Start up problem?

[SwimChao]

When I started up my computer this morning, window after window that said "Cannot find specified path" or something along those lines. They were opening and closing for me to get a good look.

However, I do know that they looked like the window prompted once you use the "run" command. It had a black background and a basic blue window bar.. I can't be any more descriptive than that.

Any suggestions? Is this a virus problem?


Oh, along with that I'd like to say I randomly couldn't log on my MSN yesterday.. Which leads me to believe the password may have been stolen somehow and changed. Could these problems be linked?

 

[Bobbye]

You could start looking for the problem by doing the Steps here:
https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/

Attach the logs when through for review. If you suspect a password may have been stolen, the sooner you find the malware, the better.

I am not entirely sure from your description whether you can boot into Normal Mode and/or Safe Mode, so you'll need to clarify that.

 

[SwimChao]

Here are two of the logs. I don't mean to come off as ignorant by not including the MalwareBites log, I just haven't gotten to running that yet.

I apologize, and will post that soon. Hopefully you can review these logs and pick something out of them.. Then tomorrow I can run MalwareBites.



If need be, I'll run them all again at the same time.

 

[kimsland]

Hijackthis must be run last, ideally after restart then run
Then attached to a new reply (alongside Malwarebytes and SuperAntispyware)

 

[Bobbye]

It's nice to 'see' you again Adam. It's been a while, so that's a good thing!

We run the programs in this order to allow Malwarebytes and SuperAntispyware to find and remove most of the malware. Each has a line telling the user to check the items for removal. Then we have you run HijackThis to see if there are any related entries to be removed or any entries that may be inappropriate.

We don't want you to review the logs and remove entries yourself- only allow the cleaning programs to do it. Most of the entries you will see in HijackThis are normal, legitimate entries. But we review the log for remaining inappropriate entries and give you instructions on handling those entries. We also determine if additional program need to be run.

I checked both of the logs you left and noted you are not overrun with malware, but there is some shown. So running the programs and including Malwarebytes will make sure it's been removed.

About the black screen: I see the entry>>
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
This is for the D-Link-Wireless DWL-122 Adapter Software. Make sure the router is okay be disconnecting it and connecting the cable directly into the computer, by passing the router. If this works, the adapter may have gone bad.

Update Java:

Your version of Java is now outdated. Java vulnerabilities are commonly exploited by viruses so I strongly recommend you update. Click here to download the latest version of java ( Java Runtime Environment (JRE) 6.0 Update 13 ): http://java.com/en/download/manual.jsp
Please install it and then reboot your computer.

Remove the older versions of Java:

1. Click Start, Control Panel, Add/Remove Programs.
2. Delete all Java updates except J2SE Runtime Environment 6.0 Update 13

 

[SwimChao]

Hey! Glad you remember me. Not so glad I have to come back here, better safe than sorry though.

I've run the programs and attached the following logs. However, I couldn't identify the Java gear quite accurately. I've posted a screenshot below. Any help would be much appreciated.

Edit: I didn't run SUPERAntiSpyware again, should I? Sorry if I'm being inconvenient!

 

[kimsland]

You don't need to select the current Java version (Version 6 Update 13)
As the link in the 8-Step guide just updates it, what ever the new version is.
Imagine if we replied it's Version 6 Update 13, and then if it changed tomorrow, and replied back tomorrow too. You can see how this can get confusing.

Just update Java as per the guide.

Regarding your Malwarebytes scan
Your database (update basically) is also old. And too old, I'd say about a month possibly 2 weeks old.
You need to update this as well, before running the scan
As I can only presume that you have also done the same for the missing Superantispyware scan. I'd say update and run that too.

Just thought I'd let you know for your benefit



Just thought I'd check your HJT log (really for fun, I know it's sad that logs are fun in my mind)

Anyway, "Platform: Windows XP SP1"

Um !
That's old, I mean way old. I'd be surprised if programs actually work on SP1, anyway, why have you only got SP1 ? I think it's close to 7 years old now!

 

[SwimChao]

Makes sense! I'll handle that.

Well, that's strange. Maybe I didn't update it enough. I assumed that after the first update it gathered all the data and updated at once.. I'll make sure they're updated and run them again tomorrow.


Also, as for running SP1.. I've never been extraordinarily tech savvy and have always been a tad hesitant to upgrade. Automatic updates and things of that sort have been disabled on my computer for as long as I can remember.. so..

 

[kimsland]

Yes I see that:

Your system needs to be updated with the latest updates from microsoft.

Thanks for reminding me about the system : )

Actually seeming the Service Packs are:

• free
• improve performance
• secure your system
• make compatible for new programs

And probably a stack of other advantages that I'm sure I could round up for you.
I have to say that anyone who wants to keep SP1 is either crazy (you're not crazy are you?)
Or they are not running a legitimate version of Windows :/ !

By the way, having this SP1 only issue is also going to continue to allow more malware and further insecurities for you.

Here's the best answer. Take note, this will make life much easier for you, imagine even going to MS sites and downloading anything you like (legally)

XP Home: http://www.newegg.com/Product/Product.aspx?Item=N82E16832116511

 

[Bobbye]

Got to update that in my files! Gad, seems like Java updates frequently.

Adam, it looks like you already updated Java to v7u13, but you need to uninstall any earlier versions all the other versions in Add/Remove Programs in Control Panel. Once Java updates, the earlier programs become security risks.

Going by the Java screen shot, it looks like you still have v6.u13 installed and JRE 2 and v6u4 setup files maybe saved to your desktop? You can delete the saved setups and uninstall the other 2.

kimsland, the date for the Mbam logs is today: 4/1/2009 8:08:59 PM
mbam-log-2009-04-01 (20-08-59).txt and the date io the HIJK logs is
Scan saved at 9:57:23 PM, on 4/1/2009

The first SAS log showed some Tracking Cookies a an couple of rogue files.

 

[kimsland]

No the database version is a month old, not the scan !

And to save SwimChao, coming back again, and again, and again (as he has 3 times already on malware issues only) I'd say SP3 (legitimate of course) would be paramount. Otherwise why would support bother.

Security updates stop hackers and Malware, should we worry about this on the 4th return? the 5th? I'd say now is the time.

Otherwise, as you say Bobbye, good luck continuing your support with SwimChao and XP SP1, I'll keep an eye out for the next one in a month as well. Although I personally won't be replying (except to quote my recommendations here)

 

[Bobbye]

Adam, when you came to TechSpot last August with what you said were "Major Issues", the thread went on for 9 pages, 170 replies. You had several people helping you but you continued to second guess many of the replies.

You told us: "I'm an extremely impatient person, and get itchy sitting and waiting. So I tend to throw things and make my own decisions." Then "For 5 years I haven't had much online security, etc."

And though you were given specific directions, you continued with impatience such as: "Also, should I delete other tools used in this process? And any answer to the post above?"

When asked about routine maintenance on the system, specifically disc cleanup, you said: "Yeah, I've NEVER run it". And after 158 replies you said: ": the problem behind the disk clean may be 5 years of never doing it." and then "Considering I've never done ANYTHING and it was loaded with all kinds of bad files."

It took 60 replies to even get you to start listening to us!

You are doing the same thing here. Instead of following the steps that are set up for you to follow, you drop by and leave any log, without the others.

And if you are still only at SP1, it means you are still not handling the security for your system, that is it vulnerable because you haven't gotten the patches for those vuleranabilities.

Then you add at the end of your post now: "Oh, along with that I'd like to say I randomly couldn't log on my MSN yesterday.. Which leads me to believe the password may have been stolen somehow and changed. Could these problems be linked?"

Well, hey yeah! You probable have keyloggers, rootkits and goodness known what else! I am off this thread- I refuse to even get near 9 pages or 170 replies because It's not worth the time invested.

I guess that's why I remembered your name!

 

[SwimChao]

I don't want this to turn into that sort of problem. I really don't, and I deeply apologize :|

I don't mean to come off sounding ignorant, or like I'm second guessing professional opinions. I'm just very unfamiliar with a lot of computer related things.. and it's a troubling thought to venture into that sort of wilderness.

Example of this being how I'm.. still on SP1, I don't know what exactly I need to download so that I can update. I've never meant to come off sounding impatient, or crude in any manner either. I've just wanted to take the steps properly. I'm sorry.

If anyone is still willing to help, I'm updating all of the programs and will run them all again. I will include the proper logs after I've followed the proper procedures.


->
Again, I don't mean to sound ignorant, or impatient, or anything else.. When I do the search through the MS sites for things such as the service packs, it comes up with names and things I've never heard of. From there, I don't know what to say other than I really don't venture into the unknown.

I'm sorry.

 

[kimsland]

SwimChao here's Windows Update => http://windowsupdate.microsoft.com/

My 100% recommendation is to backup your data and then install Windows clean again; this is because you could have been likely hacked a few hundred times by now!, read h e r e on that. Here's those steps:

Microsoft's Windows XP Repair Install step by step (* Including Delete Partition)
http://www.windowsxpprofessional.windowsreinstall.com/sp2sp3installxpcdoldhdd/indexfullpage.htm

* Warning deleting the Partition will remove all User data and Windows system files

Once Windows is fully installed clean, then run Windows Update and install SP2 and SP3. And then all the other Windows Security Updates, from there as well

Glad that's all resolved now

 

[Bobbye]

kimsland is giving you good guidance. Get the SP3 on the machine right off and add additional updates. Perhaps it would be helpful is you set up for Automatic Updates. And be sure to 1. get good security programs and 2. do frequent maintenance on the system.

 

[SwimChao]

I was reading through the re-installation of Windows.. I have a bit of a conundrum:
I do not have the/a product key. As you can guess, my computer is very old and I didn't really save any of that information-- the little bit that I did is far gone.


On a side note, I wasn't sure if I should just go through with the process again as I researched updating/upgrading/re-installation.. So I let the programs properly run. The following logs have been attached. Nothing was picked up in any of the programs, and I updated them all.. making sure by clicking extra times until I got messages saying "No more updates found", etc.

 

[kimsland]

Here's the best answer. Take note, this will make life much easier for you, imagine even going to MS sites and downloading anything you like (legally)

XP Home: http://www.newegg.com/Product/Product.aspx?Item=N82E16832116511

That's ok I think we kinda assumed that already Hence my reply way up there

As your Windows version is not legitimate (missing product key) TechSpot forums cannot provide further support to you. As this would be a conflict of interests with Microsoft's regulations.

You will need to purchase Windows before you can post again
And by purchasing Windows you may not even need further support
ie Purchase Windows

Thread Closed