Earlier free AVG found numerous viruses and Trojans. Is it possible there are fragments left on laptop? The online scan at ESET showed about then variants of the Trojan “Viruits.” My home page has been replaced with a URL for Guarddog 2009 which is listed under AVG’s vault as dl.guarddog.generic13.ASQV.bm8 tem. In addition, my USB keyboard no longer works properly and my cursor acts up. Would you advise me to install a fresh copy of Windows or do full restore to factory setting to solve these problems? Is it safe to delete User Data found under Documents & Settings in C:/? Is it too late to use the Windows recovery disc?
Looks like you still have quite a few problems on your laptop, including remaining malware. Perhaps I should caution you to back up any data that you want to keep on the computer. Since it appears as if not all of the virus and malware infections have been removed from your computer, you will need to make sure that all of these malware entities have been removed before you reinstall, repair, or reformat the computer. If you don’t get rid of these infections first, then they will remain on the laptop, continuing to mess it up. After you get rid of all of the bad stuff, then you can take care of your Windows operating system. However, drastic measures such as reinstalling the operating system may not be needed once you remove these infections.
Scanning for Malware
One of the biggest problems with malware is that some of it slips by one anti-virus/anti-spyware application. This is why running two separate applications to remove the infections is a good idea.
- First, print these directions so you will have them to refer to. Then, close out all applications before running your anti-spyware/anti-virus applications. Hit the CTRL + ALT + DEL keys together to bring up the Windows Task Manager. It will show you if anything is still running on your computer. Simply select “Applications” in the upper left and close any programs that remain running.
- Run AVG again and see what it comes up with on the laptop. It is important to note that this application doesn’t always catch things like tracking cookies which are also know to disrupt mice, keyboards, web browsing, etc.
- Run a second application such as Anti-Virus PLUS, Ad-Aware, or PCTools to remove any remaining remnants of Trojans, spyware, or viruses. Anti-Virus PLUS offers a free scan and you can use this to see what type of infections remain on the computer. In particular, I’ve come across a lot of people who suggest that Malwarebytes does a good job of removing the KRYPTIK Trojan which you had listed in your original question. This should also remove guarddog2009.
- Reboot and run your anti-spyware/anti-virus applications again to ensure that all malware has been removed.
Repairing Windows
Before making the decision that you need to completely repair of restore the computer’s operating system, why not try cleaning the registry and checking the hard disk to repair important files? You can use a registry cleaner such as RegCure and the chkdsk utility that comes with Windows.
To use chkdsk, click Start→ click Run→ Type cmd→ press Enter. Type in chkdsk volume:/r in order to locate bad sectors, repair errors, and recover readable information.
Of course, you can always use the installation disks to complete a recovery. If you follow these directions, your documents and files will be saved, but you will have to reinstall any programs and modify your personal settings:
- Insert the installation disk into the CD drive while the laptop is on.
- Turn the laptop off.
- Wait a minute and turn the power on. The laptop should be able to boot up. If it doesn’t, press a keyboard key to get it to work/ follow prompts that appear/ try pressing “ESC” and “F1.”
- Don’t press the “R” option for the “Recovery Console.” Press the “R” to “Repair” your system when the prompt appears.
- Follow remaining prompts as they appear until finished.
Deleting User Data
User Data is created by Windows. It defines your User Profile and should not be tampered with unless you can identify it as data unnecessary for maintaining the profile.
Susan Keenan | June 23rd, 2009
You can leave a comment, or trackback from your own site.
Susan Keenan | June 23rd, 2009
Dear Admin Ms. Susan Keenan,
Your advice fed us once with knowledge to empower us to make
The Right Decision to fix that mess.
Alternatives we have explore through local involves mainly
Replacing our IDE ram to an upgrade of 160GB at about $100
from our current 65GB config, the process seems cumbersome,
almost tedious, compared to your recommended methods,
which brought a smile to mine & mine boyfriend’s face,
who exclaimed, We seems to have been assisted by a Samaritan,
though we met not in persons but on-line. Your advice has also affirmed us
not to be penny wise, pounds foolish as he(my boyfriend) feels that
Windows 7, is in Beta now, reviews have been good compared to Vista,
which is why we have not bought a new laptop yet.
We don’t know why you do, what you do at Filetonic,
But we Thank God that This site existed, even better,
They answer to your queries specifically and to great lengths I may add.
Sorry to have to bother you once more, but could you help explain
And try for a fix, with this boot up thingy we have been facing after
This virus attack, we attached a picture for better reference,
Before windows XP loads, this recent development came about
After we install fresh copy of windows XP to rescue, when boot up failed,
The warning prompt: Buxmpfile.bmp. Or something of its variation is missing.
Dear Susan K,
The local tech guy who does data recovery,
who had also provided us with an almost similar answer,
he mentioned since I had a memory running on
IDE and not SATA, upgrading memory is a tricky business since it may not read the full 160GB that is there,
he had also mentioned a SATA (UP GRADE Possible to 500GB ) build is better
over an IDE RAM.
can you help explain the difference in functionality, apart from pin difference.
Thanks for sharing and assist.
Blessed day with love,
GracieG & Ben
Hello, here’s some information that should help:
http://filetonic.com/blog/2009/06/29/missing-buxmpfilebmp/
and
http://filetonic.com/blog/2009/06/29/ide-vs-sata/
Thanks! The Filetonic.com Team
Follow us at www.Twitter.com/Filetonic