Infections, gaming problems

[plasma dragon00]

well, while playing World of Warcraft, i started having a problem with it about 2 days ago. after a few miunutes of playing my screen will go black. the monitor is still on, i can see the backlight, and im not getting any "mode not supported" errors or such from it. i have a feeling it may be my video card, until this morning i also thought it could be a sort of infection. i ran hjt, combofix, which deleted a pskill.exe, and right now panda anti rootkit is running, but seems to be going slowly, but still going.

logs atached, any help would be greatly appreciated.

oh, and on a side note, adaware 2007 and avg anti spyware, both with the latest definitions, are getting stuck on files. i let one of them run while i was at my school dance, and 5 hours later, when i came home, it was still on the same file. smart scans in both programs seem to be the only ones that dont get stuck on files. when i get home from school later ill run them and specify which files specifically theyre getting stuck on.

once again, thanks for the help guys, and logs are attached.

~plasma

p.s - panda anti roootkit showed up clean

EDIT - logs dont seem to want to upload...

im getting the error:
log.txt:
Attachment in Progress. Can be deleted here.

ive tried many times, wont upload. i hope you guys dont mind if i post the logs as posts instead? ill try clearing my cache first though.

EDIT2 - yeah even that didnt work... im gonna have to post the logfiles as posts, sorry -_-

EDIT3 - nevermind, got it, had to go in and clear out some of the old logfiles that i had posted.

 

[CCT]

Boot into Safe Mode with networking and follow the prelim removal steps here:

https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/

 

[Blind Dragon]

VIORB.EXE
Writes to another Process's Virtual Memory (Process Hijacking)

I would say this is probably the culprit and why spybot/adaware hanging. I woudl run through the preliminary removal instructions but not from safe mode with networking. When it says Safe mode it means safe mode, not with networking. You can always save what you need in a notepad file on your desktop for use while in safe mode then delete afterwards. Safe mode with networking isn't very safe as your firewall and anti-virus don't load either.

Make sure you disable teatimer and your resident protection on your virus scanner prior to following.

Let's do this before you start

Upload a File to Virustotal
Please visit Virustotal found HERE

• Click the Browse... button
• Navigate to the file C:\Program Files\ViOrb\ViOrbv2.exe
• Click the Open button
• Click the Send button
• Copy and paste the results back here please.

 

[plasma dragon00]

im on vundofix.exe from the prelim removal, and yes i know about how safemode w/ network isnt very safe. i had no idea that viorb was a somewhat bad file though. and its odd because adaware and AVG AS have only been doing this for about a week, maybe 2, but ive been using viorb for a few months.

any idea if the program TrueTransparency is safe? i like viorb and TT, but they seem to conflict and dont allow much action with windows then, until you are able to close one or the other.

virus total results on viorbv2.exe are...

Antivirus Version Last Update Result
AhnLab-V3 2008.3.4.0 2008.03.04 -
AntiVir 7.6.0.73 2008.03.04 -
Authentium 4.93.8 2008.03.04 -
Avast 4.7.1098.0 2008.03.04 -
AVG 7.5.0.516 2008.03.04 -
BitDefender 7.2 2008.03.05 -
CAT-QuickHeal 9.50 2008.03.04 -
ClamAV 0.92.1 2008.03.05 -
DrWeb 4.44.0.09170 2008.03.04 -
eSafe 7.0.15.0 2008.02.28 -
eTrust-Vet 31.3.5588 2008.03.04 -
Ewido 4.0 2008.03.04 -
FileAdvisor 1 2008.03.05 -
Fortinet 3.14.0.0 2008.03.04 -
F-Prot 4.4.2.54 2008.03.04 -
F-Secure 6.70.13260.0 2008.03.05 -
Ikarus T3.1.1.20 2008.03.04 -
Kaspersky 7.0.0.125 2008.03.05 -
McAfee 5244 2008.03.04 -
Microsoft 1.3301 2008.03.05 -
NOD32v2 2921 2008.03.04 -
Norman 5.80.02 2008.03.04 -
Panda 9.0.0.4 2008.03.04 -
Prevx1 V2 2008.03.05 -
Rising 20.34.12.00 2008.03.04 -
Sophos 4.27.0 2008.03.04 -
Sunbelt 3.0.906.0 2008.02.28 -
Symantec 10 2008.03.05 -
TheHacker 6.2.92.233 2008.03.04 -
VBA32 3.12.6.2 2008.03.05 -
VirusBuster 4.3.26:9 2008.03.04 -
Webwasher-Gateway 6.6.2 2008.03.04 -
Additional information
File size: 163840 bytes
MD5: 66db6659a220a30b0f54419483d474a7
SHA1: 859e3954eff4519d54235bf403b95c1f191b802a
PEiD: -

thanks for the help,

~plasma

 

[Blind Dragon]

I am not familiar with either just that there wasn't a lot of information on it, and thus why i suggested using virus total, as you can see in the log it basically ran the file through a lot of different scanners looking for a definition match.

will no more from combofix hopefully

 

[plasma dragon00]

ill continue with the prelim instructions soon, right now, my uncle suggested running prime 95, and im going to do it. we've pretty much narrowed it down to my graphics card though, because it goes black during halo also, and did the same thing while windows was loading too. although it still doesnt rule out the monitor, i think it would be unlikely now given the current information.

 

[Blind Dragon]

have you tried dropping the resolution just to see if it still happens?

 

[plasma dragon00]

yeah, ive tried dropping the resolution for my desktop al the way down to 800x600, and turning down my WoW settings all the way, didnt help

in the hopes that i can still play WoW, im runnin with the case open as i think the card is overheating, and im gonna try to turn down all the settings again. hopefully i can keep the card a little cooler and not stress it as much

 

[plasma dragon00]

by the way, AVG AS gets stuck on something in the C:\System Volume Information folder, i believe it was something along the lines of tracking.log..., and adaware 07 gets stuck on the lang.ini file for my xbox 360 controller.