Posted 24 June 2011 - 06:36 AM
One program called this the 'BlackHole Exploit.' I have found many references to it online, but very, very little actual info, and, after my description, I have an important question for you.
This isn't so much about my computer (Malwarebytes and CA didn't catch it, and has torn up my system badly,) but infected my website. I first noticed it was turning random files into zero-byte files when I would upload to my website, for hours I was trying to resolve this, turned out the 'zero-byte' files were random every time I would upload.
After several days of this, re-rendering files, exploring the coding of the pages, trying a new FTP program, forcing every file into binary mode... I ran a Malwarebytes manual scan. 4 Trojans. Cleaned it. Re-ran it in Safe Mode, 4 more, cleaned it. Computer would then only boot into Safe Mode.
I removed the HDD and made it external, running Malwarebytes scan on it, found 4 more. Ran a CHKDSK/F, and hung at 79% on stage 5. Several times, always at 79%, stage 5. Popped it back into laptop, will only boot into safe mode, in normal mode it crashes with 'IRQ_NOT_LESS_OR_EQUAL' error.
However, I DID manage to back up my files when this was attached as an external drive.
My ex lost my recovery disk (though I still have the key,) so I cannot continue until my new recovery disk arrives, and will likely have to format. I expect that, since a fully-updated Malwarebytes and CA have failed me.
Suddenly, I discovered that when I went to my website on a computer that has AVG, it says the page has been reported to have the 'BlackHoleExploit' virus! Mind you, I did NOT upload the index page from my didn't-know-it-was-infected computer, but I did upload another page, and some directories.
My site is 11Gigs, do I just delete and start over? How do I remove a virus from my website? How did a page I did not change during the infection get infected? Are they ALL infected? Once clean, how do I get off of the anti-virus blacklist without changing my domain name?
Any info you need from me, I will attempt to provide.
Please help with anything you see in this post, especially the website, I most pages I find in searching 'Black Hole Exploit' turn out to be anti-virus program ads. Virtually no info.