Hi,
Sorry to say the site database got hacked a couple more times. I've since learned that not only is the problem not limited to Microsoft (it's hitting mySQL and php sites equally), it has hit some high profile sites. The site is back up but for now I've had to disable the self-service caretaker capability. I'm not certain at all that I've secured the db enough to prevent reoccurrence, but I have a clean copy of the current data backed up - its what I've been restoring from. Because the problem is using a Trojan (killav, among others), it can actually start with someone browsing the deadlists site who doesn't know their computer is infected - which is likely how this started in the first place. Computer infected > browse the site > Trojan inserts script into database > another user browses site without script protection > script from database infects their computer. and so on. If you google nihaorr1, you'll see examples of sites that have been infected. Anyway, an advisement and warning to put a script blocker on your browser. Firefox has a good one called NoScript which I've found works great. If you're interested in the more techie side of this, there are a couple sites with info about this specific problem and the data corruption issue: http://www.webhostingtalk.com/showthread.php?p=5062241. http://www.codeproject.com/KB/database/SqlInjectionAttacks.aspx Thanks Kevin
