Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

osbaseln.dll corruption - possible infection?


  • Please log in to reply
1 reply to this topic

#1 StuFisch

StuFisch

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:23 AM

Posted 27 January 2013 - 11:23 AM

First time posting here; used for a few years now, and have always found the answers ...

... seems the pot-smoking, alcohol-drinking, non-working 23 yo son of my girlfriend decided some skateboarding website (he doesn't remember which one, duh ...) needed it's software installed, in order to view whatever meaningless crap he wanted to see ...

Anyway, result was WindowsUpdate didn't work; Programs & Features CP wouldn't come up, things were slow, etcetera. Rather than dive in, I just used Malwarebytes Free (MS Sec Essntls is already running)and ran a complete scan ... found iLivid crap and some PUP stuff (no; I didn't save the logs ... bad me!), and allegedly cleaned it, after reboot.

Things were still crappy, so I tried to add SuperAntiSpyware free to the mix; it found nothing. Malwarebytes, too, found nothing. Ditto for Microsoft Security Essentially worthless ...

Okay; frak it - built the latest Kaspersky Rescue from the downloaded ISO (1/19/13) & ran it ... same thing; slow as heck, nothing found.

When I run CCleaner.exe, Tools, Uninstall option, I get the message "C:\Windows\System32\osbaseln.dll is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media or contact your system administrator or the software vendor for support."

Search the web on that one, tried the sfc /scannow on the system, which found errors in the CBS.log file, but even re-registering (RegSrv32 says incorrect version, but file size is zero) fails. Have the log file if anyone wants a gander ...

Finally said (F*** it!) and restored ... these problems started on 1/21/13, so I restored to the oldest saved point, 1/14/13 ... STILL HAVING THE SAME PROBLEMS ... gonna go install Avast Free, see if it finds anything the others didn't; but I'm stymied ... Processes look fine with SysInternals procman, but I'm stumped ...

ANY IDEAS? Don't want to have to reformat & reinstall; my girlfriend is visually disabled (no snarky comments, please), and I really don't want to screw with this too much more (although it looks like I'm gonna have to ...); thankfully she has another Laptop which is her main one. BTW -- This is a Dell Inspiron N5010, running Win 7 Hm, 32-bit ...

Thanks ahead of time, to any/all who reply.

-Stuart
www.linkedin.com/in/stufisch/

BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:23 AM

Posted 27 January 2013 - 11:28 AM

Welcome To BC

Please perform these steps in safemode with networking if you are un-able to get them to work in normal mode.




Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Report FF Proxy Settings
Reset Ie proxy Settins
Reset FF proxy settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



Download the program below.
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Run the program hit the scan button allow it to finish.
Then hit the delete button.
Reboot your machine post the Rouge killer log please.


Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Double Click it or win 7 vista users right click and run as admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results!!





Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,



Download Emsisoft Emergency Kit and save it to your desktop. Right-click on EmsisoftEmergencyKit.zip and select Extract All.... Leave all settings as they are and click Extract. You will now have a folder named EmsisoftEmergencyKit on your desktop.

Open the EmsisoftEmergencyKit folder and double-click Start.exe.
http://www.emsisoft.com/en/software/eek/download/
A new window will open. Under "Run Directly:" click Emergency Kit Scanner.
When asked to run an online update, click Yes.
When the update is finished, click the Back to Security Status link in the left corner. On the main screen click the Scan Now button.
Select the Deep Scan option and click the SCAN button.
When the scan is finished click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
Click the View Report button and in the Reports window double-click on the most recent log. Note, logs are named as follows: a2scan_<date>-<time>.txt.
Copy/paste the report contents in your next reply.

Edited by InadequateInfirmity, 27 January 2013 - 11:29 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users