• Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Torrents

    Please help - downloaded a .php file

    The Site
    2
    2
    21
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      grannymae last edited by

      Hi,

      Please go easy on me if anything I post is technically stupid, does not make sense, or has nothing to do with gaytorrent.ru

      Last night while uploading and downloading [my tottret software is qtorrent], I noticed my computer slowed to a crawl. I then noticed a file had recently, within the last 10 minutes, been added or downloaded to my desktop called dlconfig.php

      I quit everything and ran a Malwarebytes (premium) scan which showed clean. I then did a ccleaner run and there were hundreds of files similar to this (I deleted everything so am going on memory) loicsquad_jesus_hiddenwiki.php

      again, that is not exact but I think the right people will know what it was. I followed the ccleaner with another utility program that found 4,000+ temp files with many, I believe, being .php

      I did a google search and all I could understand was that loic was a tool used for ddos attacks and that if I had loic on my computer I could be controlled remotely to participate in a botnet to carry out the attacks. I saw a mention of a connection between loic and P2P torrent sites, and that's where I stopped, shut off my torrents and came to this post. I don't know if it is relevant, but I also installed Video Thumbnails Maker earlier yesterday. That is the only change I made to my computer in last 24 hours.

      All of my utility programs seem to have cleared the php files. It was mentioned I should look for and manually delete a running process winlogo.exe (not winlogon.exe, which I understand is the normal process). I was unable to locate winlogo.exe which hopefully means I am clean from loic or whatever.

      I could be imagining things, but my computer seems sluggish though my CPU usage seems within normal range.

      Obviously, I am concerned about firing up my torrents to re-start my ups and downs. Can anybody shed some light on this?

      I respectfully remind you that I am clueless and if everything I said is technically stupid or impossible that it is related to gaytorrent.ru, just let me know in ENGLISH-speak please. i.e. 'splaining what php, low cannons and jesus hidden wiki is would be a waste of your time because I won't understand you.

      Thanks in advance. Sorry for this post that I had to base on memory.

      1 Reply Last reply Reply Quote 0
      • MrMazda
        MrMazda Global Moderator last edited by

        From the sounds of things, it would appear that you (or someone using your computer) may have clicked on a link or ad of some sort that wasn't what it claimed to be, or that they did not know that they were being re-directed to a malware site. My recommendation would be to try running a scan with SpyBot Search & Destroy, which you can find online at www.safer-networking.org

        I think this should help to cleans any remnant that you may find of such things. Also, I suggest running an in-depth registry scan with ccleaner after you are done with the SpyBot just to make sure that you haven't opened up any other potential registry issues by removing some of the other references to these things that SpyBot does not detect automatically. This generally will come up in your MUIcache, given the way that the system registry works.

        Whap The User
        The only difference between martyrdom and suicide is press coverage!

        1 Reply Last reply Reply Quote 0
        • 1 / 1
        • First post
          Last post