(part II) Error messages (ddccy.exe and gebby.dll) plus a really slow system...

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Urra...Apre, Feb 10, 2008.

  1. Urra...Apre

    Urra...Apre Private E-2

    Hi!!

    Im really sorry I had to reactivate this discussion, but it seems the thread in question is already closed (http://forums.majorgeeks.com/showthread.php?t=149818)

    I dont know if user Donald (nicked Board) already solved his problem, or if given advices were good enough, however I have a more simple solution since I also have Vista installed and experienced the very same problems.

    I later noticed I was attacked by a so called Vundo trojan, that takes charge of Internet pages and keep popping up lots of trash sites. Inclusively frozens Internet and slow down the system.

    Through the Google search I found a very strong tool called SUPERantyspyware, Free Version (http://www.superantispyware.com), which not only found the virus and its location but also remove them.

    After that I reboot the Pc and a similar msg to this one appeared:

    Error loading C:\users\(username)\appdata\local\temp\ddccy.dll. the specified module could not be found.

    I, then ran cccleaner, cleaned the registry and thats it, till today I had no more troubles. :dood
     
    Urra...Apre, Feb 10, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    The thread is not closed. You are not allowed to post in another persons thread unless you are one of the team of authorized malware fighters.

    Sorry but SuperAntiSpyware will not fix all of the problems and infected file that are deposited on a PC by Vundo especially the latest form like the user you mentioned had.

    I would bet you still have traces of the infection. Run our READ & RUN ME and attach the logs and we will see.

    Also the only reason we are having problems resolving the issues in Donald's thread is because for some reason he is unable to properly run ComboFix which we run on dozens of Vista PCs everyday. Otherwise we would already be finished.
     
    chaslang, Feb 11, 2008
    #2
  3. Urra...Apre

    Urra...Apre Private E-2


    Greetings from Portugal !!

    Ooops, now I know. Sorry for that:(


    I appreciate your words, but before I follow your instructions I attached the HijackThis log, so you can see if there is any strange line.

    This doesn't mean I dont trust you (quite the opposite), but Im not in the mood, for now, to install anything else unless you tell me is strongly necessary:)
     

    Attached Files:

    Last edited: Feb 13, 2008
    Urra...Apre, Feb 13, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    A HijackThis log will not tell us what we need to know. Especially when not installed properly. They are basically useless these days in finding all the malware put on PCs. This is why we have the READ & RUN ME and also why we do not ask for HijackThis logs. We don't need separate HJT logs since they are embedded into the MGtools program that is part of the READ ME and when HJT is run as part of MGtools it will be installed and renamed properly which helps it to show certain malware that will often hide if you do not rename HijackThis.

    If you don't want to run the READ ME, that's fine. Just know that many forms of Vundo deposit all kinds of files on a PC and HijackThis will not show them. You may or may not have had that form.
     
    chaslang, Feb 14, 2008
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds