Resources

Earlier free AVG found numerous viruses and Trojans. Is it possible there are fragments left on laptop? The online scan at ESET showed about then variants of the Trojan “Viruits.” My home page has been replaced with a URL for Guarddog 2009 which is listed under AVG’s vault as dl.guarddog.generic13.ASQV.bm8 tem. In addition, my USB keyboard no longer works properly and my cursor acts up. Would you advise me to install a fresh copy of Windows or do full restore to factory setting to solve these problems? Is it safe to delete User Data found under Documents & Settings in C:/? Is it too late to use the Windows recovery disc?

Looks like you still have quite a few problems on your laptop, including remaining malware. Perhaps I should caution you to back up any data that you want to keep on the computer. Since it appears as if not all of the virus and malware infections have been removed from your computer, you will need to make sure that all of these malware entities have been removed before you reinstall, repair, or reformat the computer. If you don’t get rid of these infections first, then they will remain on the laptop, continuing to mess it up. After you get rid of all of the bad stuff, then you can take care of your Windows operating system. However, drastic measures such as reinstalling the operating system may not be needed once you remove these infections.

Scanning for Malware

One of the biggest problems with malware is that some of it slips by one anti-virus/anti-spyware application. This is why running two separate applications to remove the infections is a good idea. 

1. First, print these directions so you will have them to refer to. Then, close out all applications before running your anti-spyware/anti-virus applications. Hit the CTRL + ALT + DEL keys together to bring up the Windows Task Manager. It will show you if anything is still running on your computer. Simply select “Applications” in the upper left and close any programs that remain running.
2. Run AVG again and see what it comes up with on the laptop. It is important to note that this application doesn’t always catch things like tracking cookies which are also know to disrupt mice, keyboards, web browsing, etc.
3. Run a second application such as Anti-Virus PLUS, Ad-Aware, or PCTools to remove any remaining remnants of Trojans, spyware, or viruses. Anti-Virus PLUS offers a free scan and you can use this to see what type of infections remain on the computer. In particular, I’ve come across a lot of people who suggest that Malwarebytes does a good job of removing the KRYPTIK Trojan which you had listed in your original question. This should also remove guarddog2009.
4. Reboot and run your anti-spyware/anti-virus applications again to ensure that all malware has been removed.

Repairing Windows

Before making the decision that you need to completely repair of restore the computer’s operating system, why not try cleaning the registry and checking the hard disk to repair important files? You can use a registry cleaner such as RegCure and the chkdsk utility that comes with Windows.

To use chkdsk, click Start→ click Run→ Type cmd→ press Enter. Type in chkdsk volume:/r in order to locate bad sectors, repair errors, and recover readable information.

Of course, you can always use the installation disks to complete a recovery. If you follow these directions, your documents and files will be saved, but you will have to reinstall any programs and modify your personal settings:

1. Insert the installation disk into the CD drive while the laptop is on.
2. Turn the laptop off.
3. Wait a minute and turn the power on. The laptop should be able to boot up. If it doesn’t, press a keyboard key to get it to work/ follow prompts that appear/ try pressing “ESC” and “F1.”
4. Don’t press the “R” option for the “Recovery Console.” Press the “R” to “Repair” your system when the prompt appears.
5. Follow remaining prompts as they appear until finished.

Deleting User Data

User Data is created by Windows. It defines your User Profile and should not be tampered with unless you can identify it as data unnecessary for maintaining the profile.

My computer is infected with a nasty program that denies all attempts at downloading malicious program removers as well as updates for Java, Shockwave, and Flash player. Microsoft is no help, as when directed to the download page, the malware blocks access to the web page with a 403 error. Adobe seems to have the gold bar popping up at the top of the screen being blocked all the time. Trying to watch or chat to others seems impossible.

New Breed of Malware

Malware makers have been tweaking their malicious programs so that they disable access to security sites. By blocking access to security sites, the malware is protecting itself. After all, if you can’t download a malware remover, then the malware gets to hang out on your computer until you figure out a way to remove it. Typically, malware that blocks access to these sites does so by either modifying the system’s host file or the DNS cache.

Working Around the Malware Modifications

Now that we know how the malware blocks access, we can work around it by stopping the DNS Cache service and editing the system’s host file.

Stopping the DNS Cache Service

Stopping the DNS Cache will most likely make your Web browsing experience slower than normal. Don’t worry, this is temporary. Once you reboot your computer, the service will be restarted and your browsing will return to normal.

• Go to Start, click on Run, and type: cmd
• Click OK
• Once in the Command Prompt window, type in: net stop dnscache
• Press Enter
• Type: exit
• Press Enter

Editing the System Hosts Files

• Go to Start > Run
• Enter: notepad.exe %windir%\system32\drivers\etc\hosts
• Look for websites listed under “local host” (the second column) and delete any lines containing legitimate computer security websites. For example, if you see Symantec.com, Norton.com, McAfee.com, Trendmicro.com, or Microsoft.com, these are all being blocked by the malware. Delete the entire line.
• Click File > Save.

Update Your Security Software or Download a Malware Remover Tool

Now that your computer is no longer blocked, either update your existing security software or download a malicious software remover tool, making sure that you have the most current updates available, and then run a complete system scan. Hopefully the computer security software will detect the virus and remove it. Reboot the computer to restart the DNS Cache service.

Adobe Updates

Now, on to that “gold bar” when trying to update Adobe products. I believe that this is separate from your computer virus. Usually this bar indicates that the Web site needs to install an add-on such as an ActiveX control before you can proceed. For example, if you were to try to download Adobe Reader, you’ll get a message in a gold bar that says, “This Web site wants to install the following add-on: Adobe DLM from Adobe Systems Inc…” This is a fairly standard practice and has to do with the Web browser’s security settings. If you know and trust the site, clicking the gold bar allows the installation to continue.

Once you have the virus cleared up, let us know if you are still having trouble using Internet chats and we’ll tackle that problem next. It may be related to the virus, so hopefully a good cleaning will do the trick.

How can I get rid of some viruses on my computer?

Removing Computer Viruses

Several options are available for removing computer viruses including doing it yourself, using a remote technical support service, or taking your computer to the local computer shop. Each of these options has their pros and cons. For example, doing it yourself is the least expensive option but often frustrating and time consuming. Remote services are nice for those who want someone else to take care of the task, but if the computer is severely infected, connecting to the remote service may be problematic. Local computer shops require lugging the computer to the shop and leaving it for a few days.

What each of these methods has in common is the use of antivirus software. Whether you do it yourself, allow a remote technician to install the software for you, or go to a computer repair shop, the viruses on your computer will most likely be detected and removed by software.

With this in mind, if you choose to do it yourself, obtaining a good antivirus application is the solution. If you currently have a reputable antivirus program on your computer such as ParetoLogic, McAfee, Norton, or Trend Micro, update the software and run a full system scan.

If you do not yet have a good computer security product, we recommend going with a tried-and-true antivirus application rather than randomly clicking popup ads for free antivirus programs. While some of these ads are for legitimate programs, enough of them are malicious and it’s often impossible to tell the difference. For recommendations of specific programs, go to our 2009 Antivirus Reviews section. Most are reasonably priced, some are free, and many provide real-time protection against viruses and spyware.

Update Antivirus Software First

No matter which antivirus program you choose, make sure to update it before running a system-wide scan. Updating the software ensures that you have the latest protections and gives you the best chance of finding as many viruses as possible.

Run the Antivirus Scan

Close all programs and run a full system scan. Do not go for the quick scan if prompted. You want to scan everything! When the antivirus program finds a virus, it will quarantine or delete it.

Click here to scan your computer for viruses

Virus scans are so named because at the time they were developed computer viruses were the biggest threat to personal computers and so the protective software was designed exclusively for viruses.

These days antivirus software looks for and eliminates many kinds of suspicious or malicious code that might have infiltrated and infected you computer. Malicious programs include viruses, Trojans, worms, adware - that installs pop-up ads - and spyware - that tracks your browsing habits and records the website you use.

Whereas viruses are designed to multiply, infect and destroy files other threats like worms and Trojans can creep in the background of the computer system and open ports for external remote control, access personal information and route spam through the IP address. In order to address the different modes of operation of different malware antivirus programs use two different approaches.

First the program scans the files and compares them against a list of known viruses. Antivirus programs use a virus dictionary and compare code on the computer against the list of known viruses. If any infectious code is found the program can first attempt to repair the file by eradicating the virus itself. If it is unsuccessful the antivirus can quarantine the file, isolating it so that it cannot spread to other files and will then prompt the user and ask what to do. Some antivirus software programs will delete the infected files without waiting for the command so it is important that you understand the specifications of the program you install.

It is possible that a virus can contaminate data files stored on your system and corrupt or infect them. If the virus scan detects and deletes the file you can lose data. For this reason it is a good idea to save back up copies of all your important or personal information on a removable device like a USB stick or a disk.

Once you have installed antivirus software on your computer you can set the specifications to run automatically at set intervals as well as run manual scans periodically or when you download new files from outside sources.

Virus and other malware writers are constantly coming up with new and more sophisticated code. In order to stay up to date it is important to check the software vendor’s website often for updates.

As well as looking for code that matches its dictionary definitions, virus scans also check the computer’s performance, looking for any suspicious or unusual behaviour. If you run Windows operating system you can check yourself to see what programs are running on your computer and what programs are launching automatically when you boot up your computer. Viruses and malware often infiltrate these locations, running code and initiating applications without the user’s permission or knowledge. To check what programs are running in the Control Panel, in Administrative Tools, Services you can see a list of the programs that your system is running. To check your auto-launch list go to the Start Menu, Run and type misconfig.

Antivirus software is really important if you use your computer to browse on the Internet, download files and/or email attachments and other software programs.