Virus: xcechinu.dll?? Symantec Anti Virus Picked this guy up...

[gidgiddonihah]

There is little to no information on this little guy, but it looks like xcechinu.dll is a Virus, here is the info that Symantec gave me:

VIRUS NOTIFICATION
Scan type: Auto-Protect Scan
Event: Threat Found!
Threat: Downloader
File: C:\WINDOWS\system32\xcechinu.dll
Location: C:\WINDOWS\system32
Computer: STONEHOME
User: XXXXXXXXXXX(Its My User )
Action taken: Clean failed : Quarantine failed : Access denied
Date found: Saturday, April 03, 2010 4:34:28 PM

Then it just gives a bunch of pages on how it failed in removing it.

I have scanned with:
1.) Symantec AntiVirus
2.) Spyware Doctor - Came up with NOTHING
3.) Malwarebyte's - Came up with NOTHING
4.) Ad-Aware - Came up with NOTHING
5.) Windows Search - Came up with C:\WINDOWS\system32\xcechinu.dll

Since its a DLL file im scared to delete it...

I have no clue whether if this is legitimate or not, but I cant remove it with anything that i have at the moment. ANY advice would help.

Thanks Ahead

 

[gidgiddonihah]

Oh, just in case you need it my specs are:

DELL e510
P4 3.2GHz
3GB RAM
1TB HDD Space Total
nVidia 9600GT
500Watt PSU

 

[gidgiddonihah]

Oh lol you might also need that im running:

Microsoft Windows XP
Media Center Edition
Version 2002
Service Pack 3

 

[graywolf]

It'd a fairly new one. Try deletuing it, as it's not a system file.

Then try SuperantiSpyware and TrendMiceo Online Rootkit scanner.

 

[graywolf]

So, what happened?

 

[gidgiddonihah]

NOthing, notin was picked up, and im really a wimp to delete the file... lol srry

 

[aford10]

Boot into safe mode with networking and do the scans. It could be suppressing your scanner.

 

[graywolf]

NOthing, notin was picked up, and im really a wimp to delete the file... lol srry

It's not a system file, but part of a piece of malware, and you did no harm. But that doesn't mean you don't have other problems caused by the virus. Follow aford's directions now.

 

[digitalprospecter]

If your really afraid to delete the file completely, startup in Safe Mode as aford10 says, and rename the file instead of deleting it. Then you can restart in normal mode and if everything appears to be working properly you can then delete the renamed file.

Don't worry... be happy!

 

[gidgiddonihah]

Lol, it somehow it disapeared, one moment i was looking at it, the next it was gone... POOF! Any ideas?? Did something delete automaticly somehow?? HELP!!

 

[gidgiddonihah]

And yes i did make sure that it it wasnt hidden... Its just not there!

 

[gidgiddonihah]

Im planning to re-install windows in a few months... When i have time So if we cant figure this out, ill just reinstall windows, and spend 10 min a day add my programs and updates back on...

 

[digitalprospecter]

Download and run Combofix from www.bleepingcomputer.com (if anyone knows of another site to quote that is legit please let me know)

Turn off your antivirus when Combo fix warns you that it is running and install the Microsoft REcovery Console if Combofix recommends it. This is a great utility for crippling infections so that malwarebytes, superantispyware, and antivirus programs can come in and clean up behind it.

 

[gidgiddonihah]

I cant find the download link . Lol i prolly seem really computer dumb to u guys . haha

 

[digitalprospecter]

Sorry, should have posted a specific link:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

You'll find the download link as you scroll down the page in the section entitled Using Combofix

Let me know how it turns out.

 

[gidgiddonihah]

It couldnt find the right system file and it sat for about 9 minutes doing nothing .

 

[digitalprospecter]

Strange. I've never exprienced that before and I've used it over a dozen times a day for a long time now in my shop Did it error out? What was the filename and at what point did this occur? Was the system file error right away or did it come after, say, the update stage etc?

 

[gidgiddonihah]

It was right after that microsoft download. It said 100% then 3-4 sec later it gave the Cannot Find Right System File, then hung for about 9 min before i closed out of it.

 

[digitalprospecter]

Hi gidgiddonihah,

I am currently researching errors involving the installation of the Microsoft Recovery Console. I will be back. I am curious as to what "the Right System File" is that is being referred to.

Back soon.

 

[aford10]

It couldnt find the right system file and it sat for about 9 minutes doing nothing .

Boot into safe mode, and use the start-->search function to look for that file.

 

[gidgiddonihah]

KK just to let you know im heading out of town... So i wont be on after tonight untill Next Sunday Night...

 

[gidgiddonihah]

I have no clue what file its missing... were talking about a program called Combofix...

 

[aford10]

Lol, it somehow it disapeared, one moment i was looking at it, the next it was gone... POOF! Any ideas?? Did something delete automaticly somehow?? HELP!!

Sorry, I quoted the wrong post. ^ This is the one I was referencing.

 

[graywolf]

Have a nice trip.

 

[digitalprospecter]

I guess we can set aside running Combo fix, but I find it great for rootkits and such.
So far I can find no reference to the "can not find the right system file" message relating to either Recovery Console or Combofix. Curious.