Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Stumped -- HJT, MBAM, Kaspersky Online, AVG won't run


  • Please log in to reply
2 replies to this topic

#1 cderekdavis

cderekdavis

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 03 October 2009 - 10:56 AM

Here's the scoop - Malware Bytes and HJT won't run... system says that "Windows cannot access the specified device, path, or file..."

Kaspersky online scan gets through about 10 files, then hangs on "scecli.dll"

MSCONFIG shows nice things like:

---rundll32 "sosafuji.dll", s
---rundll32 "c:\windows\system32\dugabise.dll"
---rundll32 "c:\windows\system32\pawehuhe.dll"

BC AdBot (Login to Remove)

 


#2 Guest_The weatherman_*

Guest_The weatherman_*

  • Guests
  • OFFLINE
  •  

Posted 03 October 2009 - 04:20 PM

Moved from HJT to a more appropriate forum. Tw

#3 rigel

rigel

    FD-BC


  • Members
  • 12,944 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina - USA

Posted 03 October 2009 - 07:20 PM

You have signs of a rootkit...

We Need to check for Rootkits with RootRepeal
  • Download RootRepeal from the following location and save it to your desktop.
  • Extract RootRepeal.exe from the archive (If you did not use the "Direct Download"

    mirror).
  • Open Posted Image on

    your desktop.
  • Click the Posted Image tab.
  • Click the Posted Image button.
  • Check all seven boxes:

    Posted Image
  • Push Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, push the

    Posted Image button. Save the log to
    your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your
    next reply, please.

"In a world where you can be anything, be yourself." ~ unknown

"Fall in love with someone who deserves your heart. Not someone who plays with it. Will Smith





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users