Virus, spyware or i don't know...

Discussion in 'NOD32 version 2 Forum' started by icevoodoo, Mar 22, 2007.

Thread Status:
Not open for further replies.
  1. icevoodoo

    icevoodoo Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2
    Hello,

    I have find on my computer something buggy take it from the internet. The NOD32 and other tolls could not identify the 2 .dll files.

    This is what i have find and fixed on my computer (fixed by rebooting from a CD DiGIWIZ):

    {28CEA1DA-2199-4AEE-BA75-9032C8450B66} - C:\Windows\system32\fccyvvs.dll
    {DF7F6EE5-2D33-48E9-B4AF-2B02FF9A80B4} - C:\Windows\system32\ddayv.dll

    If some one from NOD32 want more detail i have put an attachment with the 2 files and registry keys where i have find references for them.

    Please modify the extension because the file is a .rar archieve.

    Thank you in advance...

    PS: I' m a registered user of NOD32.
     
  2. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    try to upload tgose files to virustotal.com also and see if they are flagged as malware
     
  3. icevoodoo

    icevoodoo Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2
    Ok 10x i will try.
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,794
    Location:
    Texas
    Send those files to Eset. No virustotal screenshot needs to be posted in this forum.
     
  5. KDNeese

    KDNeese Registered Member

    Joined:
    Dec 16, 2005
    Posts:
    236
    About 99% sure it is the Vundo virus. I just cleaned several strains of that little nasty off my office manager's computer. You can download Vundofix, which works pretty well at getting rid of most of the Vundo garbage. Download from this link:

    http://www.majorgeeks.com/download4954.html

    I've tried deleting similar files manually, but that doesn't seem to work. Also, there is another utility that has 4 different antivirus programs (Sophos, Trend Micro, McAfee & Kaspersky) that run in CMD. In my experience, Kaspersky has worked better at cleaning than NOD, even though I've been a NOD fan. You can download the utility from the following:

    http://www.ik-cs.com/v2/multi-av.htm

    It's more effective to run this utility in Safe Mode, although you can run it in regular mode. You can also Google and find some other utilities that deal with the Vundo garbage.
     
Thread Status:
Not open for further replies.