[SilvioG]

Hello gents,

When trying to run OTL.exe, OTL.src or OTL.com, I get first an information message that OTL has encountered an unexpected problem, then an application error message:

"EOleSysError in module OTL.exe at 000571A5" (as in the image attached) .

It didn't work in safe mode either.

The reason why I downloaded OTL in the 1st place is because there are very odd .exe files inside C:Recycler. These files could not be scanned by my antivirus (Avira), are simply not detected by MBAM and I cannot access to them manually (via Explorer - opening the containing folder is restricted).

To give you a better idea, here's an extract of the Avira log:

C:\RECYCLER\S-1-5-21-4084521875-469722824-966692315-1006\Dc5.exe
[WARNING] The file could not be opened!
C:\RECYCLER\S-1-5-21-4084521875-469722824-966692315-1006\Dc6.exe
[WARNING] The file could not be opened!
C:\RECYCLER\S-1-5-21-4084521875-469722824-966692315-1006\Dc7.exe
[WARNING] The file could not be opened!
C:\RECYCLER\S-1-5-21-4084521875-469722824-966692315-1006\Dc8.exe
[WARNING] The file could not be opened!
C:\RECYCLER\S-1-5-21-4084521875-469722824-966692315-1006\Dc9.exe

So, do you think the error message is related to malware ? How can I install OTL ?

Thanks 4 your help guys,

S.

[Advertisements]

Hi,

Welcome to GeeksToGo!

The reason why you can't open these files is because they are in the recycle bin. If you run the program below it will clear all of your temporary files, including your recycle bin.

Download TFC to your desktop

• Open the file and close any other windows.
• It will close all programs itself when run, make sure to let it run uninterrupted.
• Click the Start button to begin the process. The program should not take long to finish its job
• Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

Do you have any other reason to suspect your computer is infected?

[mitch8]

Hi,

Welcome to GeeksToGo!

The reason why you can't open these files is because they are in the recycle bin. If you run the program below it will clear all of your temporary files, including your recycle bin.

Download TFC to your desktop

• Open the file and close any other windows.
• It will close all programs itself when run, make sure to let it run uninterrupted.
• Click the Start button to begin the process. The program should not take long to finish its job
• Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean

Do you have any other reason to suspect your computer is infected?

[SilvioG]

Thanks Mitch8,

I ran TFC and ran an Antivir scan. The files are now gone and nothing strange is detected.

But still OTL doesn't work ... Maybe it's just my PC, or a bug in OTL.

[mitch8]

Try running this:

Download OTS to your Desktop and double-click on it to run it

• Make sure you close all other programs and don't use the PC while the scan runs.
• Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
• When the scan is complete Notepad will open with the report file loaded in it.
• Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

Use the Add Reply button and post the information back here in an attachment. I will review it when it comes in. The last line is < End of Report >, so make sure that is the last line in the attached report.


Make sure you attach the report in your reply. If it is too big to upload, then zip the text file and upload it that way

[SilvioG]

OTS doesn't work either ... Same error message.

S.

[mitch8]

OK,

Maybe your computer doesn't like old timer's tools. Let's try a different program from someone else.

Download avz4.zip from HERE

• Unzip it to your desktop to a folder named avz4
• Double click on AVZ.exe to run it.
• Run an update by clicking the Auto Update button on the Right of the Log window:
• Click Start to begin the update

Note: If you recieve an error message, chose a different source, then click Start again

• Start AVZ.
  
• Choose from the menu "File" => "Standard scripts " and mark the "Advanced System Analysis with malware removal mode enabled" check box.
  
• Click on the “Execute selected scripts”.
• Automatic scanning, healing and system check will be executed.
• A logfile (avz_sysinfo.htm) will be created and saved in the LOG folder in the AVZ directory as virusinfo_syscure.zip.
• It is necessary to reboot your machine, because AVZ might disturb some program operations (like antiviruses and firewall) during the system scan.
• All applications will work properly after the system restart.

When restarted

• Start AVZ.
  
• Choose from the menu "File" => "Standard scripts " and mark the “Advanced System Analysis" check box.
  
• Click on the "Execute selected scripts".
• A system check will be automatically performed, and the created logfile (avz_sysinfo.htm) will be saved in the LOG folder in the AVZ directory as virusinfo_syscheck.zip.

Attach both virusinfo_syscure.zip and virusinfo_syscheck.zip to your next post

To attach a file, do the following:

• Click Add Reply
• Under the reply panel is the Attachments Panel
• Browse for the attachment file you want to upload, then click the green Upload button
• Once it has uploaded, click the Manage Current Attachments drop down box
• Click on to insert the attachment into your post

[SilvioG]

Hello Mitch8,

Here are the logs,

Thank you

 virusinfo_syscure.zip   173.13KB   460 downloads
 virusinfo_syscheck.zip   172.89KB   452 downloads

[mitch8]

Hi,

Just a few leftovers. We will have to delete them manually as OTL doesn't work.

Open a Command Window: Start, All Programs, Accessories, Command Prompt. Type (with an Enter after each line in the code box) If it asks you if you are sure tell it y and press enter.

cd  C:\windows\tasks
del at*.job
exit

Next,

Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

[SilvioG]

OK ... All the at*.jobs have been deleted manually. And MBAM found nothing:

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5296

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/12/2010 20:22:30
mbam-log-2010-12-11 (20-22-30).txt

Scan type: Quick scan
Objects scanned: 180432
Time elapsed: 10 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Think my PC is clean ?

[mitch8]

You look good. You can just delete all of the tools we used.

It looks like you log is clean

Please follow the steps below to keep your computer clean.

• Clean restore points - To get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
  
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE
  You now have a clean restore point, to get rid of the bad ones:
  
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done
• Update your computer - To check for updates yourself go to http://windowsupdate.microsoft.com It is very important to check for updates often as my security problems are fixed with updates. Also make sure your computer will update automatically, to do that:
  
  • Go the control panel
  • Click on security center
  • Then "Automatic Updates"
  • Select Automatic (recommended)
  • Pick the time and click ok
• Update Java - It's very important to keep java up to date because older versions have vulnerabilities that malware can use to infect your system.
  Please download JavaRa to your desktop and unzip it to its own folder
  
  • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.
• Update Adobe Reader- It's good to keep Adobe Reader updated to because many security problems are fixed in updates. To check for updates:
  
  • Open Adobe Reader
  • On the menu bar click on help then check for updates...
  • The program will then tell you if updates are available
• Anti-spyware programs - These programs will scan your computer and delete spyware. If you do not have any anti-spyware programs on your computer I recommend:
  
  • Malware Bytes
  • SUPERAntiSpyware
• Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. A good tutorial on SpywareBlaster can be found at http://www.bleepingcomputer.com/tutorials/tutorial49.html
  
• Prevention - Here are some other programs that will help you say safe on your computer:
  
  • WOT (web of trust) - rates websites and will warn you if a website has a poor rating
  • McAfee SiteAdvisor - warns you of malicious websites
  • Firefox - a safer web browser
• Update your security software! You have to update you security software to make sure your computer is safe from new malware threats.
  
• And also see TonyKlein's article
  So how did I get infected in the first place?

[SilvioG]

Thanks for ur help Mitch8 !!

[mitch8]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.