Downandup or Conficker USB Worm Prevention and Removal

Ms. Ducktoes is really busy removing spyware and replacing power supplies today, but I’ve noticed an influx of this new worm. So I thought I should warn you. It’s called the Downandup/Conficker worm. Millions of computers are infected. To avoid getting it, turn off Autoruns on your computer. Click here to learn how to turn off Autoruns.

To fix or remove Downandup or Conficker worm, there are these free removal tools:
ftp://ftp.f-secure.com/anti-virus/tools/beta/fsmrt.zip
ftp://ftp.f-secure.com/anti-virus/tools/beta/f-downadup.zip

Then run the usual Malwarebytes et al as in this post on Free Anti-spyware just to get rid of any remaining spyware. More later, my chickadees.

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Hallmark Card Virus (Again) and the Evil AntivirusOn.com

Ms. Ducktoes really feels for the readers whose computers have the Hallmark card virus. So many of you are still coming to this blog for a fix. This has been going on for months.

Since so many of you are still getting infected, today I went on-line to do a more research. I was wondering if there were any new variants etc.

What I found troubled me:
This Google search result for

The links lead to a Youtube video which pretends to be a Tutorial but really is an ad for AntispywareOn.com, a rogue anti-virus site that will give you–you guessed it–more spyware and viruses. You can play the video without getting infected but don’t go to AntivirusOn.com. The video’s not much to see; it’s mostly obscured by big letters telling you to go to AntivirusOn.com. Click here to see the video.

Now here’s a video that’s more interesting. The video maker “Video search engine” infects a virtual machine with what you get on AntivirusOn.com and makes a video of the result. And, oh dear, the result looks surprisingly familiar: like another variant of the Windows XP Antivirus 2008/2009!

Ms. Ducktoes wants to stamp her (web) foot, she’s so sick of the Hallmark card virus and the Windows XP Anti-virus!!!

If you have the Hallmark virus, don’t go to AntivirusOn.com and even get more spyware and viruses. I’m sure some of you have already.

If you need to remove the Hallmark Card virus, the Windows Xp Anti-virus 2008/2009 or any other spyware, try this first.

If you already have bad spyware problems and can’t download the anti-spyware abovego here for a fix.

Good luck and as always your comments are most welcome.

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Best Free Anti-Spyware of 2008

This year Ms. Ducktoes has added more free anti-spyware to our regulars: Spybot and Ad-Aware SE, which have been on our best anti-spyware list for years.

At Ducktoes we fight spyware on computers everyday and these are our the most potent and useful.

1. Malwarebytes
Our top best free anti-spyware of the year is this newbie (at least to us).
This free-antispyware is the newest and trendiest trick Calgary techies have up their sleeves. At all the tech workshops I’ve been to, everyone’s talking about it. And what’s more, Malwarebytes lives up to the hype, since it is like an avenging angel against potent malware. It nails it!!!

2. SuperAntiSpyware
Here’s another new-to-me and probably new-to-you anti-spyware that is true to its name. It’s a Super hero – really effective against the Hallmark card and other difficult malware.

3. Dr. Web Cureit. Dr. Web Cureit is a dynamo against some of the new malware. Dr. Web is from a Russian company and is endorsed my the Ministry of Defence of the Russian Federation. Since so much spyware and malware is coming from Russia these days, I imagine the Dr. Web people have prior first-hand exposure to it and fight it effectively sooner than some other anti-spyware fighters. It worked well against many nasties for me.

4. Spybot Search and Destroy – Some techs talk about this tried and true anti-spyware (an experienced anti-spywre, no actually, the archetype) as no longer as effective as the newer malware fighters. However this just ain’t true. Spybot’s version 1.6 has a much improved detection and faster scan speed. And the new version 2–almost ready for release–will knock our socks off!

5. Ad-Aware 2008 Another familiar favorite that has gone through a major overhaul. Ad-Aware is the most popular anti-spyware on CNET’s Download.com, no mean feat! All those people must know something we ought to get in on.

And of course there are a few best anti-spyware that aren’t free. But I’ll have to save those for a different post.

To use these best anti-spyware, it never hurts to run more than one, or even, run them all. One at a time. In fact sometimes that’s an excellent way to fignt the Worst Spywares of the year Windows XP Anti-virus 2008/2009 and the Hallmark Card virus. See the post.

And as always, I treasure and welcome your comments.

[ad#new

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather

When Spyware gets Bad: What to do when you can’t do anything

Sometimes spyware gets so bad, it’s hard to do anything. You can’t go online and download Malwarebytes or Spybot or any anti-spyware (see this post), because your browser–that is, your Internet Explorer or Firefox–is hijacked and redirected and won’t let you go anywhere of use and certainly won’t let you download anything. So you take the next step, and reboot your computer into Safe Mode with Networking by tapping F8 as the computer restarts. But sometimes even in Safe Mode, the malware keeps you from downloading anti-spyware or, if you manage to download it, running it. So now you face reformatting your hard drive and losing all your data and the programs, at least the programs you’ve lost your disks to, or never had disks for in the first place.

What do you do now? You take the computer to a tech who nine times out of ten will recommend reformatting. Or you find a tech like Ms. Ducktoes who will fight the malware without reformatting. Ask your tech if he or she will do this. Ask if he will use Malwarebytes or SuperAntispyware.

Or…you can do this.
1. Go to the computer store and buy a device that lets your hard drive to another computer by USB. It’s called a USB to IDE/Sata Adapter and costs from $25 to $35 dollars.

This is what you need an IDE to USB converter. There are also ones that work with Sata and laptop drives.

2. Find another Windows computer either your own or a friend’s or relative’s. Download and update Malwarebytes and AVG and SuperAntispyware and Spybot to that second computer. (You have many choices, just make sure you use Malwarebytes and AVG among them.)

3. Turn off the power to badly infected computer and unattach the cables. Open up the case of the and remove the hard drive. Some cases will have large buttons to push–like Dell– others will have screws. Remove the case.

Open the case by unscrewing the screws or pushing a button or lever.

Open the case by unscrewing the screws or pushing a button or lever.

Make sure your computer is turned off and unplugged before you do this.

4. The hard drive will have a wide-band white/gray cable attached to it and a four-prong power cable.

Here is the power cable.  You can see a bit of the ribbon cable in back of it.

5. Remove the cables. (Take a digital photo with your camera or cell phone if you think you may forget how they are attached.

What a ribbon cable looks like

What a ribbon cable looks like

5. You’ll probably have to unscrew the hard drive from the where it is attached to the case.

Use a screwdriver to unscrew hard drive screws.
Use a screwdriver to unscrew hard drive screws.

6. After removed, attach the hard drive to the right (same size) IDE/SATA adapter and plug in the power.

Here the hard drive is attached to the adapter.

Here the hard drive is attached to the adapter.

7. Connect USB cable to the USB port of the second computer.

Plug the USB cable into the USB port of the second computer.

Plug the USB cable into the USB port of the second computer.

The computer should recognize that new hardware has been attached. If you go into My Computer, you’ll see it as a USB mass storage device and listed as a letter such as E, F, G, or H, depending on how many cd/dvd and hard drives are on that computer.

You'll see this in the right-hand corner of your monitor screen.

You’ll see this alert “Found New Hardware” in the right-hand corner of your computer screen.

This window will appear on your desktop.  Choose the

This window will appear on your desktop. Choose the “Open folder to view files” option.

Your hard drive is attached!

7. Now run the anti-spyware and anti-virus programs one at a time. If you can, do a custom scan and single out the attached hard drive. Let each anti-spyware run and then remove or quarantine the viruses.

This is the AVG interface.  It allows you to pick the hard drive you want to scan.  Here E and F are selected.

This is the AVG interface. It allows you to pick the hard drive you want to scan. Here E and F are selected.

8. If you have enough skill, go into the desktop of that drive (the one that is connected by USB) and copy and paste the Malwarebytes installer to the desktop of your user. Find the All Users desktop folder and drag the MBAM installer icon into the window.

Drag Mbam icon into the

Drag Mbam icon into the “All Users” desktop folder.

Then you can run it later when you reattach the hard drive in its own computer.

9. Unattach the hard drive from the USB and put it back into its own case. Reattach the cables all the way so they fit snuggly. Start up the computer. You should now be able to go into Safe Mode with Networking and download the anti-spyware and run it. You still will have a lot of spyware to contend with but now you have more of an edge. If you put the Malwarebytes icon (Mbam) on the desktop you can click on it and run it. Make sure that you update it.

Good luck and let Ms. Ducktoes know how it goes. Please feel free to comment and make suggestions.

See this post for more detailed information on how to download and run the anti-spyware.

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather

A Hallmark Card for Ms. Ducktoes

Ms. Ducktoes is all aglow because she received a Hallmark Card from a cyber-criminal!! And here it is:

Ms. Ducktoes has an admirer!

Ms. Ducktoes has an admirer!

But unfortunately, I can’t have a relationship with a man who wants to fill my computer up with spyware and viruses. It just won’t work. Tee, hee.

No, really I am excited, my duckies, I’ve been waiting to receive another one of these Hallmark Card e-card virus emails because I want to deliberately infest a computer and see what happens. I want to see what the current version is like.

Now you know what the fraudulent Hallmark card e-mail looks like. And if you get one, don’t you click the link.

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather