[Brad2]

Here I am at Geekstogo.com again *sigh* Still the best place to come to.

Anyway,

My situation:

1. I bought an HP Pavilion last year with Vista on it, and I downgraded it this year to XP (it took a year for 3rd Party programmers to get the drivers out, because HP was too STUPID to have even one driver/device for Pavilion compatible with XP)
So, I thought the major (I mean MAJOR) crash I experienced 2 weeks ago to be because of my spit-n-tape fixing of XP, and maybe it was just two drivers conflicting.
About the crash: I couldn't restart it at all. No Safe Mode, No Restart at Last Known Configuration, No Nothing.
I had to install XP on my second harddrive (D:), access C: from it and use NTFS Undelete to salvage my files.
Then formatted C: and re-installed XP, uploaded the drivers, etc. etc.
Now it works.
(for now)

2.Here's where things get interesting . .
My website was hijacked just after the crash. But all that was done to it was a <iframe line of code in the index and home pages was re-directing visitors to a malicious site (usaforwarding.cn).
Got my site blacklisted by Google.
That's all been sorted out. Other than there were no brute force attempts on our FTP.
Our only conclusion is they got my password from my FTP program on this PC?
It certainly wasn't a low-level security password, by any means.

3. Finally, today I had a 'DrWatson Post Mortem Debugger has encountered a problem and has to close' message. My PC froze and I had to turn it off manually.

So, here I am.
Not knowing what to do next

Grudgingly, I must confess and also mention I was downloading something from the pirates bay just as it crashed.
Any connection there? or just coincidence?
(no judgement, please )
I assumed a virus/trojan from torrent files wouldn't be able to run until you clicked on it (??)
My wife said the last time she even went to that website, her anti-virus went bananas and she had to 'clean stuff up'

Thank you for your time and consideration.
Brad

[Advertisements]

Yep torrents can infect without being activated as you say. No lectures but only help.

I suggest you go to the Malware Removal and Spyware Removal Forum and run all the steps located in the START HERE. These self-help tools will help you clean up 70% of problems on your own. If you are still having problems after doing the steps, then please post the reguested logs in THAT forum. If you are unable to run any of the tools then start a new topic in the malware forum and put this in the subject line...I am unable to run any malware tools

If you are still having problems after being given a clean bill of health from the malware expert, then please return to THIS thread and we will pursue other options to help you solve your current problem(s).

[rshaffer61]

Yep torrents can infect without being activated as you say. No lectures but only help.

I suggest you go to the Malware Removal and Spyware Removal Forum and run all the steps located in the START HERE. These self-help tools will help you clean up 70% of problems on your own. If you are still having problems after doing the steps, then please post the reguested logs in THAT forum. If you are unable to run any of the tools then start a new topic in the malware forum and put this in the subject line...I am unable to run any malware tools

If you are still having problems after being given a clean bill of health from the malware expert, then please return to THIS thread and we will pursue other options to help you solve your current problem(s).

[Brad2]

Thank you very much.
And now I know about torrents . . . I will be sure to use a condom next time.

In the mean time,
Off to the 'Malware and Spyware Cleaning Guide'

[rshaffer61]

Good luck and let us know how everything goes.

[Brad2]

Malwarebytes run on Quick Scan came up with nothing, but I was sceptical on that, so I ran a Full Scan and found 2 Trojan-downloaders in the /System Volume Information folder.

Deleted those and assume everything is fine.

Thank you again for your time.
It's most appreciated.

Brad

[rshaffer61]

Start a new topic in the malware forum. Post the requested logs and let a malware tech do some deeper scans.
Trojans have a habit of hiding and can disguise themselves as legitimate programs.

[Brad2]

ok.
Will do.

[Brad2]

I tried to add a new topic in the Malware removal section and got an error

[rshaffer61]

What error?
It may just be a hiccup. Try again and maybe even refresh the page.

[Brad2]

I'll have to try on Monday. My machine's backing up and I'm out the door.
Woot! Friday! Woot!

One more day to Katurday.

PCs go on the shelf this weekend, let me tell you

Thank you again for your help and follow up.
Brad

[rshaffer61]

No problem and we will be here on Monday .

[Brad2]

Morning.
I went to Security>Malware Removal Guide but can't post there.

I'm assuming I should post the logs in Security>Virus, Spyware & Trojan Removal (?)

(had a great weekend. still recovering. hehe)

[BHowett]

I'm assuming I should post the logs in Security>Virus, Spyware & Trojan Removal (?)

that's correct.

[Brad2]

oki doki.
Thank you