Additionally, a spybot S&D run I made yesterday said that I was infected by a russian trojan. I can’t really remember the name as it was really wierd.( I should have made a screenshot >:() I think it was like Aroushki.ru or something like that. what im sure is that it had the .ru extention with it. Spybot said that the infection was destroyed, but im not so certain since the comodo scan i made today show that I still have a treat. It would be a very strange coincidence…
Anyway I need help bad. Please answer as fast as possible. thank you in advance.
Additionally, a spybot S&D run I made yesterday said that I was infected by a russian trojan. I can’t really remember the name as it was really wierd.( I should have made a screenshot Angry) I think it was like Aroushki.ru or something like that. what im sure is that it had the .ru extention with it. Spybot said that the infection was destroyed, but im not so certain since the comodo scan i made today show that I still have a treat. It would be a very strange coincidence…
Anyway I need help bad. Please answer as fast as possible. thank you in advance.
Hi.
You can start with this: http://www.malwarebytes.org/ install, update and do a full scan. http://www.gmer.net/ save the exe. file and run it. It will only take a few seconds. When it presents you the log confirm if anything is written in red.
If after you try Malwarebytes and SUPERAntiSpyware (I personally find they’re quite similar) you don’t find anything or they’re broken (by the infection) then perhaps try a2 (a-squared) Free, and even in Windows’ safe mode. Its definition files will be kinda large but it’s also very good.
Before you do some damage by running Tools and especially Gmer
please have a look at the Properies of the file
D3DIM700.DLL belongs to Microsoft Direct3D graphics and it is the system file and in the right location C:\Windows\system32\ (at least for XP)
Please check for Vista in particular
Sure we don’t rely on file names only and any file can be compromized , but you have to investigate first because removing files from system area even if they are substituted may not be as trivial as deleting them.
Probably not with this particular file , but you can damage your system inoperable by blindly quarantining or deleting files from C:\Windows … …\system32\ etc.
My regards
P.S. Properties here:
C:\Windows\system32\d3dim700.dll
Company: Microsoft Corporation
version: 5.03.2600.5512 (xpsp.080413-0845)
Product name: Microsoft® Windows® Operating System
ok thanks ya all guys. first of all I want to apologies for double posting…I just didn’t knew where to post my problem and have the quickest answer possible.
Next, it seem my problem come from the internet itself.
1: I run a scan
2: I find my problem
3: I delete the infected file
4: I redo another scan. No infection present.
5: I return to the internet. Another infection present itself.
Im not a computer expert, but I think the trojan is attacking my IP and that is why i always get a new infection each time i connect to the net.
I also got some new informations about the freakin russian trojan I got. Its said that it attach itself to the
windows update and antivirus dont detect its entry, since it come from a windows update. If only I could remember the name of this trojan…
let us know what you find.