Jump to content
norbat

Unclassified.Oreans32

Recommended Posts

SAS find this after every scan. What is it and why does they not get removed?

Unclassified.Oreans32

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32#NextInstance

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Service

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Legacy

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#ConfigFlags

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Class

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#ClassGUID

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#DeviceDesc

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Capabilities

Share this post


Link to post
Share on other sites
SAS find this after every scan. What is it and why does they not get removed?

Unclassified.Oreans32

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32#NextInstance

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Service

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Legacy

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#ConfigFlags

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Class

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#ClassGUID

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#DeviceDesc

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Capabilities

Are you running version 4.0.1154? Did you reboot after the scan?

Share this post


Link to post
Share on other sites

Hi,

Here is the complete scan-log:

SUPERAntiSpyware Scan Log

https://www.superantispyware.com

Generated 04/18/2008 at 08:16 PM

Application Version : 4.0.1154

Core Rules Database Version : 3441

Trace Rules Database Version: 1433

Scan type : Complete Scan

Total Scan Time : 00:17:47

Memory items scanned : 555

Memory threats detected : 0

Registry items scanned : 5157

Registry threats detected : 10

File items scanned : 19385

File threats detected : 0

Unclassified.Oreans32

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32#NextInstance

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Service

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Legacy

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#ConfigFlags

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Class

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#ClassGUID

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#DeviceDesc

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS3200#Capabilities

And yes, they still come back after reboot. I cant find other files related to any malware (have scan with different av-prog inkl. Combofix). The comp. run Vista H.P.

Share this post


Link to post
Share on other sites
What shall i do with the reg-files SAS find?

They returne after reboot.

They may be used by a legit application on your system - if that's all that's being found, you can leave them.

Share this post


Link to post
Share on other sites

Hey im new to this site so i thought id just say hi for starters.

As previously posted in this topic i to have recieved a message saying unclassified oreans32. I don't know wether to delete them or not.

The log states.

Unclassified.Oreans32

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32#NextInstance

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#Service

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#Legacy

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#ConfigFlags

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#Class

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#ClassGUID

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#DeviceDesc

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#Capabilities

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000#Driver

HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_OREANS32\0000\LogConf

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×