Computer Got A Strange Virus

[Roxas 56]

My parents desktop computer has been acting funny for a while now and they suspected a virus but last night when she was trying to remove pictures, It started changing the icons on the desk top into little porn pictures. My mom was like, "OMG! Close your eyes! WE got a porn virus!" at that point she yanked out the power cord and said that we'd leave it that way for a while. What do you guys think about this so called porn virus?

 

[Tahu]

Does it only do this when you are trying to remove those specific pics? Didnt your Virus shield found it? What Virus shield are you using?



I need the answer of these questions, after I can help you fully.



Kind Regards,

/Tahu

 

[Roxas 56]

Apparently, my parents thought that they were getting virus protection from Comcast and didn't have any virus protection on it. It started doing the porn thing and that's why she wanted to remove the picures. It's 7 years old so they wanted a new one for a while anyway.

 

[CommanderFluffy]

if their isnt any virus sheild/protection installed on your computer. well then you dont have one.. most internet providers like comcast say they have it but if you didnt download or install the software when you got the service originally then you will have none.

 

[Tahu]

I suggest boot from Disc if you made a Back-up, and have Avast! as Virus Shield. Real-time search/Shield and is very sure.

 

[ImaGonnaGetYou]

If the changes were happening in real-time, I would assume it's an RAT (remote administration tool). Whoever is the hacker got your IP address and was able to get you to execute the RAT's server, which most likely melted it (so it's harder to remove). It's basically a trojan that lets the sender have full control of your computer.



I recommend AVG Free or Avast! to remove it, since most people aren't smart enough to protect their viruses/trojans/whatever.



Also, I recommend download McAfee SecurityCenter, and then uninstalling everything in it except the SecurityAdvisor toolbar. It tells you whether a site has pop-ups or viruses or not, and also will show up beside urls in Google searches.



Also, don't download from unofficial sites unless the uploader has a scan from virustotal.com showing that the file is clean. Even then, there are many ways to make various malware undetectable to virustotal.com or novirusthanks.com, so always be careful and wait to see if anyone else gets an infection before downloading.



EDIT: Also, burn Linux to a disc when you can, so you can boot from the disc if Windows ever decides to die on you.

 

[Roxas 56]

Thanks for all the help guys! I'll see what I can do for my parents using these methods. Even though I work at Staples, they don't give you any discounts on anything and I know how little they do for the money they charge. For what they charge, I can get them a new computer all together.

 

[Grim Killer]

If the changes were happening in real-time, I would assume it's an RAT (remote administration tool). Whoever is the hacker got your IP address and was able to get you to execute the RAT's server, which most likely melted it (so it's harder to remove). It's basically a trojan that lets the sender have full control of your computer.



I recommend AVG Free or Avast! to remove it, since most people aren't smart enough to protect their viruses/trojans/whatever.



Also, I recommend download McAfee SecurityCenter, and then uninstalling everything in it except the SecurityAdvisor toolbar. It tells you whether a site has pop-ups or viruses or not, and also will show up beside urls in Google searches.



Also, don't download from unofficial sites unless the uploader has a scan from virustotal.com showing that the file is clean. Even then, there are many ways to make various malware undetectable to virustotal.com or novirusthanks.com, so always be careful and wait to see if anyone else gets an infection before downloading.



EDIT: Also, burn Linux to a disc when you can, so you can boot from the disc if Windows ever decides to die on you.

I have done a few rat things in the past, just to test things out, the free stuff doesnt work in fully taking it off, I use Avg and that just finds the same file over and over deletes it and it just comes back. Same with Avast (BTW Avast is good but its a system hog.) Mcafee is decent within certain aspects. I would go with Panda, It was the only program to find all the files that melts it's self on the hard drive, but its not free.

Another thing is get the files you need off the computer and do a clean start. Its the best way to go. Also If its a serveral year old computer Upgrade, trust me, there is a big difference from a computer 5 years ago and now, even from 2years ago and now, the Intel i7 kicks past computers at least a high end model of the i7.

 

[angry cabbage]

Also if your haven't already install Firefox internet explorer and get the no script add on. Does wonders when surfing the web and interfaces directly with most of the virus protection out there.