Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


'BlackHole?' Virus damage rampant

  • Please log in to reply
1 reply to this topic

#1 Jian3672


  • Members
  • 2 posts
  • Local time:11:09 AM

Posted 24 June 2011 - 06:36 AM

One program called this the 'BlackHole Exploit.' I have found many references to it online, but very, very little actual info, and, after my description, I have an important question for you.

(Widows Vista)

This isn't so much about my computer (Malwarebytes and CA didn't catch it, and has torn up my system badly,) but infected my website. I first noticed it was turning random files into zero-byte files when I would upload to my website, for hours I was trying to resolve this, turned out the 'zero-byte' files were random every time I would upload.

After several days of this, re-rendering files, exploring the coding of the pages, trying a new FTP program, forcing every file into binary mode... I ran a Malwarebytes manual scan. 4 Trojans. Cleaned it. Re-ran it in Safe Mode, 4 more, cleaned it. Computer would then only boot into Safe Mode.

I removed the HDD and made it external, running Malwarebytes scan on it, found 4 more. Ran a CHKDSK/F, and hung at 79% on stage 5. Several times, always at 79%, stage 5. Popped it back into laptop, will only boot into safe mode, in normal mode it crashes with 'IRQ_NOT_LESS_OR_EQUAL' error.

However, I DID manage to back up my files when this was attached as an external drive.

My ex lost my recovery disk (though I still have the key,) so I cannot continue until my new recovery disk arrives, and will likely have to format. I expect that, since a fully-updated Malwarebytes and CA have failed me.

Suddenly, I discovered that when I went to my website on a computer that has AVG, it says the page has been reported to have the 'BlackHoleExploit' virus! Mind you, I did NOT upload the index page from my didn't-know-it-was-infected computer, but I did upload another page, and some directories.

My site is 11Gigs, do I just delete and start over? How do I remove a virus from my website? How did a page I did not change during the infection get infected? Are they ALL infected? Once clean, how do I get off of the anti-virus blacklist without changing my domain name?

Any info you need from me, I will attempt to provide.

Please help with anything you see in this post, especially the website, I most pages I find in searching 'Black Hole Exploit' turn out to be anti-virus program ads. Virtually no info.

BC AdBot (Login to Remove)


#2 Jian3672

  • Topic Starter

  • Members
  • 2 posts
  • Local time:11:09 AM

Posted 25 June 2011 - 03:11 AM


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users