LandzDown Forum

I am coming here from the Gardenweb.  Yesterday I found the above problems.

I downloaded and installed Avast, and already had malwarebytes and adaware.

I started full scans of my spyware/malware programs last night to try to identify and clean out this virus, which I also got in the course of a recipe search, apparently from the Food Network.

Unfortunately my son got up this morning, saw my netbook sitting there with the clamshell up, thought I'd left it on by accident, and shut it down.

Now it won't boot, not even in safe mode. I know the winlogon.exe file was corrupted and had scheduled a boot scan in Avast, but what it does now is cycle constantly between the blue screen with a message that flashes past far too quickly for me to read it, and the windows boot screen. It never comes up.

Since it was shut down before I got up this morning, I also didn't get to write down my XP license number, so even though I have access to an external DVD and an XP installation disk, I DON'T have a valid license # to enter.

I fear my netbook is bricked, all because of a recipe for apple streusel pie.

If I can't get it to boot I can't provide any of the log files you guys want, so it may just be permanently bricked at this point.  With only 2 GB of onboard memory I doubt I could run Win7 even if I wanted to pay for the license (a new netbook would probably actually be cheaper).  I don't think I can even get an XP license anymore (although I had a valid copy on there I don't have the license # written down).

If there's any help you can give me I'd appreciate it.

Thanks.

Hi, Sojourner.

If you cannot get to safe mode, normal mode or "last known good configuration", I can't give you tools to run.  However, you may want to try a Kaspersky Rescue Disk:  http://support.kaspersky.com/viruses/rescuedisk?level=2

If that isn't successful, another option to try is to Perform a Repair Installation. 

You may be able to access the license key via a Ubuntu CD Saving files on a corrupt OS

To boot from CD, place the CD in the tray, restart computer and either tap repeatedly the Boot Menu key given on first screen to choose CD drive, or see if it prompts you to Press Any Key to Boot CD - if not, set CD drive as first to boot in BIOS setup also listed on first boot screen.

Hi, Sojourner.

I am sorry to hear you have been ill and hope all is well now. 

Since you have USB ports and access to a second computer, see if the Microsoft Standalone System Scanner will run.  Note that it will wipe everything off the flashdrive so be sure there isn't anything there you want to keep.  See my tutorial at Setting Up the Microsoft Standalone System Sweeper Beta.

Apparently the eeePC should be recognizing my flash drive within the BIOS, but it does not.  I'm not sure what "Removable device" really is, but apparently it's NOT the Flash drive.

Is there a way to get the sweeper onto an SDHC card instead of the flash drive?  Maybe I can get it to see that ...

So far, you've walked yourself through it.   

If you still cannot boot the eeePC normally after running the System Sweeper, try the Kaspersky Rescue Disk.  It can be installed on a Flashdrive:  http://support.kaspersky.com/faq/?qid=208282163

OK, successfully ran the System Sweeper and it found 3 instances of Bamital, A virust tool called JS.OBFUSCATOR.AG, a Trojan Downloader called Java.openconection.EE, and a Java exploit called CVE-2010-0840.W.  Disinfected the 3 instances of Bamital and removed the rest, reported success.

Currently I am updating my onboard virus software pursuant to running that again, but the little Netbook is now booting again.

Can you help me to identify which files are needed to keep the System Sweeper up to date?  I've not been able to find that out on the MS website, they don't seem to list it or it's updates with the rest of the security software and searches just send me to the other security software.

Thanks for the help.

Dang, sorry about that.  Hovering doesn't show me the actual name of the file.  Unless you actually click one of those links you don't get to see the file name.  I misinterpreted the redirect as the file name so I thought I wasn't in the right place.  My bad.  Downloaded the right one, I'll install and rerun tomorrow.  Thanks.