Why Would a Virus Look at Kiddie Porn?

Good question!

The answer, in a word, is Advertising. Other good words would be Traffic or Bandwidth - but they all come back to advertising. Pornographers, like everybody else, often get paid for clicks on their web pages - so it's easy money to get a machine to do it for you.

While visiting in Africa a few years ago, I was asked a number of questions by the wife of a priest. I was sitting in their living room answering their questions when I got a bright idea: Why don't I shell into the server and show them the logs? So I did.

I was telling them about how the web works. At one point I was pointing to the proxy log as it was scrolling on the screen. While I was talking I saw a few unexpected words scroll by and mentioned, in passing, that somebody was looking at dirty pictures. They weren't happy to hear that. Then I looked more closely at the log and noticed that the computer that was looking at the dirty pictures... was the notebook in my lap! While we were talking, some malware on the notebook was downloading porno files.

Needless to say, the young Sunday School teacher and her husband, a priest, were seriously unhappy about it. It happens; I've seen it myself.

Another sad note: Someone once told me about a truck that was on the market - something interesting that I did not know about - so I googled it and started clicking on links. One of the links took me to a hack page that immediately infected *my* workstation. I have over 25 years experience in this business and, like everybody else, I need my office workstation. This was *my* workstation - not somebody else's. If you call me to help you fix your computer and I sit quietly for hours to get the job done - guess what happens when I need to fix my computer? I tried to fix my workstation for months - many months. I managed quickly to get it to the point where I could use it - but I couldn't get rid of the malware that had been installed.

In the end, I was not able to fix the problem even with many, many nights of hard work. The problem did not go away until Microsoft started sending their monthly anti-malware updates.

Be careful about browsing the web using your office workstation - it might cost you more than you can afford some day. And, as it's hard to avoid getting into trouble: make sure you have an automated backup system running in your office and test the restore procedure from time to time.

If you are concerned about the possibility that your Windows PC has already been infected with malware you should make sure that your Anti-Virus software is up-to-date. However, Anti-Virus software, as the name implies, is designed to block virus software - not necessarily the other kinds of malware that are in circulation.

Again, for Windows users, I suggest you seriously consider installing Microsoft Windows Defender. From time to time, you should also run a program like Lavasoft's Ad-Aware. Neither of these programs is perfect - each has it's strengths and weaknesses, but together they will find the majority of problems that you might have on your PC. In many cases they can also remove those problems for you.

Finally, any Windows user must absolutely run the monthly anti-malware update from Microsoft. If you use Windows Update it is available to you once a month - otherwise you can download it from the Microsoft web site.

For Linux and Mac users the problems are less numerous but they still exist. Consider learning to find and read your message log file (/var/log/messages in Redhat-based distributions,) your secure log (/var/log/secure,) and other such files in your system. You need to develop a sense of what's normal and what's not normal in those files. If you see something that is not normal, you need to take action to remove any offending software that may be running in your system.

Microsoft Windows Defender is available here: Windows Defender.

Lavasoft's Ad-Aware is available here: Ad-Aware (Free Edition)

HTH