When the sun goes down

Bad, bad, bad! Two days ago I was hunting for Wordpress plugins and my PC has got infected with a bunch of Desktop Hijack junk. Something like that didn’t happen to me for ages, like 6 years or so. Ironicly it made me imidiately think of the kids of my ex girlfriend. The times they were asking me for help when their pc was infected. To me it looked like they picked it up once a month, over and over again (boy, was I happy they didn’t play on my computer but on their own in stead, back then!)… Of course I did help them, but after a while I just got fed up with it and figured it out, oh well.. it would be a far better idea to teach them how to clean their pc on their own (it was their own pc after all), and so I did.

Anywayz, it reminded me also once more that it doesn’t only happen to the kids, and you don’t have to download bunch of games or anything like that. Surfing is more then enough to get hit by some ugly beasts. Internet is a jungle after all.

Moments like these, contain also one other (ultimate) reminder: why, oh why didn’t I boot my machine in Linux that day? Whyyyyyy???
And what was I hit with in first place?

The answer on both: I have no idea.

I’ve got a full package of Desktop Hijack trash nested on my pc, it looked a lot like Trojan.Zlob, who introduced me to 150 of his even uglier friends, as they all badly wanted me to install: AntiMalwareGuard (fake anti-trojan scanner!)… and these ‘friends’ all together put some nasty messages on my desktop, changed my boot screen, popped up the browser with their junk adverts every 2 minutes, fake Winblows desktop alerts and that kind of things. How bad has to be an Operating System to allow all that to happen? Hmm?

They also dissabled my Ctrl+Alt+Delete keys so I couldn’t get to a Task Manager and shut down certain processes. I forgot what the desktop message exactly said (it was something like: “your pc is not safe blah, blah, blah”), but during the cleaning process, I saw the names flying over my screen like: Clickspring Outerinfo, Webhancer, Spyware.isearch, Adware.Purityscan and lots of other kind of crap. Have yet to dive into the logs to find out who exactly was this “happy introducer”, if it’s possible to find that out at all (it’s probably as absurd as: what came first: the chicken or the egg?!), but right now I have more other important things to do. 24 sleepless hours were bad enough. *sigh*

The good news is: I killed them all!

And yet, there is one thing I still just don’t get: as soon as your machine gets infected, these parasites start shouting all at once “dude, dude… we just screwed your pc!!”

From even average virus-writers or hackers point of view, it must be just STUPID! … if not an idiot idea. But I’m not one of them, so who am I to say?!

In order to gain ANY advantage of infected machines, it is then suposed to be a SECRET. Thus not even letting people know their machines are infected. My best guess is therefore, they were hoping I would be even more stupid then they are, and would download their suggested creepy fake software. Like I would listen to their parasites waving with red and yellow flags from my desktop: “Hey dude, you’re screwed, but guess what, were nice enough to offer you the solution, just click here and download AntiMalwareGuard .. and we promise, we shall then leave!”

Idiots!!!

Who knows. Perhaps on the large scale this method might even work for them. There are many stupid people on this planet.

The Fix

To the folks with the same or similar experience, I’d recommend Hijackthis (dutch) website. And don’t panic, take your time and read first! At least, I’m not a kind of guy who would post my logs on the forum just like that. Somehow I don’t feel comfortable letting the whole world know what kind of software I use or don’t use… which is pretty funny and confusing thought when I look at it objectively. Then why don’t I feel paranoid while posting many personal things from my daily life? Something to think about …

Anywayz, in order to kill these cute parasites, I’ve used the following tools:
Combofix, SmitfraudFix, Spybot – Search & Destroy, SDFix, Ad-Aware and AVG - Antivirus and Antispyware scanner. I finaly performed Kaspersky online scan and then I was done.

There you have it, in Winblows safe modus, this all will take you 24 hours at least, to get rid of all junk. My machine is clean now, that’s what Kaspersky and my other (listed above) friends say. Should I trust them? I don’t know. Kaspersky onlinescan even thinks that S!RI’s SmitfraudFix.exe is a virus or a Trojan!* Haha.
Soooo, I’m not that easy on that one. When it’s about computers stuff or Internet business, I’m kinda paranoid guy.
I even ‘believe’ that Internet would be a little bit safer place without all these antivirus companies (whatever this might mean), and Kaspersky onlinescan shows that I’m not the only one. ;-)
… which however doesn’t mean that I too believe that SmitfraudFix.exe is a virus or a Trojan!

Paranoid or not, right now I feel OK. Certainly by looking back at the pic below.

Photo by Lette, model: Diana. Ijmuiden, 11/7/2008.

The shoot in Ijmuiden

Of course … there also happened some GOOD things too. Like, this wonderful shoot I had with Diana, Lette and Gezinus recently. Mostly I travel all over Noord and South-Holland for the shoots, but this one we had in, yes, don’t fall from your chair: Ijmuiden! It was an outside shoot and before we did it, my first thought was: “God, how smart is it to go and do outside shoots in Ijmuiden?” And I’m happy now to say that a such ahead judgements are wrong per default. Ijmuiden is just a perfect place for the outside shoots!

For this shoot - as you can see on the pic left, I gave Diana nice (dark) green smoky eyes, which should look just perfect outside / in the nature where we have plenty of light… Dark green is also a nice contrast color for her red lingerie and umbrella. Her lips I kept red of course.

As with any other photoshoots, some things had to be done in photoshop as well, like removing the disturbing grass stretches. Usually it’s done by the photographer, but on this picture it was done by me.

——————

The lesson I learned here is, that I should never, ever look for plugins anywhere else but on Wordpress official site…
The bottom line is, this was a hard winblows job ;-) and S!RI’s SmitfraudFix.exe did contribute to my cleanup, as the junk did dissapear from my desktop, sooo, judge for yourself! I think I’ll leave it right here.

Smoky eyes

Smoky eyes, photo & photoshop work by Lette, model: Diana. Ijmuiden, 11/7/2008.

Share this page on your social networks profile: