Ad Agent BN

[ad name=”new”]

Ms. Ducktoes now has eat her words, and take back what she said about Grisoft’s free AVG 8 in her last blog. AVG has proved to be a real trooper (a State Trooper even or an RCMP Mountie!) against the criminal and fraudulent Ad Agent BN.

This week the malware has been extremely difficutl to get rid of. Ad Agent BN has been one of the worst.

Ad Agent BN was on a client’s computer, along with several other related Trojans. The client, a friendly twenty-something young man named Matt, had somehow gotten this rogue anti-spyware on his computer. At first the rogue program ran fake warning pop-ups on his desktop saying the computer had spyware. But much worse it then locked up the Matt’s Control Panel, Start menu, and Windows Explorer. Also Run and Search were not accessible.

Matt, a student, needed to turn in his assignments. They were not backed up. The computer was going down fast along with Matt’s marks. I took out the hard drive of his computer and connected it to another computer and ran Spy Sweeper, Avira, and Avast! on the mounted disk. They found several viruses and trojan horses. I also ran regedit by mounting the hive of the harddrive and deleted some infected keys. However when I reconnected the hard drive to Matt’s computer, the spyware and viruses were still there. And they were active!!

Ms. Ducktoes, now in a tizzy about Matt’s marks, not to mention his photos and music, had to do something more. Ducktoes to the rescue!

This is what worked. You can do it too:

1. Boot into Safe Mode with Networking. To do this: Restart the computer. Tap the the F8 key several times while the computer boots up. When you get to the screen with several booting options select Safe Mode with Networking.

2. After Windows starts, then download PC Tools Spyware Doctor, purchase, update it, and run the scan.

3. Restart the computer, let it boot into regular mode several times, restart it after each scan as Spyware Doctor recommends.

4. Boot back into Safe Mode with Networking. Download AVG free. Download AVG 8 free for home users.

5. AVG doesn’t update in Safe Mode. So restart the computer into regular mode. Update AVG. Now run Spyware Doctor. While Spyware Doctor is running the Avg Shields will kick into effect and remove the processes. Using the two programs together will get rid of the Ad Agent BN.

I know that the programs during install tell you that it’s not good to have two anti-viruses running at the same time but it worked!!

So I’m now using free AVG 8 again for all my clients.

Let me know–click the Comments link below– if this works for you.

[ad name=”new”]

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

Make Sure your Anti-virus is Working

[ad name=”new”]

Now Ms. Ducktoes wants you to be a get all your ducks in a row and make sure your anti-virus software is working, or if you’re too much of a newbie to understand or know what you’re doing yet, get a friend or co-worker to help you. And to train you. Or hire a techie to check it and train. Ignorance is not bliss when it comes to computers.

1. Make sure your anti-virus is downloading updates regularly and running scans automatically and that if it is a paid subscription, that you have paid on time. Don’t be without working anti-virus software for one nano-second. It is like tossing your computer out a second story window. The result’s not pretty. If you are fond of your computer or what is on it, take charge.

Also a reader of this blog who really knows his stuff has recommended Avira for an excellent anti-virus software. Here’s the link. I used it on a client’s computer and it worked well. It found and removed viruses and didn’t use up all the computer’s resources. That’s called having a small footprint. And it’s free for personal, home use. Don’t put it off. Here’s a link to his comments (you’ll have to scroll down).

2. Also use a different browser besides Internet Explorer. Use Firefox or Opera.

3. And after you have done all that, get anti-spyware too. Click here to see how to do that.

Anti-virus, anti-spyware, Firefox or Opera, and you’ve protected your computer, your wallet, your identity.

For more information click here.

For you techies among my readers, always make sure the client has working and up-to-date anti-virus and anti-spyware. Do this check as part of your routine. Tell them where they are amiss and install both if necessary. I recommend both manual anti-spyware such as Spybot and Ad-aware SE and one that runs in real time. Read the next post on this blog for more hints for techies.

As always Ducktoes to the rescue!! If you live in the Calgary area give us a shout or even if you don’t.

Ta ta for now.

[ad name=”new”]

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather


Today I’m removing (from an Acer laptop) a trojan called Win32.Renos. It causes false alerts on the desktop purporting to be from Windows. If you click on the alert, the trojan then downloads a rogue anti-spyware called Win SpyControl, AntiSpy Kit, and Virus Ranger.

The alert looks like this or some other warning:

This is a photo of the alert that Win32 Renos causes to pop-up on your desktop.

This is a photo of the alert that Win32 Renos causes to pop-up on your desktop.

The rogue anti-spyware seems to be associated with the Zlob download trojan too and a web address (Warning, don’t go to that site!!)

I removed it using Spy bot and Spyware Doctor.

Here’s what Microsoft says about this spyware. Microsoft associates Win32.renos with SpySheriff group of rogue anti-spyware products.

Whichever rogue anti-spyware Win32.renos is linked to, they all do the same thing. They attempt to get you to download and pay for bogus anti-spyware that is really spyware itself. This is fraud. It also infests your computer with lots of dangerous spyware.

Ducktoes to the rescue!! Please leave a comment if you have more to add about this problem or any questions.

This is a photo of the alert that Win32 Renos causes to pop-up on your desktop.

This is a photo of the alert that Win32 Renos causes to pop-up on your desktop.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

An Excellent Spyware Reference

[ad name=”new”]
I’m excited!! I’ve been reading the article on Spyware in Wikipedia. It’s excellent. If you want in depth knowledge about what malware is and does, read it.

The photo on the page shows a browser overloaded with toolbars. If you have unwanted toolbars on your browser window then that is one indication you have spyware. See here how to get rid of it.
Or if you live in Calgary, Ducktoes can help.

[ad name=”new”]

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

You are NOT my Sunshine, my Only Sunshine

A new rogue anti-spyware has just crested over the cyber-horizon. By rogue anti-spyware, I mean a program that is supposed to get rid of spyware, but is actually spyware and malware itself. SunshineSpy is this decidedly unsunshiny program.

SunshineSpy gives you fake infection warnings and dire security alerts and uses rootkits to hide its dastardly and fraudulent doings from legitimate anti-spyware programs. It preys on the newbie and untrained computer user.

It is surprisingly easy to get rid of, however. Just go to your green start button on the bottom left of your computer screen. From there go to Control Panel and then to: Add and Remove Programs. From the list of programs that will eventually appear find SunshineSpy, and click the button to remove it. Restart your computer.

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather