How to remove the hdd virus

This is what the HDD Virus (Malware) looks like

The HDD virus advertises itself as a legitimate program, a hard drive defragmenter, but it’s really malware. If you fall for their ploy while trying to defragment your hard drive, you won’t be the first, since we’re seeing many infected computers in the Ducktoes virus lab.

To get rid of HDD virus:

1. Download and run Malwarebytes. Click here to get Malwarebytes. If you have trouble downloading and installing Malwarebytes, start in Safe Mode, by tapping the F8 key while booting. Then pick “Safe Mode with Networking.” Either way, you’ll need to update and run the program. Restart the computer.

2. Next download and run either AVG or Avira. These are both excellent anti-viruses and both free for home use.

3. Then just to be safe, download and run Super-Anti-Spyware.

You should now be HDD Virus Free.

The next blog post will be about good, safe legitimate defragmenters, so stay posted.

If you’re having trouble removing viruses from your computer and you live in Calgary, come to our shop at 902 Centre St. NE right outside downtown or give us a call. We’re Ducktoes Calgary Computer Repair and Virus Removal.

Outside of Calgary, you can use Bleeping Computer to fix your computer for free.

If you need computer repair click here or IT business services click here.

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Fix the "Open With" Virus

I just fixed an odd virus: the “Open With” Virus. Everything I tried to open including my usual anti-virus programs prompted a dialog box asking what I wanted to open the AVG with. Of course that’s silly, you can’t open AVG with another program like Microsoft Word or Adobe Reader. It kept me from doing anything. That’s why it’s called the “Open With” virus. The virus asks, What would like to open that with? Oh, I think I’ll open Internet Explorer with Civilization 4 (I have sons). And I’ll open itunes with Instant Messenger. See, it doesn’t make sense, and moreover it doesn’t work, in fact nothing works, and you are stuck. You are deep in the doo doo of Malwareland.

A photo of giant turds from computer repair Calgary

You're in the deep doodoo of Malwareland.

Some techs say you have to reformat if you get this virus, but Ms Ducktoes hates that word “reformat”. I’ve seen it make a grown man cry. And then when he cries, I cry, and then I get a sinus headache and my mascara runs down my cheeks. So I find it much better and less embarrassing to do this instead:

Right click on the program you want to run, such as AVG. From the choices displayed, click on “Run as” and pick your own user. There’s a box you have to uncheck too. I ran AVG and it quarantined the virus. Then I was able to do the usual virus clean up.

A photo of infected computer from Calgary Computer repair

But if you don’t have an anti-virus on the computer already what do you do? Install Malwarebytes on another computer. You’ll get a set up icon on your desktop. Stick a flash drive (you can buy them at any electronics store) into the usb port and go to My Computer (Start > My Computer, or just “Computer” on Vista) and you’ll see all your drives, your hard drive or drives, your dvd player, and now the flash drive. Click on the flash drive. A window will open. Now drag the set up icon of Malwarebytes into the flash drive’s window. Remove the flash drive.

Then put the flash drive into the infected computer. It will probably have to install as a drive. Go to My Computer. Find the Malwarebytes set-up icon. Right click on it and “Run As” your user. Let it install and run and do it’s thing.

After that go to this page on my blog, click these words here and follow the rest of the instructions.

If you want, Ducktoes Computer Repair can fix your virus. Click here to read more about our remote service. Or click here to book remote appointment. http://ducktoes.com/book_online.php We’ll get back to you.

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather

Trojan Horse Clicker – No My Friend Flicka.

I just cleaned up a computer, an Acer laptop, that had tons of spyware and among them was Trojan Horse Clicker. To get rid of it and the rest of the spyware I did the usual:

1.First I ran Combofix. (I did this in Safe Mode with Networking.)

To get into Safe Mode, I had to tap F8 as the computer booted. If you tap at just the right time, a list of options in black and white is displayed on your screen. If you get the usual Windows boot up, you’ve missed Safe Mode so you’ll have to restart and tap again.

Pick Safe Mode with Networking. Then you’ll see a message asking if you’re sure you want to go into Safe Mode or if you’d rather use System Restore. Click yes you do want to go into Safe Mode. In Safe Mode you can then download and run Combofix.

When you get to the page, you’ll have to scroll down. I usually pick the Bleeping Computer link.. you’ll have to scroll down. It looks like this.

This is a photo of the Bleeping Computer website where you download Combofix.

Download Combofix here.

If you can’t download or run Combofix then you have very serious virus problems so see this post.

After I ran Combofix, enough spyware had been removed so that I could do the following in regular Windows mode.

2. Downloaded and installed AVG.

3. Downloaded and installed Malwarebytes.

4. Ran Malwarebytes. Malwarebytes caught quite a few Trojans. Also when I ran Malwarebytes, AVG’s residential shield caught a few more things that Malwarebytes going through the files seemed to stir up.

4. Ran a full scan of AVG. The AVG is what caught our friend Trojan Horse Clicker.

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather

How to Remove Starware

I removed Starware from a photographer’s computer this week. The computer was oppressively slow and Outlook was crashing a lot. My client couldn’t work efficiently, since the interruptions slowed down the work he could do in a day. He was sooo frustrated.

Starware took a tenacious hold of the operating system. It’d installed hundreds of registry keys, files, and applications. The apps were running in the background, making the compute insufferably slow. All for one harmless-looking toolbar.

If you must have a toolbar cluttering up your browser, use Google’s or Yahoo’s. And indeed, it seems you must have both of them, since they are omni-present, appearing out of nowhere onto your browser with one mindless click of the mouse. It’s hard not to have them, whether you want them or not. But I digress..

After removing Starware, the computer acted normally and Outlook worked again. The photographer could get on with his business.

Starware is a good name, since it was designed by someone much like a character out of Star Wars, not a hero like Hans Solo, but a Darth Vader who callously likes to muck up people’s lives and businesses by damaging their computers. Someone who’s sold out to the dark side.

To remove Starware, I used Malwarebytes. To download Malwarebytes, click here. Or go there by typing http://malwarebytes.org in your browser’s address bar. Be sure to update before you scan.

And take care out there.

Oh, baby, baby it’s a wild web.

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather

How to Remove Gaopdx

Hey the other night, I was at a house in Northeast Calgary that had a huge tv on the wall right in front of the computer. So I got to watch the Flames game while I fixed the computer which had the nasty and new Gaopdx rootkit. It was an exciting evening with a really close game on the wall, and a really close fight with the computer..We all won in the end, both the Flames and Ms. Ducktoes. I used Malwarebytes and Combo Fix to remove the potent rootkit.

Ducktoes is on her way, saving computers everyday!!! It took me a couple of hours since Gaopdx made the computer so slow. And the usual anti-spywares and anti-viruses didn’t work.

Malwarebytes removed these parts of the Gaopdx: Trojan.Agent and Trojan.DNSChanger, but not the rootkit itself. ComboFix removed the rootkit.

Since the malware would not let me download anything in Normal mode, I had to go into to Safe Mode to download both Malwarebytes and ComboFix.

This is what you need to do:
Click here to download Malwarebytes and here for ComboFix.

But if your browser won’t let you download them, then you’ll have to go into Safe Mode by restarting the computer. As the computer reboots, tap the F8 key several times. You should get a black and white screen listing several options. Pick “Safe Mode with Networking.” When Safe Mode starts Windows you’ll be asked if you want to continue. Pick “Yes.”

Now click here for Malwarebytes. Download the free version unless you’d like to buy the full one. It’s a great program. Then download and run ComboFix. There’s also a tutorial. Read it to learn how to run the program. ComboFix removed the Gaopdx rootkit completely.

Whew, that was a close one!!!

Facebooktwittergoogle_plusredditpinterestlinkedinmailFacebooktwittergoogle_plusredditpinterestlinkedinmailby feather