[Closed] Still having oleacc.dll issues

Status
Not open for further replies.

jybaway

Posts: 13   +0
I've had to go out of town for work for about two weeks, which would explain my sudden absence.

My computer is still telling me oleacc.dll is missing from my computer, after AVG told me that it had found win32/heur in that file. I cannot open Google Chrome at all and my computer gives me this error when I start my computer in association with iaanotif.exe. I'm so confused.

My last instructions were to post MBAM and SuperAntiSpywarae logs, so they are attached. FYI: I am running Windows 7 x64.

Please help... I want my computer back. :(
 

Attachments

  • mbam-log-2010-07-08 (08-32-55).txt
    878 bytes · Views: 3
  • SUPERAntiSpyware Scan Log - 07-07-2010 - 20-55-18.log
    59.8 KB · Views: 2
Back to your original post: Combofix won't run on a 64bit OS. Since this is a Win32Heur find by AVG originally, you need to scan for possible Virut malware:

  • Make sure to use Internet Explorer for this
  • Please go to VirSCAN.org FREE on-line scan service
  • Copy and paste the following file path into the "Suspicious files to scan" box on the top of the page:
    • c:\windows\system32\userinit.exe
  • Click on the Upload button
  • If a pop-up appears saying the file has been scanned already, please select the ReScan button.
  • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
  • Paste the contents of the Clipboard in your next reply.
Also scan these,

C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe


Virut is a Polymorphic File Infector that infects ..exe, .scr, .rar, .zip, .htm, .html. Because there are a number of bugs in its code, it may create executable files that are corrupted beyond repair resulting in an inoperative machine.
It opens a Backdoor by connecting to a predefined IRC Server and waits for commands from the remote attacker


Good explanation here:
http://miekiemoes.blogspot.com/2009/02/virut-and-other-file-infectors-throwing.html


Change all of your passwords and monitor any online transactions.

After running that, please take a few minutes to reset your Cookies. There are 610 Tracking Cookies on the system. This would indicate that you are accepting 3rd party Cookies and may not be doing maintenance on the system:

Reset Cookies

For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> CHECK 'override automatic Cookie handling'> CHECK 'accept first party Cookies'> CHECK 'Block third party Cookies'> CHECK 'allow per session Cookies'> Apply> OK.

For Firefox: Tools> Options> Privacy> Cookies> CHECK ‘accept Cookies from Sites’> UNCHECK 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')

I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
AdBlock Plus
Easy List

For Chrome: Tools> Options> Under The Hood> Privacy Section> CHECK 'Restrict how third party Cookies can be used'> Close.
(First-party and third-party cookies can be set by the website you're visiting and websites that have items embedded in the website you're visiting. But when you next visit the website, only first-party cookie information is sent to the website. Third-party cookie information isn't sent back to the websites that originally set the third-party cookies.)

I will continue with you after I see the results of the scan.

Edit: Original thread: https://www.techspot.com/vb/search.php?searchid=2350313
Broni- sorry- you can continue with this if you'd like.
 
I cannot for the life of me understand why it will not let me press the "Copy to Clipboard" button...it just won't let me click there, but here's an attempt at copy and pasting the results for userinit.exe...hopefully it will let me copy the results of the next one to the clipboard...
Scanner results : Scanners did not find malware!
Time : 2010/07/08 12:43:26 (EDT)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
a-squared 5.0.0.13 20100708022008 2010-07-08 - 5.311
AhnLab V3 2010.07.08.00 2010.07.08 2010-07-08 - 1.194
AntiVir 8.2.4.10 7.10.9.48 2010-07-08 - 0.261
Antiy 2.0.18 20100704.4829244 2010-07-04 - 0.017
Arcavir 2009 201006281601 2010-06-28 - 0.004
Authentium 5.1.1 201007081009 2010-07-08 - 1.237
AVAST! 4.7.4 100708-1 2010-07-08 - 0.006
AVG 8.5.793 271.1.1/2989 2010-07-08 - 0.244
BitDefender 7.90123.6432402 7.32678 2010-07-08 - 3.879
ClamAV 0.96.1 11327 2010-07-06 - 0.003
Comodo 4.0 5362 2010-07-08 - 1.075
CP Secure 1.3.0.5 2010.07.08 2010-07-08 - 0.043
Dr.Web 5.0.2.3300 2010.07.08 2010-07-08 - 8.564
F-Prot 4.4.4.56 20100707 2010-07-07 - 1.226
F-Secure 7.02.73807 2010.07.08.04 2010-07-08 - 0.128
Fortinet 4.1.133 12.131 2010-07-07 - 0.146
GData 21.481/21.175 20100708 2010-07-08 - 7.068
Ikarus T3.1.01.84 2010.07.08.76221 2010-07-08 - 7.004
JiangMin 13.0.900 2010.07.08 2010-07-08 - 1.232
Kaspersky 5.5.10 2010.07.08 2010-07-08 - 0.082
KingSoft 2009.2.5.15 2010.7.8.18 2010-07-08 - 0.614
McAfee 5400.1158 6036 2010-07-07 - 16.770
Microsoft 1.5902 2010.07.08 2010-07-08 - 6.831
Norman 6.05.11 6.05.00 2010-07-08 - 4.007
nProtect 20100703.02 8906927 2010-07-03 - 8.234
Panda 9.05.01 2010.07.04 2010-07-04 - 0.661
Quick Heal 11.00 2010.07.08 2010-07-08 - 2.103
Rising 20.0 22.55.03.04 2010-07-08 - 0.212
Sophos 3.09.0 4.55 2010-07-09 - 3.560
Sunbelt 3.9.2428.2 6558 2010-07-07 - 9.248
Symantec 1.3.0.24 20100707.002 2010-07-07 - 0.049
The Hacker 6.5.2.1 v00310 2010-07-07 - 0.343
Trend Micro 9.120-1004 7.294.11 2010-07-08 - 0.028
VBA32 3.12.12.6 20100708.1240 2010-07-08 - 2.512
ViRobot 20100707 2010.07.07 2010-07-07 - 0.365
VirusBuster 4.5.11.10 10.126.123/2051557 2010-07-08 - 2.393
 
STILL will not let me copy to clipboard! This is annoying!

Results for explorer.exe:

Scanner results : Scanners did not find malware!
Time : 2010/07/08 12:48:46 (EDT)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
a-squared 5.0.0.13 20100708022008 2010-07-08 - 5.545
AhnLab V3 2010.07.08.00 2010.07.08 2010-07-08 - 1.222
AntiVir 8.2.4.10 7.10.9.48 2010-07-08 - 0.267
Antiy 2.0.18 20100704.4829244 2010-07-04 - 0.016
Arcavir 2009 201006281601 2010-06-28 - 0.004
Authentium 5.1.1 201007081009 2010-07-08 - 1.253
AVAST! 4.7.4 100708-1 2010-07-08 - 0.114
AVG 8.5.793 271.1.1/2989 2010-07-08 - 0.260
BitDefender 7.90123.6432402 7.32678 2010-07-08 - 3.840
ClamAV 0.96.1 11327 2010-07-06 - 0.003
Comodo 4.0 5362 2010-07-08 - 1.112
CP Secure 1.3.0.5 2010.07.08 2010-07-08 - 0.497
Dr.Web 5.0.2.3300 2010.07.08 2010-07-08 - 8.651
F-Prot 4.4.4.56 20100707 2010-07-07 - 1.262
F-Secure 7.02.73807 2010.07.08.04 2010-07-08 - 0.180
Fortinet 4.1.133 12.131 2010-07-07 - 0.123
GData 21.481/21.175 20100708 2010-07-08 - 7.212
Ikarus T3.1.01.84 2010.07.08.76221 2010-07-08 - 7.048
JiangMin 13.0.900 2010.07.08 2010-07-08 - 1.281
Kaspersky 5.5.10 2010.07.08 2010-07-08 - 0.082
KingSoft 2009.2.5.15 2010.7.8.18 2010-07-08 - 0.657
McAfee 5400.1158 6036 2010-07-07 - 17.135
Microsoft 1.5902 2010.07.08 2010-07-08 - 6.997
Norman 6.05.11 6.05.00 2010-07-08 - 6.011
nProtect 20100703.02 8906927 2010-07-03 - 7.900
Panda 9.05.01 2010.07.04 2010-07-04 - 0.597
Quick Heal 11.00 2010.07.08 2010-07-08 - 2.080
Rising 20.0 22.55.03.04 2010-07-08 - 0.317
Sophos 3.09.0 4.55 2010-07-09 - 3.564
Sunbelt 3.9.2428.2 6558 2010-07-07 - 8.455
Symantec 1.3.0.24 20100707.002 2010-07-07 - 0.138
The Hacker 6.5.2.1 v00310 2010-07-07 - 0.401
Trend Micro 9.120-1004 7.294.11 2010-07-08 - 0.029
VBA32 3.12.12.6 20100708.1240 2010-07-08 - 2.517
ViRobot 20100707 2010.07.07 2010-07-07 - 0.381
VirusBuster 4.5.11.10 10.126.123/2051557 2010-07-08 - 3.272
■Heuristic/Suspicious ■Exact
 
So...here are the results for svchost.exe

File information
File Name : svchost.exe
File Size : 27136 byte
File Type : PE32+ executable for MS Windows (GUI)
MD5 : c78655bc80301d76ed4fef1c1ea40a7d
SHA1 : 619652b42afe5fb0e3719d7aeda7a5494ab193e8
Scanner results
Scanner results : Scanners did not find malware!
Time : 2010/07/08 12:53:24 (EDT)
Scanner Engine Ver Sig Ver Sig Date Scan result Time
a-squared 5.0.0.13 20100708022008 2010-07-08 - 5.287
AhnLab V3 2010.07.08.00 2010.07.08 2010-07-08 - 1.268
AntiVir 8.2.4.10 7.10.9.48 2010-07-08 - 0.260
Antiy 2.0.18 20100704.4829244 2010-07-04 - 0.018
Arcavir 2009 201006281601 2010-06-28 - 0.004
Authentium 5.1.1 201007081009 2010-07-08 - 1.235
AVAST! 4.7.4 100708-1 2010-07-08 - 0.005
AVG 8.5.793 271.1.1/2989 2010-07-08 - 0.238
BitDefender 7.90123.6432402 7.32678 2010-07-08 - 3.859
ClamAV 0.96.1 11327 2010-07-06 - 0.003
Comodo 4.0 5362 2010-07-08 - 1.334
CP Secure 1.3.0.5 2010.07.08 2010-07-08 - 0.044
Dr.Web 5.0.2.3300 2010.07.08 2010-07-08 - 8.723
F-Prot 4.4.4.56 20100707 2010-07-07 - 1.258
F-Secure 7.02.73807 2010.07.08.04 2010-07-08 - 0.137
Fortinet 4.1.133 12.131 2010-07-07 - 0.124
GData 21.481/21.175 20100708 2010-07-08 - 7.230
Ikarus T3.1.01.84 2010.07.08.76221 2010-07-08 - 7.020
JiangMin 13.0.900 2010.07.08 2010-07-08 - 1.488
Kaspersky 5.5.10 2010.07.08 2010-07-08 - 0.082
KingSoft 2009.2.5.15 2010.7.8.18 2010-07-08 - 1.297
McAfee 5400.1158 6036 2010-07-07 - 16.932
Microsoft 1.5902 2010.07.08 2010-07-08 - 6.880
Norman 6.05.11 6.05.00 2010-07-08 - 4.008
nProtect 20100703.02 8906927 2010-07-03 - 9.027
Panda 9.05.01 2010.07.04 2010-07-04 - 1.523
Quick Heal 11.00 2010.07.08 2010-07-08 - 2.723
Rising 20.0 22.55.03.04 2010-07-08 - 0.194
Sophos 3.09.0 4.55 2010-07-09 - 3.701
Sunbelt 3.9.2428.2 6558 2010-07-07 - 10.342
Symantec 1.3.0.24 20100707.002 2010-07-07 - 0.050
The Hacker 6.5.2.1 v00310 2010-07-07 - 0.340
Trend Micro 9.120-1004 7.294.11 2010-07-08 - 0.028
VBA32 3.12.12.6 20100708.1240 2010-07-08 - 2.609
ViRobot 20100707 2010.07.07 2010-07-07 - 0.410
VirusBuster 4.5.11.10 10.126.123/2051557 2010-07-08 - 2.375
■Heuristic/Suspicious ■Exact
Note: This file has been scanned before. Therefore, this file's scan result will not be stored in the database.



THANK YOU GUYS for the help!
 
Status
Not open for further replies.
Back