Theoracle117 ✭

You're all clean

Your welcome

only moderators and virus researchers are able to download these files on here so no, the viruses are not free to download. Everyone is safe

Malwarebytes is excellent at removing rouges.

download file assassin and install it. http://www.malwarebytes.org/fa-setup.exe it should make a shortcut on your desktop. double click it and then copy C:\Documents and Settings\Owner\My Documents\setupxv.exe and paste it into file assassin's text area.

i analyzed your hijack this log and found several things that need to be fixed. please rescan with hijackthis and check the following checkboxes next to these C:\Program Files\360safe\360Safe.exe O4 - HKCU\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe and then press fix

Try going to the my documents folder and deleting them yourself.

Maybe its time to use combofix read this guide carefully http://www.bleepingcomputer.com/combofix/how-to-use-combofix and after finishing download combofix and run it. the artical should include the download link

scan again with hijackthis and check the little checkbox next to O20 - Winlogon Notify: 58625298502 - C:\WINDOWS\System32\d3dramp32.dll (file missing) and press fix. If the files are still there then report back

Same here, same problem but i have grew to ignore it

I don't understand. The fact that Bitdefender is a great antivirus and it is unable to detect one of the most common rouges on the internet is just wierd.

nothings wrong with your hijackthis log

Please pack the file(s) in an archive, protected with the password infected. C:\WINDOWS\system32\explorer32.exe Attach the archive in your next post here.(if it's too big, upload it on www.rapidshare.com or other server and leave here the download link). Scan again with hijackths and check the little checkbox next to O4 -…

OK

Smitfraudfix is one of the "virus fixes" They are extreamly powerful antivirus programs but they are single executables and used normally as a last resort if the normal AV cannot cure the infected computer. some include, combofix, vundofix, virtuemondebegone and smitfraudfix( which is detected for some reason, possibly…

are you still having problems?

This is no surprise, i expected bitdefender to get good results

i analyzed your hijackthis log and you should scan again, and check the box right next to this : O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing) and press fix

nothing is wrong with your hijackthislog except for the file you just named. You can try running another hijackthis scan and when it finishes, check the checkbox next to O20 - Winlogon Notify: 58625298502 - C:\WINDOWS\System32\d3dramp32.dll (file missing) press fix. see if that helps.

BItdefender updates itself on default, every hour or so. Post here the scan log of Backdoor.IRC.bot.ABSE

I got the same thing. Just delete Smitfraudfix. I don't know why Smitfraudfix is detected though.

It is unlikely that malwarebytes would fail to remove it. I must say the you won't need xoftspy. It was actually considered a rouge at first. It reports super high amounts of false positives and tells you that your system is infected when its not. Its absolutely pure marketing. You can go to google and look up xoftspySE…

I checked your hijackthis log and cound't find anything wrong with it.

post here the scan log

please post here the scan log PS i cant help but mention that i saw the world of warcraft icon on your desktop

Update seems to be working fine.... i have bitdefender total security 2009

i think that guy is a spammer

well since you have a ROGUE ( http://forum.bitdefender.com/index.php?showtopic=1497 ) on your computer, wouldn't it be better to use smithfraudfix? Oh well, just use combofix then

svchost.exe is a system file. I am sure of it. Sdfix must have detected a false positive.

A hijackthis log will really help us http://forum.bitdefender.com/index.php?showtopic=5668 just run it, and press scan and save a log file. Then post the log file here. DO NOT press anything else in hijackthis.