Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help
Something is preventing me from playing games on PB servers... Something is preventing me from playing games on PB servers...
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help.

Reply
 
Thread Tools
Old 09-08-2007, 01:10 AM   #1 (permalink)
Registered User
 
Join Date: Sep 2007
Posts: 3
OS: XP Pro


Something is preventing me from playing games on PB servers...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:47:46 PM, on 9/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Entertainment Center\EAXLoadr.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O15 - Trusted Zone: http://onecare.live.com
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15030/CTSUEng.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.2.100.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsof...?1188739894093
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1188739867375
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V020...5030/CTPID.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Unknown owner - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 5668 bytes
NashEquil is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Old 09-08-2007, 02:38 PM   #2 (permalink)
Registered User
 
Join Date: Sep 2007
Posts: 3
OS: XP Pro


Re: Something is preventing me from playing games on PB servers...
Sorry if i wasn't more clear. I keep getting a reoccuring file on my computer called oreans32.sys

I cannot figure out what I making it come back over and over.

I have ran AVG anti-spyware, spybot, and SUPERAntiSpyware and let it clean anything it found. But even after this, it keeps showing back up in my C:\WINDOWS\System32\drivers folder.


Can someone help me troubleshoot this?
NashEquil is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Old 09-08-2007, 02:54 PM   #3 (permalink)
Registered User
 
Join Date: Sep 2007
Posts: 3
OS: XP Pro


Re: Something is preventing me from playing games on PB servers...
I ran combo fix also today:


ComboFix 07-09-08.7 - "Administrator" 2007-09-08 16:46:31.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1515 [GMT -4:00]
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\_000003_.tmp.dll
C:\WINDOWS\system32\_000005_.tmp.dll
C:\WINDOWS\system32\_000007_.tmp.dll
C:\WINDOWS\system32\_000008_.tmp.dll
C:\WINDOWS\system32\_000009_.tmp.dll
C:\WINDOWS\system32\_000010_.tmp.dll
C:\WINDOWS\system32\_000012_.tmp.dll
C:\WINDOWS\system32\_000110_.tmp.dll


((((((((((((((((((((((((( Files Created from 2007-08-08 to 2007-09-08 )))))))))))))))))))))))))))))))
.

2007-09-08 16:46 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-08 03:21 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-09-08 03:20 674,600 --a------ C:\WINDOWS\system32\pbsvc.exe
2007-09-08 03:14 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-09-08 03:14 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-09-07 19:40 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
2007-09-07 19:38 <DIR> d-------- C:\WINDOWS\nview
2007-09-07 18:37 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-09-07 17:10 (2) -rahs-ot- C:\WINDOWS\winstart.bat
2007-09-06 14:03 765,952 --a------ C:\DOCUME~1\ADMINI~1\msvcp71d.dll
2007-09-06 14:03 61,440 --a------ C:\DOCUME~1\ADMINI~1\msvcrt40.dll
2007-09-06 14:03 565,760 --a------ C:\DOCUME~1\ADMINI~1\msvcp50.dll
2007-09-06 14:03 544,768 --a------ C:\DOCUME~1\ADMINI~1\msvcr71d.dll
2007-09-06 14:03 54,784 --a------ C:\DOCUME~1\ADMINI~1\msvcirt.dll
2007-09-06 14:03 499,712 --a------ C:\DOCUME~1\ADMINI~1\msvcp71.dll
2007-09-06 14:03 434,252 --a------ C:\DOCUME~1\ADMINI~1\MSVCRTD.DLL
2007-09-06 14:03 413,696 --a------ C:\DOCUME~1\ADMINI~1\msvcp60.dll
2007-09-06 14:03 348,160 --a------ C:\DOCUME~1\ADMINI~1\msvcr71.dll
2007-09-06 14:03 343,040 --a------ C:\DOCUME~1\ADMINI~1\msvcrt.dll
2007-09-06 14:03 253,952 --a------ C:\DOCUME~1\ADMINI~1\msvcrt20.dll
2007-09-06 14:03 249,856 --a------ C:\DOCUME~1\ADMINI~1\MSX Systemhelper 1.0.exe
2007-09-06 14:03 1,388,544 --a------ C:\DOCUME~1\ADMINI~1\MSVBVM6N.DLL
2007-09-06 14:03 1,386,496 --a------ C:\DOCUME~1\ADMINI~1\msvbvm60.dll
2007-09-06 14:03 1,355,776 --a------ C:\DOCUME~1\ADMINI~1\msvbvm50.dll
2007-09-03 18:16 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-09-03 18:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
2007-09-03 18:16 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\SUPERAntiSpyware.com
2007-09-02 10:29 <DIR> d-------- C:\Program Files\MSXML 6.0
2007-09-02 09:58 <DIR> d-------- C:\Program Files\MSBuild
2007-09-02 09:56 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2007-09-02 09:56 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2007-09-02 09:56 <DIR> d-------- C:\Program Files\Reference Assemblies
2007-09-02 09:55 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-09-02 09:55 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-09-02 09:55 <DIR> d-------- C:\982bde8dfe5d17a640
2007-09-02 09:55 <DIR> d-------- C:\39bb7ce70b72ed2a6448
2007-09-02 09:55 <DIR> d-------- C:\038c976c53719d1c99089af0
2007-09-02 09:54 <DIR> d-------- C:\c6a931c7eb84ff3227da763602caf1
2007-09-02 09:52 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-09-02 09:44 <DIR> d-------- C:\e330ba9d348fdb2daddab539
2007-09-02 09:41 36,352 --------- C:\WINDOWS\system32\tsgqec.dll
2007-09-02 09:41 288,768 --------- C:\WINDOWS\system32\rhttpaa.dll
2007-09-02 09:41 116,736 --------- C:\WINDOWS\system32\aaclient.dll
2007-09-02 09:35 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-09-02 09:33 <DIR> d-------- C:\WUTemp
2007-09-02 09:33 <DIR> d-------- C:\146085ae7c6bc75ffc1dc96d27
2007-09-02 09:31 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2007-09-02 09:31 <DIR> d--hs---- C:\DOCUME~1\ADMINI~1\UserData
2007-09-01 16:19 4,136 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2007-08-31 23:40 <DIR> d-------- C:\Program Files\Download Manager
2007-08-31 23:28 <DIR> d-------- C:\Program Files\Electronic Arts
2007-08-31 22:57 22,328 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\PnkBstrK.sys
2007-08-31 22:10 <DIR> d-------- C:\Program Files\Total Uninstall 3
2007-08-31 13:47 438,272 --a------ C:\WINDOWS\system32\vp6vfw.dll
2007-08-31 12:22 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-08-31 12:22 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-08-31 12:22 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-08-30 17:37 <DIR> d-------- C:\Temp
2007-08-28 20:52 61,056 --a--c--- C:\WINDOWS\system32\dllcache\ohci1394.sys
2007-08-28 20:52 61,056 --a------ C:\WINDOWS\system32\drivers\ohci1394.sys
2007-08-28 20:52 6,400 --a--c--- C:\WINDOWS\system32\dllcache\enum1394.sys
2007-08-28 20:52 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2007-08-28 20:52 53,248 --a--c--- C:\WINDOWS\system32\dllcache\1394bus.sys
2007-08-28 20:52 53,248 --a------ C:\WINDOWS\system32\drivers\1394bus.sys
2007-08-28 20:51 <DIR> d-------- C:\WINDOWS\system32\AGEIA
2007-08-28 20:51 <DIR> d-------- C:\Program Files\AGEIA Technologies
2007-08-27 18:43 <DIR> d-------- C:\Program Files\RF Addiction
2007-08-25 08:13 50,552 --ah----- C:\WINDOWS\system32\mlfcache.dat
2007-08-16 20:43 <DIR> d-------- C:\Program Files\mIRC
2007-08-16 20:43 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\mIRC
2007-08-13 18:10 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2007-08-13 18:10 65,536 --a------ C:\WINDOWS\system32\HPZipm12.exe
2007-08-13 18:10 61,440 --a------ C:\WINDOWS\system32\HPZinw12.exe
2007-08-13 18:10 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2007-08-13 18:10 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-08-13 18:10 278,584 --a------ C:\WINDOWS\system32\HPZidr12.dll
2007-08-13 18:10 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2007-08-13 18:09 98,304 -ra------ C:\WINDOWS\system32\hpzjsn01.dll
2007-08-13 18:09 73,728 -ra------ C:\WINDOWS\system32\hptcpmib.dll
2007-08-13 18:09 28,672 -ra------ C:\WINDOWS\system32\hpzjfw01.dll
2007-08-13 18:09 212,992 -ra------ C:\WINDOWS\system32\hptcpmui.dll
2007-08-13 18:09 139,345 --a------ C:\WINDOWS\system32\hpzlnt12.dll
2007-08-13 18:09 110,592 -ra------ C:\WINDOWS\system32\hptcpmon.dll
2007-08-13 18:09 <DIR> d-------- C:\Program Files\HP
2007-08-13 18:09 <DIR> d-------- C:\Program Files\Hewlett-Packard
2007-08-11 00:19 <DIR> d-------- C:\Program Files\Google
2007-08-10 12:04 277 --a------ C:\WINDOWS\strings.sys
2007-08-10 12:04 164 --a------ C:\WINDOWS\Settings.sys
2007-08-10 10:50 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-08-09 02:52 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
2007-08-09 02:49 <DIR> d-------- C:\Program Files\QuickTime
2007-08-09 02:49 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
2007-08-09 02:49 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-07 19:29 --------- d-------- C:\Program Files\Creative
2007-09-07 17:05 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-09-07 17:05 --------- d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-09-07 17:03 --------- d-------- C:\Program Files\Granado Espada
2007-09-01 16:41 --------- d-------- C:\Program Files\EA SPORTS
2007-09-01 16:13 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\IGN_DLM
2007-08-31 23:17 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\uTorrent
2007-08-31 22:29 --------- d-------- C:\Program Files\IGN
2007-08-30 17:37 --------- d-------- C:\Program Files\Sony
2007-08-29 10:00 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\PACE Anti-Piracy
2007-08-29 10:00 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\PACE Anti-Piracy
2007-08-28 20:46 --------- d-------- C:\Program Files\Ubisoft
2007-08-06 00:12 224048 --a------ C:\Program Files\utorrent.exe
2007-07-28 16:54 --------- d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2007-07-26 22:52 --------- d-------- C:\Program Files\NVIDIA Corporation
2007-07-25 02:22 --------- d-------- C:\Program Files\Futuremark
2007-07-23 14:53 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Ventrilo
2007-07-21 05:06 --------- d-------- C:\Program Files\Common Files\EasyInfo
2007-07-15 23:52 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\WinRAR
2007-07-14 01:22 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Creative
2007-07-10 15:22 --------- d-------- C:\Program Files\Common Files\PACE Anti-Piracy
2007-07-09 19:40 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative
2007-07-09 19:26 --------- d-------- C:\Program Files\Microsoft Works
2007-07-09 19:26 --------- d-------- C:\Program Files\Microsoft ActiveSync
2007-07-09 19:26 --------- d-------- C:\Program Files\Common Files\L&H
2007-07-09 19:21 --------- d-------- C:\Program Files\Microsoft ACT
2007-07-09 19:06 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
2007-07-09 18:09 --------- d-------- C:\Program Files\ASUS
2007-07-09 17:27 --------- d-------- C:\Program Files\Common Files\Merge Modules
2007-07-09 17:18 --------- d-------- C:\Program Files\Microsoft Visual Studio .NET 2003
2007-07-09 17:02 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\U3
2007-07-09 16:58 --------- d-------- C:\Program Files\HTML Help Workshop
2007-07-09 16:51 --------- d-------- C:\Program Files\Common Files\Crystal Decisions
2007-07-09 16:38 --------- d-------- C:\Program Files\Microsoft.NET
2007-07-09 12:12 --------- d-------- C:\Program Files\Common Files\SWF Studio
2007-07-09 02:03 --------- d-------- C:\Program Files\Valve
2007-07-08 18:13 28624 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2007-07-08 18:13 --------- d-------- C:\Program Files\EACOM
2007-06-13 06:23 1033216 --a------ C:\WINDOWS\explorer.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"="C:\WINDOWS\system32\nvraidservice.exe" [2006-09-21 15:40]
"CTHelper"="CTHELPER.EXE" [2006-08-17 11:32 C:\WINDOWS\CTHELPER.EXE]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-08-17 11:32 C:\WINDOWS\system32\CTXFIHLP.EXE]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"CTDVDDET"="C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 01:00]
"RCSystem"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 18:07]
"AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 18:07]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2004-06-25 20:32]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2004-02-18 13:55]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 05:25]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-29 00:43]
"nwiz"="nwiz.exe" [2007-06-29 00:43 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-29 00:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\valve\steam\steam.exe" [2007-07-09 18:22]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 08:00]
"igndlm.exe"="C:\Program Files\Download Manager\DLM.exe" [2007-03-05 17:57]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys
S0 Partizan;Partizan;C:\WINDOWS\system32\drivers\Partizan.sys
S2 VPCAppSv;Virtual PC Application Services;C:\WINDOWS\system32\DRIVERS\VPCAppSv.sys
S3 P17;Sound Blaster Audigy;C:\WINDOWS\system32\drivers\P17.sys
S3 XDva011;XDva011;\??\C:\WINDOWS\system32\XDva011.sys
S3 XDva020;XDva020;\??\C:\WINDOWS\system32\XDva020.sys


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
AutoRun\command- D:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
AutoRun\command- F:\LaunchU3.exe

.
**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-08 16:50:14
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-09-08 16:51:21 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-08 16:51
.
--- E O F ---
NashEquil is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Old 09-13-2007, 08:07 AM   #4 (permalink)
Expert Analyst, Moderator, Security Team
 
Join Date: Sep 2006
Posts: 1,341
OS: xp


Re: Something is preventing me from playing games on PB servers...
Welcome to the forum

Is one of your programs alerting to oreans32.sys ? is so which

Post a report from one or better yet both of these free online scans


Panda ActiveScan-Free online scanner,
http://www.pandasoftware.com/products/activescan.htm
Pess "scan your PC now" allow the active x to install (if prompted)
Do a full scan > Click the my computer button
After the scan click see report then Save the report and post it back here please.
If you have problems read the FAQ http://www.pandasoftware.com/actives...q.asp?IdLang=2

Kaspersky Lab - Free Online scan:
http://www.kaspersky.com/virusscanner
Click scan settings and place a check next to use [x]extended this database etc etc. Click ok.
Then choose: my computer: scan all your hard drives and mapped disks.
when finished click save as text and post that in your reply.
LonnyRJones is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 01:17 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2008, Tech Support Forum

Search Engine Friendly URLs by vBSEO

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82