# big runescape problem helppp



## stoicky 993 (Feb 24, 2008)

Hey everyone!!! I have a very big problem with runescape.When i want to enter on runescape homepage it says:forbidden,You dont have permission to access/ on this server. Help me please and tell me what to do.This is a very urgent problem!!!!


----------



## stoicky 993 (Feb 24, 2008)

I see taht no one wants to help me. Please someone help a moderator or something help meeee!!!!!!!


----------



## justpassingby (Mar 11, 2007)

Please don't send PM's to the staff to ask that we look at your thread. This is a forum not a chat, you have to be patient.

Also, you won't get proper help if you don't provide all the relevant information here :


stoicky 993 said:


> It all started when i downloaded a file from the internet.After that runescape homepage doesn`t open.


What's that file you downloaded ? Which program did you use to download it ?

Are you the administrator of the computer ? If you're at school and the admin has blocked the website we can't help you.


----------



## stoicky 993 (Feb 24, 2008)

im the admin of the computer. It`s my personal computer.Folder name is :runescape millios guide.zip.I downloaded it from www.isohunt.com using bitcomet.After using it i cant enter on runescape homepage. You can give me an address for faster conversation.I am a member of this game and i pay for playing it.I don`t want to loose my money.Runescape was made by jagex.ltd.It`s a very popular game.10 mil of people play it.If you can contact them please do it.I am waiting for your reply or your help.
Sorry for being so crazy but you must have understand why I need your help.


----------



## stoicky 993 (Feb 24, 2008)

The file might be a virus or something like that, but my computer works as normal annd the single problem is that i can`t enter on runescape homepage. That is a big one.


----------



## justpassingby (Mar 11, 2007)

Uninstall your P2P software then read these instructions very carefully and follow them all : http://www.techsupportforum.com/sec...read-before-posting-malware-removal-help.html
Post your final logs in a new thread in the HijackThis section. Be patient as our security analysts are very busy and you may have to wait several days before you get an answer, unfortunately that's the case on all forums that provide HJT support. Try to be very specific and don't bump your thread since they notice unanswered threads faster and start with the older ones.



stoicky 993 said:


> I downloaded it from www.isohunt.com using bitcomet.


We don't support P2P, check the forum's rules :


> we do not support P2P software and we will not assist any user in this regard. This includes but is not limited to Bearshare, Kazaa and many others.


----------



## koala (Mar 27, 2005)

Did you scan the zip for infections?

It might be safer to get the book from the official source instead of the more risky BitComet. *http://www.runescapemillions.com/*

Contact the game manufacturer's support team and tell them the name of the file you downloaded, where you downloaded it from, and what has happened to your game. If you're paying a subscription, it's up to them to fix the problem. Backup your save files if they tell you to reinstall.


----------



## justpassingby (Mar 11, 2007)

koala said:


> Did you scan the zip for infections?


Yup, take Koala's good advices. Upload the zip file on this website, it'll tell you if it's infected and what the virus/worm may be : http://virusscan.jotti.org/. If there's a virus then follow the steps I provided earlier.

I looked on the game's website and all the support forms and help forums are on the same domain. You'll have to use another computer to contact them for help since you can't access runescape.com at all.


----------



## stoicky 993 (Feb 24, 2008)

I scanned my computer and the file at the site which you told me and it is ok. The file doesn`t contain any viruses.What should i do now??? I think the problem isn`t that file.


----------



## koala (Mar 27, 2005)

Let us know when you get a reply from Runescape Support.


----------



## stoicky 993 (Feb 24, 2008)

this will be tomorow


----------



## stoicky 993 (Feb 24, 2008)

Do you know if runescape has an email adress because i don`t have another computer to enter on, or maybe a way to enter on runescape homepage.Aren`t there any settings at mozzila firefox to make runescape page work???


----------



## koala (Mar 27, 2005)

From http://tip.it/runescape/?page=faq.htm#q12


> How can I contact Jagex?
> Go to the www.runescape.com website and scroll down to the 'Customer Support' section. You will need to enter your username and password.
> 
> *NOTE: As of January 2008 the Customer Support feature on the RuneScape homepage has been removed. In result, there is currently no official way to contact Jagex other than through appeals.*


----------



## stoicky 993 (Feb 24, 2008)

After my scan with dss:

```
Deckard's System Scanner v20071014.68
Run by me on 2008-02-26 22:41:55
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
7: 2008-02-26 20:42:30 UTC - RP507 - Deckard's System Scanner Restore Point
6: 2008-02-26 19:37:43 UTC - RP506 - System Checkpoint
5: 2008-02-25 18:53:00 UTC - RP505 - System Checkpoint
4: 2008-02-24 16:32:18 UTC - RP504 - System Checkpoint
3: 2008-02-23 15:51:34 UTC - RP503 - System Checkpoint


-- First Restore Point -- 
1: 2008-02-17 19:00:04 UTC - RP501 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

[color=red]System Drive C: has 0.08 GiB (less than 15%) free.[/color]


-- HijackThis (run as me.exe) --------------------------------------------------

logfile has no content; running clone.
-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-02-26 22:46:11
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\FlashCP\FlashCP-Service.exe
C:\Program Files\McAfee\MBK\MBackMonitor.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\Program Files\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\MyWebSearch\bar\3.bin\MWSOEMON.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\FlashCP\FlashCP-Autorun.exe
C:\Program Files\McAfee\VirusScan\Mcshield.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
D:\itunes\iTunesHelper.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\McAfee\MPF\MpfSrv.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\McAfee\MSK\msksrver.exe
C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
C:\Program Files\SiteAdvisor\6253\SAService.exe
C:\WINDOWS\system32\svchost.exe
D:\OLYMPUS PHOTO\Monitor.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Delux\PS2 Keyboard English Edition 2.0\kb_2k.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\McAfee\VirusScan\mcsysmon.exe
C:\Program Files\Common Files\Panda Software\PavShld\PavPrSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee\VirusScan\mcods.exe
C:\Program Files\McAfee\VirusScan\mcvsshld.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\me\Desktop\dss.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [url]http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.yahoo.com/[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [url]http://www.google.com/ie[/url]
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [url]http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com[/url]
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url]http://www.yahoo.com[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url]http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [url]http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.yahoo.com[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = [url]http://www.google.com/ie[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [url]http://www.google.com/ie[/url]
F0 - system.ini: Shell=Explorer.exe 
F2 - REG:system.ini: Shell=Explorer.exe 
O1 - Hosts: 64.182.102.212	runescape.com
O1 - Hosts: 64.182.102.212	paypal.com
O1 - Hosts: 64.182.102.212	sythe.org
O1 - Hosts: 64.182.102.212	[url]www.runescape.com[/url]
O1 - Hosts: 64.182.102.212	[url]www.paypal.com[/url]
O1 - Hosts: 64.182.102.212	[url]www.sythe.org[/url]
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Cole2k Media Toolbar Helper - {08825191-C3C7-44e9-8CA6-07AB521FA8F2} - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\BitComet\bit2\tools\BitCometBHO_1.1.7.4.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: CVirtualDNSObj Object - {86C510E9-97EF-4749-914F-0280247BE3A6} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll
O3 - Toolbar: Cole2k Media Toolbar - {015407A9-D183-4379-8452-DFD7C2297902} - C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [FlashCP] C:\Program Files\FlashCP\FlashCP-Autorun.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [OM_Monitor] D:\OLYMPUS PHOTO\FirstStart.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Windows Update] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [msconfig] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [icq lite] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [Update Checker] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [AntiVir] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [McAfee Backup] C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe
O4 - HKLM\..\Run: [MBkLogOnHook] C:\Program Files\McAfee\MBK\LogOnHook.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Error Nuker] C:\Program Files\Error Nuker\bin\ErrorNuker.exe autostart
O4 - HKLM\..\RunOnce: [MyWebSearch bar Uninstall] rundll32 C:\PROGRA~1\UNINST~1.DLL,O -3
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [OM_Monitor] D:\OLYMPUS PHOTO\Monitor.exe
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] D:\SpeedUpMyPC\SpeedUpMyPC.exe
O4 - HKCU\..\Run: [long bleh] C:\DOCUME~1\me\APPLIC~1\INTERW~1\THIS FREE.exe
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = ?
O4 - Global Startup: PS2 Keyboard English Edition 2.0.lnk = C:\Program Files\Delux\PS2 Keyboard English Edition 2.0\kb_2k.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableTaskMgr=1
O8 - Extra context menu item: &D&ownload &with BitComet - res://D:\BitComet\bit2\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://D:\BitComet\bit2\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://D:\BitComet\bit2\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - (file missing)
O9 - Extra button: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - D:\games\backgammon\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyGammon.com - {59A861EE-32B3-42cd-8CCA-FC130EDF3A44} - D:\games\backgammon\PartyGammon\RunBackGammon.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: RaptisoftGameLoader () - [url]http://www.miniclip.com/hamsterball/raptisoftgameloader.cab[/url]
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} () - [url]http://www.errornuker.com/products/errn2004/installers/default/ErrorNukerInstaller.exe[/url]
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [url]http://go.microsoft.com/fwlink/?linkid=39204[/url]
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - [url]http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab[/url]
O18 - Protocol: bw+0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {826a55d8-0dc4-479e-863e-3a9076dd0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL
O18 - Protocol: offline-8876480 - {826A55D8-0DC4-479E-863E-3A9076DD0713} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: McAfee Application Installer Cleanup (0131521204036997) (0131521204036997mcinstcleanup) - Unknown owner - C:\WINDOWS\TEMP\013152~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: FlashCP-Service - Unknown owner - C:\Program Files\FlashCP\FlashCP-Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\Mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MpfSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\msksrver.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\PavPrSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SiteAdvisor Service - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe


--
End of file - 28531 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology (StarForce); SF FrontLine>
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology (StarForce); SF FrontLine>
R0 sfsync04 (StarForce Protection Synchronization Driver (version 4.x)) - c:\windows\system32\drivers\sfsync04.sys <Not Verified; Protection Technology (StarForce); SF FrontLine>
R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys <Not Verified; Protection Technology; StarForce Protection System>
R1 asuskbnt (Enhanced Display Driver Helper Service) - c:\windows\system32\drivers\atkkbnt.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Help driver For Keyboard Service.>
R1 cdrbsdrv - c:\windows\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD7>
R1 oreans32 - c:\windows\system32\drivers\oreans32.sys
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R1 ShldDrv (Panda File Shield Driver) - c:\windows\system32\drivers\shldrv51.sys (file missing)
R2 atksgt - c:\windows\system32\drivers\atksgt.sys
R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys <Not Verified; Macrovision Europe Ltd; Security Windows NT>
R2 EIO - c:\windows\system32\drivers\eio.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT>
R2 lirsgt - c:\windows\system32\drivers\lirsgt.sys
R2 PavProc (Panda Process Protection Driver) - c:\windows\system32\drivers\pavproc.sys (file missing)
R2 SVKP - c:\windows\system32\svkp.sys <Not Verified; AntiCracking; SVKP driver for NT>
R3 ezplay (VSO Software ezplay) - c:\windows\system32\drivers\ezplay.sys <Not Verified; VSO Software; autoplay Application>
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 Ptserial (W2K Pctel Serial Device Driver) - c:\windows\system32\drivers\ptserial.sys <Not Verified; PCTEL, INC.; HSP Modem Serial Device>
R3 Vmodem (W2K Vmodem) - c:\windows\system32\drivers\vmodem.sys <Not Verified; PCTEL, INC.; HSP Modem Modem Device>
R3 Vpctcom (W2K Vpctcom) - c:\windows\system32\drivers\vpctcom.sys <Not Verified; PCtel, Inc.; HSP Modem Virtual Control Device>
R3 Vvoice (W2K Vvoice) - c:\windows\system32\drivers\vvoice.sys <Not Verified; PCtel, Inc.; PCTEL HSP Modem Voice Device>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 ATKKeyboardService (ATK Keyboard Service) - c:\windows\atkkbservice.exe <Not Verified; ASUSTeK COMPUTER INC.; ASUS Keyboard Service>
R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; Macrovision; SafeCast Windows NT>
R2 FlashCP-Service - c:\program files\flashcp\flashcp-service.exe
R2 SansaService (Sansa Updater Service) - c:\program files\sandisk\sansa updater\sansasvr.exe
R3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>

S2 0131521204036997mcinstcleanup (McAfee Application Installer Cleanup (0131521204036997)) - c:\windows\temp\013152~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service (file missing)
S2 Windows Log - c:\windows\system32\nvsvcd.exe (file missing)


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-02-26 22:00:00       252 --ah----- C:\WINDOWS\Tasks\A6A211049185899C.job
2008-02-08 14:22:05       284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-01-19 18:19:03       334 --a------ C:\WINDOWS\Tasks\McDefragTask.job
2008-01-19 18:19:02       326 --a------ C:\WINDOWS\Tasks\McQcTask.job


-- Files created between 2008-01-26 and 2008-02-26 -----------------------------

2008-02-26 22:45:29         0 d-------- C:\Program Files\Trend Micro
2008-02-26 22:32:48    381012 --a------ C:\Program Files\Uninstall Fun Web Products.dll <Not Verified; MyWebSearch.com; My Web Search Bar for Internet Explorer, FireFox, Netscape, email clients, and messenger clients>
2008-02-26 16:57:20         0 d-------- C:\Program Files\Common Files\Panda Software
2008-02-26 16:43:13         0 d-------- C:\WINDOWS\LastGood


-- Find3M Report ---------------------------------------------------------------

2008-02-26 16:57:20         0 d-------- C:\Program Files\Common Files
2008-02-26 16:43:12         0 d-------- C:\Program Files\McAfee
2008-02-23 23:48:28         0 d-------- C:\Documents and Settings\me\Application Data\MegauploadToolbar
2008-01-21 21:55:50         0 d-------- C:\Documents and Settings\me\Application Data\Yahoo!
2008-01-21 21:50:53         0 d-------- C:\Program Files\QuickTime
2008-01-21 21:48:19         0 d-------- C:\Program Files\Yahoo!
2008-01-20 20:07:35         0 d-------- C:\Documents and Settings\me\Application Data\McAfee
2008-01-20 19:47:14         0 d-------- C:\Program Files\SiteAdvisor
2008-01-20 13:04:02         0 d-------- C:\Documents and Settings\me\Application Data\SiteAdvisor
2008-01-19 18:26:26         0 d-------- C:\Program Files\McAfee.com
2008-01-19 18:19:28         0 d-------- C:\Program Files\Common Files\McAfee
2008-01-16 19:28:10         0 d-------- C:\Documents and Settings\me\Application Data\Nokia Multimedia Player
2008-01-15 15:53:59         0 d-------- C:\Program Files\MegauploadToolbar
2007-12-22 18:36:57    406832 --a----c- C:\Documents and Settings\me\Application Data\NMM-MetaData.db


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{08825191-C3C7-44e9-8CA6-07AB521FA8F2}]
08/27/2006 02:45 PM	495616	--a------	C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
09/19/2007 06:15 AM	329032	--a------	C:\Program Files\McAfee\MSK\mcapbho.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{86C510E9-97EF-4749-914F-0280247BE3A6}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{015407A9-D183-4379-8452-DFD7C2297902}"= C:\Program Files\Cole2k Media Toolbar\v2.0.0.2\Cole2k_Media_Toolbar.dll [08/27/2006 02:45 PM 495616]

[-HKEY_CLASSES_ROOT\CLSID\{015407A9-D183-4379-8452-DFD7C2297902}]
[HKEY_CLASSES_ROOT\ToolBar.ToolBarObj.1]
[HKEY_CLASSES_ROOT\TypeLib\{B3A98058-DE1F-413f-9921-FF3EEA6B716F}]
[HKEY_CLASSES_ROOT\ToolBar.ToolBarObj]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [07/30/2003 09:08 AM]
"PCTVOICE"="pctspk.exe" [11/26/2003 03:11 PM C:\WINDOWS\system32\pctspk.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [07/19/2005 04:32 PM]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [06/08/2005 02:24 PM]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [06/08/2005 02:14 PM]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 10:50 AM]
"Anti-Blaxx Manager"="C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe" [10/08/2005 08:08 PM]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [01/02/2006 04:41 PM]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [12/10/2005 04:57 PM]
"FlashCP"="C:\Program Files\FlashCP\FlashCP-Autorun.exe" [10/21/2005 08:03 AM]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [10/11/2006 06:51 PM]
"OM_Monitor"="D:\OLYMPUS PHOTO\FirstStart.exe" [05/16/2006 04:50 PM]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [02/16/2005 11:11 PM]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [07/29/2006 01:07 PM]
"Windows Update"="C:\WINDOWS\scvhost.exe" []
"msconfig"="C:\WINDOWS\scvhost.exe" []
"icq lite"="C:\WINDOWS\scvhost.exe" []
"Update Checker"="C:\WINDOWS\scvhost.exe" []
"AntiVir"="C:\WINDOWS\scvhost.exe" []
"@"="C:\WINDOWS\scvhost.exe" []
"iTunesHelper"="D:\itunes\iTunesHelper.exe" [08/15/2007 07:15 PM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [11/28/2006 02:12 PM]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [08/03/2007 10:33 PM]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [08/24/2007 11:57 PM]
"McENUI"="C:\PROGRA~1\McAfee\MHN\McENUI.exe" [07/22/2007 08:29 PM]
"McAfee Backup"="C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" [01/16/2007 01:59 PM]
"MBkLogOnHook"="C:\Program Files\McAfee\MBK\LogOnHook.exe" [01/08/2007 11:22 AM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 01:11 AM]
"Error Nuker"="C:\Program Files\Error Nuker\bin\ErrorNuker.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [07/11/2006 10:11 AM]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [06/08/2005 01:44 PM]
"DW4"="" []
"OM_Monitor"="D:\OLYMPUS PHOTO\Monitor.exe" [05/16/2006 04:51 PM]
"Uniblue SpeedUpMyPC"="D:\SpeedUpMyPC\SpeedUpMyPC.exe" []
"long bleh"="C:\DOCUME~1\me\APPLIC~1\INTERW~1\THIS FREE.exe" []
"Aim6"="" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"MyWebSearch bar Uninstall"=rundll32 C:\PROGRA~1\UNINST~1.DLL,O -3

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11/4/2004 7:28:24 PM]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [11/4/2004 7:50:52 PM]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [7/11/2006 10:11:25 AM]
PS2 Keyboard English Edition 2.0.lnk - C:\Program Files\Delux\PS2 Keyboard English Edition 2.0\kb_2k.exe [11/29/2007 4:42:18 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)
"DisableRegistryTools"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell"="Explorer.exe "

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
AutoRun\command- J:\Installer.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{865c221e-6be5-11da-9f51-0013d4cb05d9}]
AutoRun\command- setupSNK.exe

*Newly Created Service* - PAVPROC
*Newly Created Service* - PAVPRSRV
*Newly Created Service* - SHLDDRV

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{DB8D8B83-C748-C0AF-A490-BB3F3900CABE}]
C:\WINDOWS\scvhost.exe



-- Hosts -----------------------------------------------------------------------

127.0.0.1	localhost
64.182.102.212	runescape.com
64.182.102.212	paypal.com
64.182.102.212	sythe.org
64.182.102.212	[url]www.runescape.com[/url]
64.182.102.212	[url]www.paypal.com[/url]
64.182.102.212	[url]www.sythe.org[/url]


-- End of Deckard's System Scanner: finished at 2008-02-26 22:48:12 ------------
```


----------



## stoicky 993 (Feb 24, 2008)

Sorry for this long message but i dont understand this. Tell me if it is good or not.


----------



## koala (Mar 27, 2005)

We can't analyse log files in the Gaming forum. If you think your computer is infected, follow the instructions *here* (5 pages) and then post all the requested logs in a new thread *here* for the security analysts to look at. If you have any trouble running any of the scans, leave them and move onto the next.

The security forum is always busy, so please be patient and you will receive a reply as soon as possible. If you go to Thread Tools > Subscribe at the top of your new thread you will receive an email as soon as a reply is posted.


EDIT:
The HOSTS file is for blocking websites. It's a hidden file in C:\WINDOWS\SYSTEM32\DRIVERS\ETC, so open Windows Explorer and go to Tools > Folder Options > View tab and click 'Show hidden files and folders' to see it. Open Notepad and drag the file into it.

Remove these lines from your HOSTS file, save and reboot.
*64.182.102.212 runescape.com
64.182.102.212 paypal.com
64.182.102.212 sythe.org
64.182.102.212	www.runescape.com
64.182.102.212	www.paypal.com
64.182.102.212	www.sythe.org*


Also, your C: drive has less than 15% free space. This will slow down games and any other Windows processes. Free some space and run defrag.


----------



## adaz7777 (Jul 14, 2008)

koala said:


> From http://tip.it/runescape/?page=faq.htm#q12


but i cant get on the runescape website to do this


----------



## adaz7777 (Jul 14, 2008)

justpassingby said:


> Please don't send PM's to the staff to ask that we look at your thread. This is a forum not a chat, you have to be patient.
> 
> Also, you won't get proper help if you don't provide all the relevant information here : What's that file you downloaded ? Which program did you use to download it ?
> 
> Are you the administrator of the computer ? If you're at school and the admin has blocked the website we can't help you.



any way i dont no wat i downloaded but it is bein gay coz i need to renew my membership


----------



## Ramezm (Apr 16, 2008)

Uninstall that file -_-


----------



## adaz7777 (Jul 14, 2008)

Ramezm said:


> Uninstall that file -_-


i dont no the file


----------



## justpassingby (Mar 11, 2007)

@ adaz7777 : are you stoicky 993, the original poster ?

Follow Koala's instructions about the hosts file. This is what's preventing you to access runescape's website.

If the hosts file was modified without you knowing you probably got some malware. Follow these 5 steps and post and attach your final logs in a new thread in the HijackThis section, not in this thread.

Else contact or access runescape's website with another computer and ask their help. It's their program so they'll be able to help you if you give them your account informations.


----------



## Ramezm (Apr 16, 2008)

Do a search for it.


----------



## y28979 (Jul 27, 2008)

hey, i see ur problem. i had that onces. that means u must of used a auto-bot in the runescape game. and i think u might have to restart ur whole computer to use runescape. or u might be able to change ur i.p adress and it will work. 

any questions just send me a message at *removed, please keep the discussion on TSF to make the solution available to all*


----------



## gtaps3 (Jul 30, 2008)

or u can update ur sun java run time, and also if ur using mozilla firefox, rs wont load with that sometiems, try IE.


----------

