Very Unique and Scary Problem/Virus

You are aware that Noone will believe you.

Try a search for any similiar files on your PC as they may have been introduced froma shared folder of some sort. Then Reformat.

My bet is it's a 'drive-by'....something inadvertently picked up by just clicking on a site/link somewhere.

Usually the trick is to pick on a catch phrase...eg the image title and google it...and see if that gets any hits that show/indicate a similar issue.

If you run without 'protection' it's usually guaranteed you'll be hit by 'something' within 20 seconds of logging onto that horrid thing called the www. ...;)

Very sound advice. There was a very good thread on anti viral software not long ago and you should give the site a search for it.

I wouldn't say anything to anyone about it (N.T. is very smart in his advice). Makes you wonder what else is there and you can't find!

I searched for the thread. It was something like "What software do you use.." kind of thing but my search came up empty. Maybe Skinhit or Zubaz remembers the thread better than me. Anyway, the reformatting idea is certainly a good one and make sure you check any external drives and flash memory cards you might use with your computer.

Good luck!

Doc

I did. Nothing.

I always use AVAST and spyware blaster. I never turn them off.

I could only find one thing that comes close to doing what happend. 'Iddono' createws new folders but I can't find any info on if it or what it is capapble of naming them or putting in them.

When I google the folder name I get nothing useful. A lot of references to peoples PC's being hit with a virus that has their email secretly sending porn and child porn. When I google the pic name (which I don't remeber 'exactly' I still get mothing.

Okay. I think I am narrowing it all down.

Saturday, my step-son asked me to install ODN on his PC so he could skin everything. (I was so proud) He has an e-machine with Vista Home Basic that his dad gave him last Christmas. I have parental controls running at a medium to high level and he has very little installed on it and almost no bloatware) While I was downloading and installing everything on his PC, I used his thumb drive to download skins off of mine to put on his.

Here's the catch....

I knew nothing of Vista when I set his PC up. I did notice it booted funny. There was a a few 'BIOS' screens that shouldn't be there. His dad is IT something or other with CISCO and knows a lot about PC stuff. He had monkeyed with the BIOS on my wife's old PC. Saturday, when I was booting his up, I finally noticed how long it takes. Having Vista on my new PC, I realized it was taking his way to long. (MINE BOOTS UP COMPLETELY IN ABOUT 30 SECONDS...HIS TAKES 3 TO 5 MINUTES) He may only have Home Basic, but his has twice the memory, etc.  Something that has always bugged me was that his dad didn't send any back-up discs or anything with his PC. No booklets, documentation, etc. I assumed he was just being his usual a-hole self and trying to control another aspect of our lives. What I am thinking now is that he has put a hacked version of Vista on the boys PC. With my wifes old one, it was designed to run Windows Millenium but had XP on it...again, the odd BIOS screens and no back-up or XP discs to be found.

I know it's possible for some hacks to have Trojans and other crap in them and what I am looking for may be on the boys PC and I transferred it to mine with his thumb drive. My question would be..how can I find out if his version of Vista is good? It passes the Windows SOftware Validation tests for updates, etc., but I assume there is a way around anything if you're clever enough or dumb enough as the case may be.

Yup!

One of the signs of infection. Your 'puter and your wife's may have become a 'bot' slave and been sending this thing onward. Now That's a real ugly thought.

Another 'not nice' one: The BIOS is loused up too....and then hoo-boy. I'd be asking some really savvy dudes about this stuff, Po'.

I do wish you luck in solving this one. Avast didn't catch it in the first place, so maybe ask the folks at Norton? They probably have a huge known virus/trojan database.

partitioned hard drive?

yes...

open My Computer, click view system information on the left, copy the serial

see if it will let you make recovery disks

if it will, do that then 1st try system restore to one of the earliest dates and see if the porn crap disappears

if it does and the above disks were able to be created, then you gots options

1) leave it at the restore point, and bring it up to date from there

2) use the disks (and the serial you wrote down) to reformat it - and hope it's not in the recovery disks

3) borrow someones disk and reformat clean using the serial - I believe that's okay with MS as long as you use your own serial

4) wait for some else who actually know shit to offer some valid advice

burn that thumb drive

e-machines support page

plug in the relevent make/model stuff - see what comes up - read the readme

YEAH!

I will have tyo wait until Thanksgiving. He will go to his dad's. If I mess with his PC now, it could get awkward and all. I think my PC is clean, though I have yet to try and recreates the user account. I'm going over it and over it...I am sure there is a way to hack the BIOS to run an illegit copy of Vista..if he hacked it himself, there would be no malware/virus...only if he downloaded someone elses hack and installed it. I'm not sure where that leaves me until I can look at his PC. I was hoping yrag would pop in.

I was going to try and take some pics of the bootscreen/BIOS crap that comes up when I turn it on and see if he or anyone coulc tell by looking at that.

So..until TurkeyDay..

He may not have hacked anything.  If he's IT, he could have grabbed a copy from wherever he works and be using that...just a thought there.  I got whacked with a virus about a week ago, right after a full re-install on a brand new HD.  I feel for you 'Po if you have to reformat...

hope it works out Po

It could have been worse... it could have been a folder filled with parochial school boyz posing suggestivly.

I see Bichur sent you pictures from his yearbook as well.

YRAG - I got your email. I also got this in another email.

------------------------------

This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
[email protected]
mailbox is full: retry timeout exceeded
------ This is a copy of the message's headers. ------
Return-path: *MY EMAIL ADDY - POSMEDLEY
Received: from host255.achinsk.net ([195.3.182.55] helo=78tihpzcjftk27x)
by mail2.ukrpost.ua with smtp (Exim 4.69)

id 1L0Ah7-0000HB-K9
for [email protected]; Wed, 12 Nov 2008 10:03:32 +0200
X-Originating-IP: [085.4.2.28]
X-Originating-Email: [[email protected]]
X-Sender: [email protected]
To:
Subject: RE: Prolong the natural flow of metabolism in your body.
From:
MIME-Version: 1.0
Importance: High
Content-Type: text/html
X-Spam_score: 6.0
X-Spam_score_int: 60

----------------------------------------

I don't want to email you back (or anyone) until I can figure if my email has been hijacked by all this.