Hallmark Card Virus (Again) and the Evil AntivirusOn.com

[ad name=”new”]

Ms. Ducktoes really feels for the readers whose computers have the Hallmark card virus. So many of you are still coming to this blog for a fix. This has been going on for months.

Since so many of you are still getting infected, today I went on-line to do a more research. I was wondering if there were any new variants etc.

What I found troubled me:
This Google search result for "hallmark virus" leads to a Youtube video.

The links lead to a Youtube video which pretends to be a Tutorial but really is an ad for AntispywareOn.com, a rogue anti-virus site that will give you–you guessed it–more spyware and viruses. You can play the video without getting infected but don’t go to AntivirusOn.com. The video’s not much to see; it’s mostly obscured by big letters telling you to go to AntivirusOn.com. Click here to see the video.

Now here’s a video that’s more interesting. The video maker “Video search engine” infects a virtual machine with what you get on AntivirusOn.com and makes a video of the result. And, oh dear, the result looks surprisingly familiar: like another variant of the Windows XP Antivirus 2008/2009!

Ms. Ducktoes wants to stamp her (web) foot, she’s so sick of the Hallmark card virus and the Windows XP Anti-virus!!!

If you have the Hallmark virus, don’t go to AntivirusOn.com and even get more spyware and viruses. I’m sure some of you have already.

If you need to remove the Hallmark Card virus, the Windows Xp Anti-virus 2008/2009 or any other spyware, try this first.

If you already have bad spyware problems and can’t download the anti-spyware abovego here for a fix.

Good luck and as always your comments are most welcome.
[ad name=”new”]

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

Ad Agent BN

[ad name=”new”]

Ms. Ducktoes now has eat her words, and take back what she said about Grisoft’s free AVG 8 in her last blog. AVG has proved to be a real trooper (a State Trooper even or an RCMP Mountie!) against the criminal and fraudulent Ad Agent BN.

This week the malware has been extremely difficutl to get rid of. Ad Agent BN has been one of the worst.

Ad Agent BN was on a client’s computer, along with several other related Trojans. The client, a friendly twenty-something young man named Matt, had somehow gotten this rogue anti-spyware on his computer. At first the rogue program ran fake warning pop-ups on his desktop saying the computer had spyware. But much worse it then locked up the Matt’s Control Panel, Start menu, and Windows Explorer. Also Run and Search were not accessible.

Matt, a student, needed to turn in his assignments. They were not backed up. The computer was going down fast along with Matt’s marks. I took out the hard drive of his computer and connected it to another computer and ran Spy Sweeper, Avira, and Avast! on the mounted disk. They found several viruses and trojan horses. I also ran regedit by mounting the hive of the harddrive and deleted some infected keys. However when I reconnected the hard drive to Matt’s computer, the spyware and viruses were still there. And they were active!!

Ms. Ducktoes, now in a tizzy about Matt’s marks, not to mention his photos and music, had to do something more. Ducktoes to the rescue!

This is what worked. You can do it too:

1. Boot into Safe Mode with Networking. To do this: Restart the computer. Tap the the F8 key several times while the computer boots up. When you get to the screen with several booting options select Safe Mode with Networking.

2. After Windows starts, then download PC Tools Spyware Doctor, purchase, update it, and run the scan.

3. Restart the computer, let it boot into regular mode several times, restart it after each scan as Spyware Doctor recommends.

4. Boot back into Safe Mode with Networking. Download AVG free. Download AVG 8 free for home users.

5. AVG doesn’t update in Safe Mode. So restart the computer into regular mode. Update AVG. Now run Spyware Doctor. While Spyware Doctor is running the Avg Shields will kick into effect and remove the processes. Using the two programs together will get rid of the Ad Agent BN.

I know that the programs during install tell you that it’s not good to have two anti-viruses running at the same time but it worked!!

So I’m now using free AVG 8 again for all my clients.

Let me know–click the Comments link below– if this works for you.

[ad name=”new”]

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather

You have 1,238 spyware on your computer!! says Zlob


Zlob is a trojan horse. Trojan horses sneak into your computer disguised as something else. The Trojan horse Zlob masquerades as a codec, an application that decompresses videos and songs when you download them from the Internet. Without a codec, Windows Media Player can’t play the video or song.

Your computer gets infected when you try to download a video, but instead receive a notice that tells you that in order to play the video, you have to download a special codec.

You download the “special codec” in reality a Zlob Trojan horse–which immediately displays dire warnings usually from the right corner of the screen, where legitimate Windows update warnings typically are displayed. The Zlob warnings say in exaggerated language that your computer is infested with hundreds of spyware and malware and that the best remedy is an anti-spyware available for immediate purchase. This is really a rogue anti-spyware. If you are unfortunate enough to actually buy the rogue anti-spyware, it���ll fill your computer with a lot more adware. spyware, and malware.

Never buy an anti-spyware as a result of warnings that appear out of nowhere on your desktop!

To find out to get rid of your spyware click here.

To learn how to speed up your computer click here.

If you live in Calgary. Ducktoes can come to your business or residence to help remove Zlob. We do anti-spy without the data fry!! Call 403-483-0105.

Also to prevent most spyware use Firefox instead of Internet Explorer.
Download here.[ad name=”firefox”]

FacebooktwitterredditpinterestlinkedinmailFacebooktwitterredditpinterestlinkedinmailby feather