Is it difficult to Identify Ddcya.dll, the Trojans?
Ddcya.dll is a Trojan/ backdoor. Trojans are basically programs which appear to do a legitimate function but have some other harmful effect. Generally these Trojans download and install other harmful files are programs with out the knowledge of the user.
Ddcya.dll file is a Browser Help Object (BHO). The Browser Help Objects run every time you open your internet browser. These BHO’s are not stopped by your personal firewall because they appear to your firewall as browser raising no suspicion. That is the BHO’s hijack the internet browser without the knowledge of the firewall and communicate with an outside machine.
BHO’s are often used by spywares or adware as they can easily enter your system without being detected and continue monitoring your personal volatile and confidential information like your bank account details -and sends it to a remotely placed machine where it can be possibly misused.
File ddcya.dll is located in the folder C:\Windows\System32. Known file sizes on Windows XP are 577588 bytes (14% of all occurrence), 573492 bytes, 263220 bytes, 528404 bytes, 280676 bytes, 516116 bytes, 540692 bytes, 565300 bytes, 540724 bytes, 532500 bytes, 27149 bytes, 277262 bytes, 277091 bytes, 27661 bytes, 262708 bytes, 704564 bytes.
This is a component of CWS.SearchX. CWS Search X is a CWS variant that hijacks the user’s browser and sets the start and search pages to about: blank and starts recording the web pages visited, in the root directory.
Identifying the presence of such Trojans is easy – press ctrl + alt + delete and watch the explorer.exe process. If the explorer process is actively running (even when not in use) then you can be sure that your system has been affected by the Trojan. You can use any standard anti-virus software to detect and remove the file. It is strongly recommended that you remove the file immediately on detection.