Need help. Would really appreciate it!

[05VIII]

First, I would like to apologize if this is the wrong section to post. I read the stickies but they say to install certain programs on the infected computer and run them but I can not get access into it.

well. I think my netbook is done unless someone here can help.

Its an eee pc 1000hd running XP(thats all I know about it lol)

Ill start from the beginning. I made a very dumb decision by clicking on a link without knowing what it was. A few min later Bitdefender out of no where pops up a message saying something is wrong with the antivirus and I need to reboot. I shut down my netbook for a few min to cool down since it was getting hot anyways and when I hit the power button nothing happened. It goes to a black screen with an underscore flashing. looks like this _ and it just sits there and flashes and wont boot. So I removed the hard drive and used one of those sat usb cables to hook it into a borrowed netbook to try and scan it with a different antivirus. I am currently typing this on the borrowed netbook and it has a bitdefender trial but scans to drive D and E (which are what pop up once the bad HD is plugged into the borrowed netbook) come up with ZERO infected files. Weird thing is that the second I plug the bad HD into this netbook bitdefender has a pop up saying it has blocked 2 possible trojan/virus Rootkit.Tdss.AW accessed by mbamswissarmy.sys on both E: and D: locations.

Im completely lost on this as multiple virus scans come up empty. Does anyone have an idea on what I could try to fix it? I know a little bit about computers but not enough to fix this my self. I am a fast learner though so I will try my hardest to follow any directions/advice exactly as given. If Malwarebytes Anti Malware can completely cure my problem I will not hesitate to purchase a full license. I have a lot of flies/pictures I do not want to lose and a huge music collection I have spent some time building. Also has some programs I purchased that I would not like to purchase again if I dont have to. So, If theres anyone that has any suggestions I would LOVE to hear them. Thanks in advance.

[LDTate]

Can you access the infected hard drive while it's plugged into the other computer?

Can you copy files to it?

Do you have a Windows XP OS CD?

[05VIII]

Can you access the infected hard drive while it's plugged into the other computer?

Can you copy files to it?

Do you have a Windows XP OS CD?

yes I can access it.

yes I can copy files to it.

and no, I do not have an xp os cd. This netbook I bought didnt come with any cd's. Doesnt have a cd drive anyways.

[LDTate]

Please don't attach the scan results, use Copy/Paste

Download the tools needed to a flash drive or other USB device, and transfer them to the infected computer.

If the tool won't run from the desktop, try running it from the USB device.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

Please download GooredFix from one of the locations below and save it to your Desktop

Download Mirror #1

Download Mirror #2

• Ensure all Firefox windows are closed.
  
• To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  
• When prompted to run the scan, click Yes.
  
• It doesn't take long to run, once it is finished move onto the next step
  

Next:

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

• Please download

TDSSKiller.zip

• Extract it to your desktop
  
• Double click TDSSKiller.exe
  
• Press Start Scan
  
• Only if Malicious objects are found then ensure Cure is selected
  
• Then click Continue > Reboot now
  

[*]Copy and paste the log in your next reply

[*]A copy of the log will be saved automatically to the root directory, root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

please post the contents of that log TDSSKiller log.

[LDTate]

Those need to be run from the Infected drive

[05VIII]

I read all that before posting but thats where I get confused. Since the infected hard drive is out of the netbook and I am using a cable to plug it into a working netboook, how am I supose to run programs on the infected hard drive? I downloaded gooredfix and moved it over to the infected hard drive but when I click it to run, it scans the working netbook and not the infected hard drive. How can I make it so it scans the bad hard drive?

[LDTate]

That is a problem.

Do you have MalwareBytes (MBAM)?

If you select Full Scan, it will let you select the dives to scan

[05VIII]

Yes I do. Let it run earlier and it cleared a bunch of stuff. But problem is still there. I have it scanning again but its more then half way done with zero issues.

[LDTate]

I don't know if TDSSKiller scans all drives for RootKits or not, but wouldn't hurt to run after MBAM completes.

So if I understand what's happening, if you plug the infected drive back into your laptop, you don't get anything?

[05VIII]

I have tried TDSSKiller with no luck. But ill try again after scan completes.

Correct. MBAM finshed its scan and cleared up a lot of stuff. I took the hard drive and plugged it back into its original netbook, started it, and still stuck. When I hit power, it instantly goes to a black screen with an underscore flashing and does not do anything else.

When I take the infected HD and plug it into the working netbook, I still have bitdefender pop ups saying they have blocked Rootkit.tdss.aw

[LDTate]

Without a CD drive you have very limited options.

[05VIII]

Maybe I can use a cd drive from an old desk top I got. I can prolly use that sat to USB cable since it has a few different adapters. Only thing is if I do that, I will only have access to one thing at a time. Either infected hard drive or cd drive. Will that work? Or do I need to use both at the same time? I'll go out and buy a cd drive or another USB adapter If its needed. I really don't want to lose my hard drive!

What do you think?

[LDTate]

You need two things.

A CD/DVD drive to boot from which will also require the Windows OS that matches the OS that was installed on it.

Is it the data that's on the drive you're concerned about or the drive itself?

Will the infected drive mount in the old desktop that has a CD drive?

[05VIII]

Oh, I don't have the original windows OS. this netbook which I bought brand new from best buy didn't come with cd's or anything. Manual doesn't say anything about it either. More concerned about the data but I would really hate to lose the hard drive. I know I can probably pull out all my files but that would be very time consuming.

I don't think the infects hard drive will work in the desktop since the desktop is much older but I will try it.

Or should I even bother if I don't have the original OS?

[LDTate]

What brand is this laptop?

Even the laptops that don't have a internel DVD drive comes with an external one.

First thing I'd do is go back to Best Buy and ask why you didn't at least get a restore CD.

Why they would sell you a computer that doesn't have a CD/DVD drive baffles me.

How would you install anything?

I would NOT let them have the laptop because all they will do is reformat it and you'll loose everything.

[05VIII]

Well if it makes a difference this isn't a laptop. It's a Netbook. I don't think most netbooks come with cd drives.

It's an EEE PC1000HD.

just noticed on the bottom of it there is a sticker that has the product key and says proof of licens. That won't be much help will it?

[LDTate]

just noticed on the bottom of it there is a sticker that has the product key and says proof of licens. That won't be much help will it?

Not without a drive and the OS

[LDTate]

It has to have an option to add a external Cd/DVD drive.

Look in the paper work that came with it or contact Best Buy or the manufacture.

[05VIII]

This totally sucks. So im pretty much screwed?

What would be the best way to go about this then? Should I purchase a new netbook or laptop that comes with a restore cd for future assurance and transfer everything over? Or would it just be cheaper and easier to get a new hard drive and purchase a new OS?

Thanks for trying to help.

[05VIII]

It has to have an option to add a external Cd/DVD drive.

Look in the paper work that came with it or contact Best Buy or the manufacture.

Yea, I'm pretty sure I can use a cd drive with it but the problem is I don't have an OS disk.

[LDTate]

I would find out if I could purchase a external CD/DVD drive for your notebook.

If you can find the manufactor name of the notebook, contact them or ask Best Buy, they sold it to you.

At the same time, ask Best Buy why you didn't get a Windows restore CD. You have a right to one and your Windows product key is on the computer.

If you can't get the Windows Restore cd from them, complain to the manufactor and contact Microsoft.

This is a free service and toll-free call.

1-866-PCSAFETY

or

1-866-727-2338

It is available 24 hours a day for the U.S. and Canada.

For support outside the United States and Canada, please contact your Microsoft Help and Support worldwide. Go to this page and choose your region from the box in the upper right corner: http://support.microsoft.com/?pr=SecurityHome

[LDTate]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!