Plagued by wisdstr.exe virus [CLOSED. THANKS!]

NutterButters — Sat, 15 Aug 2009 16:05:48 +0800

Hi all...I have this problem with a couple of viruses I seem to have gotten while visiting a site? They are:

C:\WINDOWS\system32\wisdstr.exe
C:\WINDOWS\system32\dllcache\figaro.sys
C:\WINDOWS\system32\braviax.exe

and in C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 there's Install[1].exe; Install[2].exe etc

The Install[n].exe keeps multiplying itself?? After removal, it keeps coming back after reboot and the problem seems to be detected whenever I connect to the Internet.

I am using Windows XP. I have used Avira and MBAM to remove them but they keep spawning back...help will be very much appreciated.

Here's the log file I copied:

Avira AntiVir Personal
Report file date: 14 Ogos 2009 12:22

Scanning for 1637477 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : PERSONAL

Version information:
BUILD.DAT : 9.0.0.407 17961 Bytes 7/29/2009 10:34:00
AVSCAN.EXE : 9.0.3.7 466689 Bytes 7/21/2009 06:36:14
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 03:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 04:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 03:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 05:30:36
ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 6/24/2009 02:21:42
ANTIVIR2.VDF : 7.1.5.88 2668032 Bytes 8/10/2009 04:20:54
ANTIVIR3.VDF : 7.1.5.110 263680 Bytes 8/13/2009 04:21:01
Engineversion : 8.2.1.1
AEVDF.DLL : 8.1.1.1 106868 Bytes 7/28/2009 06:31:50
AESCRIPT.DLL : 8.1.2.25 459130 Bytes 8/14/2009 04:21:29
AESCN.DLL : 8.1.2.4 127348 Bytes 7/23/2009 02:59:39
AERDL.DLL : 8.1.2.4 430452 Bytes 7/23/2009 02:59:39
AEPACK.DLL : 8.1.3.18 401783 Bytes 7/28/2009 06:31:50
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 7/23/2009 02:59:39
AEHEUR.DLL : 8.1.0.154 1917302 Bytes 8/14/2009 04:21:26
AEHELP.DLL : 8.1.5.3 233846 Bytes 7/23/2009 02:59:39
AEGEN.DLL : 8.1.1.56 356725 Bytes 8/14/2009 04:21:05
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/9/2008 07:32:40
AECORE.DLL : 8.1.7.6 184694 Bytes 7/23/2009 02:59:39
AEBB.DLL : 8.1.0.3 53618 Bytes 10/9/2008 07:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 01:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 12/5/2008 03:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 07:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 03:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 08:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 03:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 08:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 01:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 03:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 5/15/2009 08:39:58
RCTEXT.DLL : 9.0.37.0 86785 Bytes 4/17/2009 03:19:48

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, E:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 14 Ogos 2009 12:22

Starting search for hidden objects.
'33998' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'msiexec.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'skypePM.exe' - '1' Module(s) have been scanned
Scan process 'chrome.exe' - '1' Module(s) have been scanned
Scan process 'uTorrent.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'braviax.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'msword98.exe' - '1' Module(s) have been scanned
Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'YahooWidgets.exe' - '1' Module(s) have been scanned
Scan process 'YahooWidgets.exe' - '1' Module(s) have been scanned
Scan process 'YahooWidgets.exe' - '1' Module(s) have been scanned
Scan process 'RKLauncher.exe' - '1' Module(s) have been scanned
Scan process 'DSLMON.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'Skype.exe' - '1' Module(s) have been scanned
Scan process 'hpqwmiex.exe' - '1' Module(s) have been scanned
Scan process 'GoogleCrashHandler.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'ashDisp.exe' - '1' Module(s) have been scanned
Scan process 'QLBCTRL.exe' - '1' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned
Scan process 'AzMixerSel.exe' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'GrooveMonitor.exe' - '1' Module(s) have been scanned
Scan process 'ashWebSv.exe' - '1' Module(s) have been scanned
Scan process 'ashMaiSv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'ashServ.exe' - '1' Module(s) have been scanned
Scan process 'aswUpdSv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
71 processes with 71 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
C:\WINDOWS\2kadiras.exe
[DETECTION] Contains recognition pattern of the DIAL/32768.A.29 dialer

The registry was scanned ( '67' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\PYKONG\Local Settings\Temp\2E.tmp
[DETECTION] Is the TR/Dropper.Gen Trojan
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\4PIJ856Z\Install[1].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\4PIJ856Z\Install[3].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\4PIJ856Z\Install[4].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\OXYFOXE7\Install[1].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\OXYFOXE7\Install[2].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\OXYFOXE7\Install[3].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\S12JCT2R\Install[2].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\S12JCT2R\Install[3].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\WH2RC5ER\Install[1].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
C:\Program Files\eRightSoft\SUPER\SUPER1.dlm
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\System Volume Information\_restore{8E354EBD-E0CB-454D-A49F-EA46C28E8068}\RP17\A0005246.exe
[DETECTION] Is the TR/Keygen.GM Trojan
C:\System Volume Information\_restore{8E354EBD-E0CB-454D-A49F-EA46C28E8068}\RP18\A0005412.exe
[0] Archive type: CAB SFX (self extracting)
--> \data1.cab
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
C:\System Volume Information\_restore{8E354EBD-E0CB-454D-A49F-EA46C28E8068}\RP28\A0007049.exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
C:\System Volume Information\_restore{8E354EBD-E0CB-454D-A49F-EA46C28E8068}\RP30\A0007245.exe
[DETECTION] Contains recognition pattern of the DIAL/32768.A.29 dialer
C:\WINDOWS\Temp\wpv381250008288.exe
[0] Archive type: RAR SFX (self extracting)
[DETECTION] Contains recognition pattern of the DR/Dldr.Boltolog.hkm dropper
--> install.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
Begin scan in 'E:\' <DATA>

Beginning disinfection:
C:\WINDOWS\2kadiras.exe
[DETECTION] Contains recognition pattern of the DIAL/32768.A.29 dialer
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
C:\Documents and Settings\PYKONG\Local Settings\Temp\2E.tmp
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to '4ab2f6c9.qua'!
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\4PIJ856Z\Install[1].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
[NOTE] The file was moved to '4af7f6f2.qua'!
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\4PIJ856Z\Install[3].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
[NOTE] The file was moved to '4e4b6a43.qua'!
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\4PIJ856Z\Install[4].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
[NOTE] The file was moved to '4e4842fb.qua'!
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\OXYFOXE7\Install[1].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
[NOTE] The file was moved to '4c83e463.qua'!
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\OXYFOXE7\Install[2].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
[NOTE] The file was moved to '4c82ecab.qua'!
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\OXYFOXE7\Install[3].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
[NOTE] The file was moved to '4c81d4d3.qua'!
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\S12JCT2R\Install[2].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\S12JCT2R\Install[3].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] Error in ARK library
[NOTE] The file is scheduled for deleting after reboot.
C:\Documents and Settings\PYKONG\Local Settings\Temporary Internet Files\Content.IE5\WH2RC5ER\Install[1].exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
[NOTE] The file was moved to '4af7f827.qua'!
C:\Program Files\eRightSoft\SUPER\SUPER1.dlm
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4ad4f80e.qua'!
C:\System Volume Information\_restore{8E354EBD-E0CB-454D-A49F-EA46C28E8068}\RP17\A0005246.exe
[DETECTION] Is the TR/Keygen.GM Trojan
[NOTE] The file was moved to '4ab4f7ea.qua'!
C:\System Volume Information\_restore{8E354EBD-E0CB-454D-A49F-EA46C28E8068}\RP28\A0007049.exe
[DETECTION] Is the TR/Dldr.FraudLo.sxm Trojan
[NOTE] The file was moved to '4e19dcc3.qua'!
C:\System Volume Information\_restore{8E354EBD-E0CB-454D-A49F-EA46C28E8068}\RP30\A0007245.exe
[DETECTION] Contains recognition pattern of the DIAL/32768.A.29 dialer
[NOTE] The file was moved to '4ccb867b.qua'!
C:\WINDOWS\Temp\wpv381250008288.exe
[DETECTION] Contains recognition pattern of the DR/Dldr.Boltolog.hkm dropper
[NOTE] The file was moved to '4afaf82a.qua'!

End of the scan: 14 Ogos 2009 13:35
Used time: 1:05:47 Hour(s)

The scan has been done completely.

5044 Scanned directories
172336 Files were scanned
17 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
13 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
172318 Files not concerned
2364 Archives were scanned
6 Warnings
17 Notes
33998 Objects were scanned with rootkit scan
0 Hidden objects were found

And from MBAM:

Malwarebytes' Anti-Malware 1.40
Database version: 2551
Windows 5.1.2600 Service Pack 3

8/15/2009 2:03:55 PM
mbam-log-2009-08-15 (14-03-55).txt

Scan type: Quick Scan
Objects scanned: 89722
Time elapsed: 8 minute(s), 10 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 4
Registry Data Items Infected: 6
Folders Infected: 0
Files Infected: 20

Memory Processes Infected:
C:\WINDOWS\system32\braviax.exe (Trojan.FakeAlert) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msword98 (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msword98 (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\braviax (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\braviax (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\PYKONG\msword98.exe (Trojan.FakeAlert.H) -> Delete on reboot.
C:\WINDOWS\system32\msword98.exe (Trojan.FakeAlert.H) -> Delete on reboot.
C:\WINDOWS\Temp\wpv111250109698.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN10.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN12.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN13.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN18.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN19.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN1A.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN94.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\BN95.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\PYKONG\Local Settings\Temp\BN1B.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\PYKONG\Local Settings\Temp\BN1F.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\PYKONG\Local Settings\Temp\BN20.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\PYKONG\Local Settings\Temp\BN21.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\PYKONG\Local Settings\Temp\BN27.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\braviax.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\PYKONG\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd (Trace.Pandex) -> Quarantined and deleted successfully.
C:\Documents and Settings\PYKONG\oashdihasidhasuidhiasdhiashdiuasdhasd (Trace.Pandex) -> Quarantined and deleted successfully.

Thanks for reading and I hope someone might be able to help...

Celcom Broadband Question

NutterButters — Sun, 08 Feb 2009 00:30:20 +0800

Hi everyone...I just got Celcom Broadband, the D98 package...and I have some questions:

1) Is there anyway to bypass the shared IP thing? (I'm a pretty heavy downloader, mostly from Rapidshare) Do programs like Hide My IP, etc etc... work?

2) What happens if I go over the 5GB limit? Does Celcom charge me extra for it?

Thanks in advance!

Question about Laptops...

NutterButters — Wed, 04 Jun 2008 16:23:45 +0800

Hi everyone...I was wondering if you can buy laptops at a cheaper price when you enter local uni? Is there a special student price or anything?

Thanks for reading...any help is appreciated..

Lowyat.NET: Latest topics by NutterButters

Plagued by wisdstr.exe virus [CLOSED. THANKS!]

Celcom Broadband Question

Question about Laptops...