TechSpot

[Closed] Still having oleacc.dll issues

By jybaway
Jul 8, 2010
  1. I've had to go out of town for work for about two weeks, which would explain my sudden absence.

    My computer is still telling me oleacc.dll is missing from my computer, after AVG told me that it had found win32/heur in that file. I cannot open Google Chrome at all and my computer gives me this error when I start my computer in association with iaanotif.exe. I'm so confused.

    My last instructions were to post MBAM and SuperAntiSpywarae logs, so they are attached. FYI: I am running Windows 7 x64.

    Please help... I want my computer back. :(
     

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Back to your original post: Combofix won't run on a 64bit OS. Since this is a Win32Heur find by AVG originally, you need to scan for possible Virut malware:

    • Make sure to use Internet Explorer for this
    • Please go to VirSCAN.org FREE on-line scan service
    • Copy and paste the following file path into the "Suspicious files to scan" box on the top of the page:
      • c:\windows\system32\userinit.exe
    • Click on the Upload button
    • If a pop-up appears saying the file has been scanned already, please select the ReScan button.
    • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
    • Paste the contents of the Clipboard in your next reply.
    Also scan these,

    C:\WINDOWS\explorer.exe
    C:\WINDOWS\System32\svchost.exe


    Virut is a Polymorphic File Infector that infects ..exe, .scr, .rar, .zip, .htm, .html. Because there are a number of bugs in its code, it may create executable files that are corrupted beyond repair resulting in an inoperative machine.
    It opens a Backdoor by connecting to a predefined IRC Server and waits for commands from the remote attacker


    Good explanation here:
    http://miekiemoes.blogspot.com/2009/02/virut-and-other-file-infectors-throwing.html


    Change all of your passwords and monitor any online transactions.

    After running that, please take a few minutes to reset your Cookies. There are 610 Tracking Cookies on the system. This would indicate that you are accepting 3rd party Cookies and may not be doing maintenance on the system:

    Reset Cookies

    For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> CHECK 'override automatic Cookie handling'> CHECK 'accept first party Cookies'> CHECK 'Block third party Cookies'> CHECK 'allow per session Cookies'> Apply> OK.

    For Firefox: Tools> Options> Privacy> Cookies> CHECK ‘accept Cookies from Sites’> UNCHECK 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')

    I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
    AdBlock Plus
    Easy List

    For Chrome: Tools> Options> Under The Hood> Privacy Section> CHECK 'Restrict how third party Cookies can be used'> Close.
    (First-party and third-party cookies can be set by the website you're visiting and websites that have items embedded in the website you're visiting. But when you next visit the website, only first-party cookie information is sent to the website. Third-party cookie information isn't sent back to the websites that originally set the third-party cookies.)

    I will continue with you after I see the results of the scan.

    Edit: Original thread: http://www.techspot.com/vb/search.php?searchid=2350313
    Broni- sorry- you can continue with this if you'd like.
     
  3. jybaway

    jybaway TS Rookie Topic Starter

    I cannot for the life of me understand why it will not let me press the "Copy to Clipboard" button...it just won't let me click there, but here's an attempt at copy and pasting the results for userinit.exe...hopefully it will let me copy the results of the next one to the clipboard...
    Scanner results : Scanners did not find malware!
    Time : 2010/07/08 12:43:26 (EDT)
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    a-squared 5.0.0.13 20100708022008 2010-07-08 - 5.311
    AhnLab V3 2010.07.08.00 2010.07.08 2010-07-08 - 1.194
    AntiVir 8.2.4.10 7.10.9.48 2010-07-08 - 0.261
    Antiy 2.0.18 20100704.4829244 2010-07-04 - 0.017
    Arcavir 2009 201006281601 2010-06-28 - 0.004
    Authentium 5.1.1 201007081009 2010-07-08 - 1.237
    AVAST! 4.7.4 100708-1 2010-07-08 - 0.006
    AVG 8.5.793 271.1.1/2989 2010-07-08 - 0.244
    BitDefender 7.90123.6432402 7.32678 2010-07-08 - 3.879
    ClamAV 0.96.1 11327 2010-07-06 - 0.003
    Comodo 4.0 5362 2010-07-08 - 1.075
    CP Secure 1.3.0.5 2010.07.08 2010-07-08 - 0.043
    Dr.Web 5.0.2.3300 2010.07.08 2010-07-08 - 8.564
    F-Prot 4.4.4.56 20100707 2010-07-07 - 1.226
    F-Secure 7.02.73807 2010.07.08.04 2010-07-08 - 0.128
    Fortinet 4.1.133 12.131 2010-07-07 - 0.146
    GData 21.481/21.175 20100708 2010-07-08 - 7.068
    Ikarus T3.1.01.84 2010.07.08.76221 2010-07-08 - 7.004
    JiangMin 13.0.900 2010.07.08 2010-07-08 - 1.232
    Kaspersky 5.5.10 2010.07.08 2010-07-08 - 0.082
    KingSoft 2009.2.5.15 2010.7.8.18 2010-07-08 - 0.614
    McAfee 5400.1158 6036 2010-07-07 - 16.770
    Microsoft 1.5902 2010.07.08 2010-07-08 - 6.831
    Norman 6.05.11 6.05.00 2010-07-08 - 4.007
    nProtect 20100703.02 8906927 2010-07-03 - 8.234
    Panda 9.05.01 2010.07.04 2010-07-04 - 0.661
    Quick Heal 11.00 2010.07.08 2010-07-08 - 2.103
    Rising 20.0 22.55.03.04 2010-07-08 - 0.212
    Sophos 3.09.0 4.55 2010-07-09 - 3.560
    Sunbelt 3.9.2428.2 6558 2010-07-07 - 9.248
    Symantec 1.3.0.24 20100707.002 2010-07-07 - 0.049
    The Hacker 6.5.2.1 v00310 2010-07-07 - 0.343
    Trend Micro 9.120-1004 7.294.11 2010-07-08 - 0.028
    VBA32 3.12.12.6 20100708.1240 2010-07-08 - 2.512
    ViRobot 20100707 2010.07.07 2010-07-07 - 0.365
    VirusBuster 4.5.11.10 10.126.123/2051557 2010-07-08 - 2.393
     
  4. jybaway

    jybaway TS Rookie Topic Starter

    STILL will not let me copy to clipboard! This is annoying!

    Results for explorer.exe:

    Scanner results : Scanners did not find malware!
    Time : 2010/07/08 12:48:46 (EDT)
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    a-squared 5.0.0.13 20100708022008 2010-07-08 - 5.545
    AhnLab V3 2010.07.08.00 2010.07.08 2010-07-08 - 1.222
    AntiVir 8.2.4.10 7.10.9.48 2010-07-08 - 0.267
    Antiy 2.0.18 20100704.4829244 2010-07-04 - 0.016
    Arcavir 2009 201006281601 2010-06-28 - 0.004
    Authentium 5.1.1 201007081009 2010-07-08 - 1.253
    AVAST! 4.7.4 100708-1 2010-07-08 - 0.114
    AVG 8.5.793 271.1.1/2989 2010-07-08 - 0.260
    BitDefender 7.90123.6432402 7.32678 2010-07-08 - 3.840
    ClamAV 0.96.1 11327 2010-07-06 - 0.003
    Comodo 4.0 5362 2010-07-08 - 1.112
    CP Secure 1.3.0.5 2010.07.08 2010-07-08 - 0.497
    Dr.Web 5.0.2.3300 2010.07.08 2010-07-08 - 8.651
    F-Prot 4.4.4.56 20100707 2010-07-07 - 1.262
    F-Secure 7.02.73807 2010.07.08.04 2010-07-08 - 0.180
    Fortinet 4.1.133 12.131 2010-07-07 - 0.123
    GData 21.481/21.175 20100708 2010-07-08 - 7.212
    Ikarus T3.1.01.84 2010.07.08.76221 2010-07-08 - 7.048
    JiangMin 13.0.900 2010.07.08 2010-07-08 - 1.281
    Kaspersky 5.5.10 2010.07.08 2010-07-08 - 0.082
    KingSoft 2009.2.5.15 2010.7.8.18 2010-07-08 - 0.657
    McAfee 5400.1158 6036 2010-07-07 - 17.135
    Microsoft 1.5902 2010.07.08 2010-07-08 - 6.997
    Norman 6.05.11 6.05.00 2010-07-08 - 6.011
    nProtect 20100703.02 8906927 2010-07-03 - 7.900
    Panda 9.05.01 2010.07.04 2010-07-04 - 0.597
    Quick Heal 11.00 2010.07.08 2010-07-08 - 2.080
    Rising 20.0 22.55.03.04 2010-07-08 - 0.317
    Sophos 3.09.0 4.55 2010-07-09 - 3.564
    Sunbelt 3.9.2428.2 6558 2010-07-07 - 8.455
    Symantec 1.3.0.24 20100707.002 2010-07-07 - 0.138
    The Hacker 6.5.2.1 v00310 2010-07-07 - 0.401
    Trend Micro 9.120-1004 7.294.11 2010-07-08 - 0.029
    VBA32 3.12.12.6 20100708.1240 2010-07-08 - 2.517
    ViRobot 20100707 2010.07.07 2010-07-07 - 0.381
    VirusBuster 4.5.11.10 10.126.123/2051557 2010-07-08 - 3.272
    ■Heuristic/Suspicious ■Exact
     
  5. jybaway

    jybaway TS Rookie Topic Starter

    So...here are the results for svchost.exe

    File information
    File Name : svchost.exe
    File Size : 27136 byte
    File Type : PE32+ executable for MS Windows (GUI)
    MD5 : c78655bc80301d76ed4fef1c1ea40a7d
    SHA1 : 619652b42afe5fb0e3719d7aeda7a5494ab193e8
    Scanner results
    Scanner results : Scanners did not find malware!
    Time : 2010/07/08 12:53:24 (EDT)
    Scanner Engine Ver Sig Ver Sig Date Scan result Time
    a-squared 5.0.0.13 20100708022008 2010-07-08 - 5.287
    AhnLab V3 2010.07.08.00 2010.07.08 2010-07-08 - 1.268
    AntiVir 8.2.4.10 7.10.9.48 2010-07-08 - 0.260
    Antiy 2.0.18 20100704.4829244 2010-07-04 - 0.018
    Arcavir 2009 201006281601 2010-06-28 - 0.004
    Authentium 5.1.1 201007081009 2010-07-08 - 1.235
    AVAST! 4.7.4 100708-1 2010-07-08 - 0.005
    AVG 8.5.793 271.1.1/2989 2010-07-08 - 0.238
    BitDefender 7.90123.6432402 7.32678 2010-07-08 - 3.859
    ClamAV 0.96.1 11327 2010-07-06 - 0.003
    Comodo 4.0 5362 2010-07-08 - 1.334
    CP Secure 1.3.0.5 2010.07.08 2010-07-08 - 0.044
    Dr.Web 5.0.2.3300 2010.07.08 2010-07-08 - 8.723
    F-Prot 4.4.4.56 20100707 2010-07-07 - 1.258
    F-Secure 7.02.73807 2010.07.08.04 2010-07-08 - 0.137
    Fortinet 4.1.133 12.131 2010-07-07 - 0.124
    GData 21.481/21.175 20100708 2010-07-08 - 7.230
    Ikarus T3.1.01.84 2010.07.08.76221 2010-07-08 - 7.020
    JiangMin 13.0.900 2010.07.08 2010-07-08 - 1.488
    Kaspersky 5.5.10 2010.07.08 2010-07-08 - 0.082
    KingSoft 2009.2.5.15 2010.7.8.18 2010-07-08 - 1.297
    McAfee 5400.1158 6036 2010-07-07 - 16.932
    Microsoft 1.5902 2010.07.08 2010-07-08 - 6.880
    Norman 6.05.11 6.05.00 2010-07-08 - 4.008
    nProtect 20100703.02 8906927 2010-07-03 - 9.027
    Panda 9.05.01 2010.07.04 2010-07-04 - 1.523
    Quick Heal 11.00 2010.07.08 2010-07-08 - 2.723
    Rising 20.0 22.55.03.04 2010-07-08 - 0.194
    Sophos 3.09.0 4.55 2010-07-09 - 3.701
    Sunbelt 3.9.2428.2 6558 2010-07-07 - 10.342
    Symantec 1.3.0.24 20100707.002 2010-07-07 - 0.050
    The Hacker 6.5.2.1 v00310 2010-07-07 - 0.340
    Trend Micro 9.120-1004 7.294.11 2010-07-08 - 0.028
    VBA32 3.12.12.6 20100708.1240 2010-07-08 - 2.609
    ViRobot 20100707 2010.07.07 2010-07-07 - 0.410
    VirusBuster 4.5.11.10 10.126.123/2051557 2010-07-08 - 2.375
    ■Heuristic/Suspicious ■Exact
    Note: This file has been scanned before. Therefore, this file's scan result will not be stored in the database.



    THANK YOU GUYS for the help!
     
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    I've asked Broni to pick up your thread- guess he missed my edit.
     
  7. Broni

    Broni Malware Annihilator Posts: 52,892   +344

Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...