Hello, everybody. I am new here. The computer has a virus that prevents it from booting up. I've tried to start safe mode, same w/command prompt and safe mode w/networking. It always tries but shuts down. Last I saw/did before darkness fell was Comodo's report of "malicious" C:\Program Files\WSN\WSN.exe file. I found it (at that moment Safemode still worked) and deleted it. Then I tried to restart in safe mode w/networking to get some more tools but now nothing runs anymore. No Last Good nor anything else. I have been to boot order to try to reinstall XP altogether from CD. However, it will not run from CD even when it is set as first boot option. What is left?
You may have a hardware problem that needs to be fixed before you can reinstall XP. Do you have any other boot discs you can try, such as a Linux disc?
No, I don't. Only the XP installation disk.
But there is a virus problem that progressively took over the machine. This laptop belongs to a friend of mine and there was no adequate protection. When I got it to my hands it refused to download antivirus programs but I got through Comodo Firewall that has Defense+. When I had to stop for the day I turned it off but after that it would not turn on anymore in normal mode. I checked the boot order and made sure it would boot from the disk if I needed. Then I went to safe mode and was able to see that Comodo had immediately identified as malicious C:\Program Files\WSN\WSN.exe file. Still in safe mode I found it and deleted it. Then I thought that maybe now I can connect in and (my mistake) booted in normal mode in order to download something more. Would not run and when I tried to run it again in safe mode it would not do even that. I tried all the options as I mentioned and nothing run. Then I decided just to reinstall XP again and you know the rest.
Hello again. I created a bootable AVG rescue USB and something unexpected happened. I do not understand it, I can only tell how it went. I plugged in USB and got the boot order to start with it. I expected USB get started and assumed I would be working with it. But when I turned the machine on it started booting Windows XP in normal mode (!?) Things were moving very slowly but I was able to find ClamWin installed in the computer and it found TrojanDropper-15811 in several locations. Also it identified Adware NN_1A.tmp\upgrade.exe and Adware NDNuninstall_6. This scan took 12 hours.
After getting those out of way I was able get connected and downloaded AVG which found 19 infections more, mainly adware. Right now I am getting updates to the system (it was way behind) and plan to check things out with MBAM before restarting.
I am still fighting with these viruses. After my last post I was able to install AVG 2013 which found more malware. Downloaded MBAM which found nothing more. I thought things were on brighter side but machinbe was still a bit sluggish. Used my Emsisoft emergency kit on USB, (it now has dual engine). It's deep scan found "Trojan Qhost. LXE (B)", "Generic.Malware.SBEq.7660772E(B)" and several trace files.
Interestingly, when I pinpointed MBAM to the file where Trojan was found MBAM said the file was clean! AVG missed it also; actually twice since since I run AVG again and it didn't find any of these baddies I mention above. However, when Emsisoft tried to clean out what it had found apparently these viruses fought back since the machine just shot down again. Have not turned it on since then, because I need to do more research before the next round in the battle.
This machine is a real example what happens when the owner does not have an adequate defense installed and the whole village of malware takes over.