {1F913B37-0EBD-4276-BE7E-1B446CB6F9B9} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {210F3A4E-F659-6D2D-C964-10CA34C1D35A} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {22A45AA5-992E-3805-670A-45B1298430F5} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {246EC947-FDBF-0BB9-CB4D-42D4494A59DB} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {26D1239A-8492-0C76-EC95-6A9F63E39186} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {29CC3890-753C-0D04-47BB-47D7669B7BEB} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {2A7D9B8B-FD85-611B-63E7-58695CD4D1A8} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {2E7E7458-01FD-382E-2E49-397B3B3161B2} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {2EA8E30A-4C37-4078-3977-1BED311516DF} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {31949447-087E-2F70-0DB1-6C392C4008A0} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {3544905E-718A-7A1D-0AAC-5B9B65DEF31D} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {379C2761-EEBD-5699-23E8-387B2916794C} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {3C531EBE-A946-14EB-02F5-4A2358839060} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {3C91A97C-FF47-44C1-40A2-4F210ACC7F8E} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {3DBC80AE-AD99-00B5-9CE9-1A4952CE963E} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {3DF624D2-D03B-5EAD-2CF0-4DCE5931F0CC} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {4039F8F0-2594-375E-4627-2E7E4FCE626D} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {420F0AF7-76B9-677C-4FB5-36930CC9BF58} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {42457D2D-30F0-5E53-3C97-050C5BDD871B} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {42AEA83D-19F0-0826-57B1-5AED59103DD9} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {433C5591-5F95-51C3-EDAC-0D3151B84079} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {478481E0-D581-2544-13B7-56381FB13ED7} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {49254DCB-1FF1-0FE7-BD80-6FA118965CC2} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {4B147F0C-C598-1461-076A-26546D2F1E4C} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {4C5EA985-2CD6-2888-BD25-06C6467A0351} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {4C9A46CE-9E5C-489A-D1CD-265A10FA3D21} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {4D936582-0C59-5EFB-5BB6-285C6FFBE0B3} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {4F00A242-661C-2D92-BFCA-2AA9531C87F6} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {50B4EF94-64FB-5D34-2401-04840B7A388E} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {53307F22-DB03-09DE-4405-6B2D69567093} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {55689F7E-092E-6B33-3E0E-72CC3BC740F6} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {59274F03-9A4E-1C8B-7441-7123568F83B9} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {5A0CE126-7E69-70AF-1013-51BB2D398CEB} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {61720549-6761-4D20-7120-4647666A5418} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {6217414C-075D-5F22-5B38-45D87E073C07} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {64A2C161-6A73-4B66-C217-2351783EC19C} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {64C054F5-2953-3681-2C58-3F511B672C2A} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {65257BD1-54AF-50F0-806E-663E4F9831B0} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {6871F389-1996-044E-A680-7E4B0D64B904} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {68BEA96E-00D4-56EA-2DAE-034A47EA35EC} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {69F02A88-A34D-462B-B0BC-1EB15418CE9D} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {6A816BC9-ED18-4500-5AB2-7C830EB04FFD} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {6AFA2F88-0789-7FF4-1236-65FC33FBCFF5} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {6C122F22-1E66-7A61-3CEF-56D324005DBF} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {6C59BA80-E555-764E-0571-09C86E314938} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {6C7E8C05-358A-5CB4-34A6-01AF275E1FDC} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {6FD563E7-7634-76B4-B66A-482420C66D56} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {7190201B-0A6B-64B4-B65E-1A636F1EA754} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {73D46E34-ECFA-7CFA-D558-38A813A731A0} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {75669262-299E-52A2-2DB9-5A9C3DD61B46} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {781E5293-0BCF-07A5-CF07-0F3A1AC2090B} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {7886E938-C388-1BA0-1D9C-0DE84352EDFA} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {79953E8E-5DDF-63EC-184B-023B225EA83F} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {799B4855-073C-1872-3551-409F06652DEC} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {7D786BF5-222C-312D-19DA-29FC2A307C8E} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {7DD95D3E-EBBA-263A-0B90-75BD6E15854A} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {7E3A5032-E53D-6040-5459-31947CCFA9DD} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {7E7D3E44-4E9E-7005-D59F-073956CFC4E3} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {7FBD42FB-7BBE-29C4-CB71-2DA766092DC1} - http://85.255.113.214/1/gdnUS2218[Caution]

O16 - DPF: {7FFC3C04-13C6-68CA-FF65-4DBE34A53BC9} - http://85.255.113.214/1/gdnUS2218[Caution]

After that find and delete this file:

C:\WINDOWS\System32\ixt0.dll

Reboot and you should be clean.

Also you should update your Java. The latest update is update 9.

Also get sp2 for windows XP.

darkblade986 · November 13, 2006

K, when my computer gets fixed (can't get it to boot for some reason, and I pretty sure it's OS related), I'll take a look at that.

zonda · November 13, 2006

when you pop in your windows CD, just choose install windows, and then it should say something like "but you already have windows installed!!11" and then just say "Thats ok dawg"

Then itll ask if you wanna reformat or not... just say no. I will pretty much just reinstall all your windows files. Lot easier then bothering with repairing or recovery consol imo, but you could try the repair if you want.

One thing to note, if you do the former mention, when you fill in your desired username, make it the same as it was previously so you don't have to 'recreate' your desktop and stoof.

Sign In

Possible Virus? Help requested

Recommended Posts

darkblade986

Link to comment

Share on other sites

Chris

Link to comment

Share on other sites

darkblade986

Link to comment

Share on other sites

darkblade986

Link to comment

Share on other sites

coltm4carbine

Link to comment

Share on other sites

darkblade986

Link to comment

Share on other sites

zonda

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Browse

Activity

Important Information