|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
Iexplore.exe - vie prosessia paljon
|
|
Member
8 tuotearviota
|
21. helmikuuta 2009 @ 10:28 |
Linkki tähän viestiin
|
|
Ja aluksi anteeksi, että avaan uuden viestiketjun vaikka on aika paljon samanlaisia, mutta en löytänyt vastausta.
Ja asiaan kun koneen aukasee iexplore.exe vie ihan hitosti tehtävähallinassa joskus jopa 150 - 300 000 kt:tä. En käytä ie:tä paitsi silloin kun päivitän Microsoft update sivustoa. muutoin en käytä ie:tä.
Sitten kun on mennut 10-12 min tulee ilmoitus Internet explore on havainnut virheen sovellus pitää sulkea jne. ja kone on taas normaali mikä auttaisi, että kone olisi alussa alkean normaali, että toimisi nopeasti, nimittäin, kun iexplore.exe on päällä kone vähän takkuilee.
|
|
Hujo
Suspended permanently
|
21. helmikuuta 2009 @ 16:13 |
Linkki tähän viestiin
|
Lataa Malwarebytes' Anti-Malware työpöydällesi.
1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
21. helmikuuta 2009 @ 22:49 |
Linkki tähän viestiin
|
|
En päässyt kohtaan 5, koska onhjelma päässyt yhden tiedoston ohi:
C:\windows\inf\0409\inetset.iem. ennen tätä pysähtymistä ohjelma oli löytänyt ainoastaan yhden tiedoston. mikäköhän tossa on, että ei voi skannata loppuun. Tein sitä paitsi skannin kahteen kertaa ja kummallakin kerralla jäi samaan kohtaan
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 21. helmikuuta 2009 @ 22:53
|
|
Hujo
Suspended permanently
|
21. helmikuuta 2009 @ 23:10 |
Linkki tähän viestiin
|
Lataa TÄSTÄ HJTInstall.exe
* Tallenna HJTInstall.exe työpöydällesi.
* Tuplaklikkaa HJTInstall.exe-kuvaketta työpöydälläsi.
* Oletuksena se asentaa itsensä hakemistoon C:\Program Files\Trend Micro\HijackThis.
* Klikkaa Install.
* Asennusohjelma luo HijackThis-kuvakkeen työpöydälle.
* Kun asennus on valmis, se käynnistää HijackThisin.
* Klikkaa Do a system scan and save a logfile-painiketta. Ohjelma aloittaa skannauksen ja lokin pitäisi avautua Muistioon.
* Klikkaa ensin "Muokkaa > Valitse kaikki" sitten "Muokkaa > Kopioi" kopioidaksesi koko lokin sisällön.
* Liitä lokin sisältö seuraavaan vastaukseesi.
* ÄLÄ käytä Analyse This-nappulaa, sen löydöt ovat vaarallisia väärinymmärrettyinä.
* ÄLÄ fixaa HijackThis-ohjelmalla vielä mitään. Suurin osa sen löydöistä ovat joko harmittomia tai jopa tarpeellisia.
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
22. helmikuuta 2009 @ 09:59 |
Linkki tähän viestiin
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:57:01, on 22.2.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{96E26A03-A25A-400B-B9B4-564C9BD00F46}\pifCrawl.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [1 mags 16 more] C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags\Fast Cake.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: qoMcbxWP - qoMcbxWP.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Automaattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
--
End of file - 7442 bytes
|
|
Hujo
Suspended permanently
|
22. helmikuuta 2009 @ 11:59 |
Linkki tähän viestiin
|
scannaa hjt:llä merkkaa paina Fix checked
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [1 mags 16 more] C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags\Fast Cake.exe
O20 - Winlogon Notify: qoMcbxWP - qoMcbxWP.dll (file missing)
=============
SUPERAntiSpyware
tuolta
asennus ohje
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
22. helmikuuta 2009 @ 21:02 |
Linkki tähän viestiin
|
Tehty on ja aloitus on nopeampi tuon ohjelman buutin jälkeen, kiitos. Haluatko SUPERAntiSpyware login ja hjt login varmuuden vuoksi, tai haluan tietää jäikö koneeseen jotakin pöpöjä, mutta kiitos!
|
Member
8 tuotearviota
|
22. helmikuuta 2009 @ 22:49 |
Linkki tähän viestiin
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:46:53, on 22.2.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Automaattinen LiveUpdate-ajastustoiminto - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
--
End of file - 6916 bytes
Ja
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 02/22/2009 at 08:50 PM
Application Version : 4.25.1012
Core Rules Database Version : 3769
Trace Rules Database Version: 1729
Scan type : Complete Scan
Total Scan Time : 02:05:56
Memory items scanned : 571
Memory threats detected : 0
Registry items scanned : 6595
Registry threats detected : 1
File items scanned : 67576
File threats detected : 19
Unclassified.Unknown Origin
HKU\S-1-5-21-3282887030-2585726634-2306389267-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6D794CB4-C7CD-4C6F-BFDC-9B77AFBDC02C}
Adware.Tracking Cookie
C:\Documents and Settings\yleinen\Cookies\yleinen@mediainfo.sourceforge[1].txt
C:\Documents and Settings\yleinen\Cookies\yleinen@xiti[1].txt
C:\Documents and Settings\yleinen\Cookies\yleinen@mediaarea[1].txt
eas3.emediate.se [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
eas3.emediate.se [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
eas3.emediate.se [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
track.adform.net [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
track.adform.net [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
track.adform.net [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
.revenue.net [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
.casalemedia.com [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\**\Application Data\Mozilla\Firefox\Profiles\ss7lu6b6.default\cookies.txt ]
Adware.Lop-Gen
C:\DOCUMENTS AND SETTINGS\**\APPLICATION DATA\DEAD2MATH\ZILADPGT.EXE
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 22. helmikuuta 2009 @ 22:51
|
|
Hujo
Suspended permanently
|
23. helmikuuta 2009 @ 00:27 |
Linkki tähän viestiin
|
|
Malwarebytes' Anti-Malware ajas tuo täysi scannaus
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
23. helmikuuta 2009 @ 18:13 |
Linkki tähän viestiin
|
|
Malwarebytes' anti-malware ohjelman skannaus epäonnistui taas ohjelman kaatumiseen. varmaan taas samaan kohtaan kuin ennenkin...
|
|
Hujo
Suspended permanently
|
24. helmikuuta 2009 @ 00:08 |
Linkki tähän viestiin
|
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
24. helmikuuta 2009 @ 19:41 |
Linkki tähän viestiin
|
File C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05533AC4.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2B617982.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2ED915B1.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\3CCD7FB7.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\42F51CF0.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\447D4B41.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\45160098.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4585141E.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\60A538FE.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6C366437.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Timo\Application Data\Dead2Math\ZILADPGT.EXE infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{42D43CB8-6117-4032-865F-E1819431863C}\RP895\A0137822.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{42D43CB8-6117-4032-865F-E1819431863C}\RP899\A0140164.EXE infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{42D43CB8-6117-4032-865F-E1819431863C}\RP904\A0140583.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{42D43CB8-6117-4032-865F-E1819431863C}\RP904\A0140584.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{42D43CB8-6117-4032-865F-E1819431863C}\RP904\A0140585.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{42D43CB8-6117-4032-865F-E1819431863C}\RP904\A0140586.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{42D43CB8-6117-4032-865F-E1819431863C}\RP904\A0140587.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{42D43CB8-6117-4032-865F-E1819431863C}\RP904\A0140588.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{42D43CB8-6117-4032-865F-E1819431863C}\RP904\A0140589.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{42D43CB8-6117-4032-865F-E1819431863C}\RP904\A0140590.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{42D43CB8-6117-4032-865F-E1819431863C}\RP904\A0140591.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{42D43CB8-6117-4032-865F-E1819431863C}\RP904\A0140592.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{42D43CB8-6117-4032-865F-E1819431863C}\RP904\A0140593.EXE infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
Tue Feb 24 21:49:48 2009 => Total Number of Files Scanned: 78540
Tue Feb 24 21:49:48 2009 => Total Number of Virus(es) Found: 24
Tue Feb 24 21:49:48 2009 => Total Number of Disinfected Files: 0
Tue Feb 24 21:49:48 2009 => Total Number of Files Renamed: 0
Tue Feb 24 21:49:48 2009 => Total Number of Deleted Files: 24
Tue Feb 24 21:49:48 2009 => Total Number of Errors: 15
Tue Feb 24 21:49:48 2009 => Time Elapsed: 03:24:37
Tue Feb 24 21:49:48 2009 => Virus Database Date: 2009/02/24
Tue Feb 24 21:49:48 2009 => Virus Database Count: 1838751
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 24. helmikuuta 2009 @ 22:00
|
|
Hujo
Suspended permanently
|
25. helmikuuta 2009 @ 05:39 |
Linkki tähän viestiin
|
|
Tyhjennä nortonin karanteeni
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
25. helmikuuta 2009 @ 17:24 |
Linkki tähän viestiin
|
|
Tyhjennetty.
|
|
Hujo
Suspended permanently
|
25. helmikuuta 2009 @ 18:23 |
Linkki tähän viestiin
|
|
1. Klikkaa käynnistä > Oma tietokone oikean puoleisella hiiren napilla
2. Valitse ominaisuudet
3. Valitse järjestelmän palauttaminen välilehti
4. Ruksi eteen ¤ poista järjestelmän palauttaminen kaikissa asemissa
5. Paina Käytä
6. Paina ok
7. Sammuta ja käynnistä
8. Ota ruksi pois ¤ poista järjestelmän palauttaminen kaikissa asemissa
9. Käytä ja OK
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
25. helmikuuta 2009 @ 18:40 |
Linkki tähän viestiin
|
|
Done.
|
|
Hujo
Suspended permanently
|
25. helmikuuta 2009 @ 19:25 |
Linkki tähän viestiin
|
|
Mikäs on koneen toiminta
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
25. helmikuuta 2009 @ 19:34 |
Linkki tähän viestiin
|
|
Kone toimii hyvin. windows aukenee nopeammin, tarkoitan,e että on nopeammin käyttövalmis. ei ole enää iexplore.exe haittana.
Luulisin, että kone aika lailla puhdas.
Olisko mitään vinkkejä mitä ohjelmia käyttää tulevaisuudessa tai scannata läpi kerran kuussa?
|
|
Hujo
Suspended permanently
|
25. helmikuuta 2009 @ 20:01 |
Linkki tähän viestiin
|
Malwarebytes' Anti-Malware <--- toi ensin päivittää sit täys scannaus
ccleanerillä on hyvä välillä puhdistella
Lataa Tästä Ccleaner
CCleaner v 2.14.750.- Standard Build, ÄLÄ aseenna Yahoo toolbaria!
Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki".
Asennuksen jälkeen aukaise CCleaneri.
Valitse vasemmalta pystyrivistä Options.
Valitse viereisestä pystyrivistä Settings.
Language kohtaan valitse Suomi.
Puhdistaja
Valitse vasemmalta pystyrivistä Puhdistaja.
Paina alhaalta Tutki.
Nyt CCleaneri tutkii, mitä voidaan poistaa (tempit, cookiessit jne.).
Kun tutkiminen on valmis, paina Aja CCleaner.
Nyt CCleaneri poistaa löydetyt tempit, cookiessit jne.
Rekisterin virheiden korjaus
Valitse vasemmalta pystyrivistä Rekisteri.
Paina alhaalta Etsi rekisterin virheitä.
Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet.
Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon.
Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet.
Saat vielä varmistus kysymyksen, paina Ok.
Kun virheet on korjattu, paina Sulje.
Nyt voit sulkea CCleanerin painamalla oikealta ylhäältä punaista rastia.
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
25. helmikuuta 2009 @ 21:41 |
Linkki tähän viestiin
|
|
Kummallista, että tämä makearebytes ohjelma ei voi suorittaa kokonaan scannia, mutta muut scannaukset kone suorittaa muttitta. ja aina vain ssna kohta tehtävähallinata" "ei vastaa". mikäköhän tiedosto iem. on? vähän häiritsee kun tuo Windows kohdekansiossa.
|
|
Hujo
Suspended permanently
|
26. helmikuuta 2009 @ 04:28 |
Linkki tähän viestiin
|
Lähetetääni tiedosto Virustotaliin
virustotal
1 Klikkaa Selaa... nappia
2 Selaa sitten siihen tämä tiedosto: C:\windows\inf\0409\inetset.iem
3 Klikkaa Avaa nappia
4 Klikkaa Send nappia
5 Sivusto scannaa tiedostoa hetken, tallenna sitten tulokset jotka saat vaikka muistioon.
jos ei yllä oleva vörki
sitten tuonne
Jotti
1.Lataa Combofix.exe työpöydällesi yhdestä linkistä:
Combofix1
Combofix2
Älä asenna palautus consolia
2. Tuplaklikkaa Combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
26. helmikuuta 2009 @ 17:29 |
Linkki tähän viestiin
|
ComboFix 09-02-25.02 - yleinen 2009-02-26 17:15:39.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1035.18.479.153 [GMT 2:00]
Sijainti: c:\documents and settings\yleinen\Työpöytä\ComboFix.exe
AV: Norton Internet Security *On-access scanning enabled* (Updated)
FW: Norton Internet Security *enabled*
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\yleinen\Application Data\Adobe\crc.dat
c:\documents and settings\yleinen\Application Data\inst.exe
c:\windows\system32\fgMmVyxx.ini
c:\windows\system32\fgMmVyxx.ini2
c:\windows\system32\NTvCeMoq.ini
c:\windows\system32\NTvCeMoq.ini2
c:\windows\system32\tmp.reg
E:\Autorun.inf
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-26 to 2009-02-26 )))))))))))))))))
.
2009-02-26 17:08 . 2009-02-26 17:09 <KANSIO> d-------- C:\32788R22FWJFW
2009-02-25 20:30 . 2009-02-25 20:30 <KANSIO> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-25 20:30 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-25 20:30 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-24 21:49 . 2009-02-24 21:49 0 --a------ C:\23990098.$$$
2009-02-24 17:24 . 2009-02-24 18:19 <KANSIO> d-------- C:\Downloads
2009-02-24 17:24 . 2009-02-24 18:13 <KANSIO> d-------- C:\Bases
2009-02-24 17:18 . 2009-02-24 18:22 <KANSIO> d-------- C:\Kaspersky
2009-02-23 22:49 . 2009-02-23 22:49 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-21 20:53 . 2009-02-21 20:53 <KANSIO> d-------- c:\documents and settings\yleinen\Application Data\Malwarebytes
2009-02-21 20:53 . 2009-02-21 20:53 <KANSIO> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-13 20:54 . 2009-02-13 20:54 <KANSIO> d-------- c:\documents and settings\yleinen\Application Data\KompoZer
2009-02-02 10:05 . 2009-02-19 17:20 <KANSIO> d-------- c:\documents and settings\yleinen\Application Data\IObit
2009-01-30 22:22 . 2009-01-30 22:29 <KANSIO> d-------- c:\windows\system32\NtmsData
2009-01-26 18:15 . 2009-01-26 18:19 <KANSIO> d-------- c:\program files\Winamp
2009-01-26 18:15 . 2009-01-26 18:25 <KANSIO> d-------- c:\documents and settings\yleinen\Application Data\Winamp
2009-01-26 13:54 . 2009-01-26 13:54 <KANSIO> d-------- c:\documents and settings\Mikko\Application Data\Symantec
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-26 15:20 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-25 19:45 --------- d-----w c:\program files\SUPERAntiSpyware
2009-02-25 17:49 --------- d-----w c:\documents and settings\yleinen\Application Data\uTorrent
2009-02-24 16:47 --------- d-----w c:\documents and settings\Timo\Application Data\Dead2Math
2009-02-23 20:49 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-02-23 20:48 --------- d-----w c:\program files\Java
2009-02-22 16:36 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-22 16:36 --------- d-----w c:\documents and settings\yleinen\Application Data\SUPERAntiSpyware.com
2009-02-21 17:05 --------- d-----w c:\documents and settings\yleinen\Application Data\dvdcss
2009-02-20 20:59 --------- d-----w c:\program files\WinAce
2009-02-19 15:23 --------- d-----w c:\program files\The FilmMachine
2009-02-19 15:23 --------- d-----w c:\program files\Oibaf Tech
2009-02-19 15:23 --------- d-----w c:\program files\MP3Gain
2009-02-19 15:23 --------- d-----w c:\documents and settings\yleinen\Application Data\Vso
2009-02-19 15:23 --------- d-----w c:\documents and settings\yleinen\Application Data\DVD Flick
2009-02-19 15:23 --------- d-----w c:\documents and settings\yleinen\Application Data\DeepBurner
2009-02-19 15:23 --------- d-----w c:\documents and settings\Timo\Application Data\Vso
2009-02-14 16:04 3,532 ----a-w C:\drmHeader.bin
2009-02-14 08:57 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-02-12 15:51 --------- d-----w c:\program files\SpywareBlaster
2009-02-12 12:52 --------- d-----w c:\program files\DC++
2009-02-11 18:22 --------- d-----w c:\program files\Messenger Plus! Live
2009-02-05 19:46 --------- d-----w c:\program files\BitrateView
2009-02-02 08:05 --------- d-----w c:\program files\IObit
2009-01-31 18:28 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink
2009-01-24 10:01 --------- d-----w c:\program files\Common Files\Adobe
2009-01-23 14:44 --------- d-----w c:\program files\MediaInfo
2009-01-19 20:26 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-19 20:26 --------- d-----w c:\program files\Pixia
2009-01-19 14:54 --------- d-----w c:\program files\Photo_Resizer
2009-01-16 19:16 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll
2009-01-11 19:43 --------- d-----w c:\program files\AllWebMenus
2009-01-10 19:43 --------- d-----w c:\program files\Evrsoft First Page 2006
2009-01-10 13:34 --------- d-----w c:\documents and settings\yleinen\Application Data\vlc
2009-01-10 13:25 --------- d-----w c:\program files\Opera
2009-01-10 09:41 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2009-01-10 09:41 60,808 ----a-w c:\windows\system32\S32EVNT1.DLL
2009-01-10 09:41 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-10 09:41 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-10 09:41 --------- d-----w c:\program files\Symantec
2009-01-05 22:33 3,751,995 ----a-w c:\windows\system32\GPhotos.scr
2009-01-01 10:35 --------- d-----w c:\documents and settings\yleinen\Application Data\BitTorrent
2009-01-01 09:49 --------- d-----w c:\program files\CCleaner
2008-12-27 16:37 --------- d-----w c:\program files\K-Lite Codec Pack
2008-12-27 16:37 --------- d-----w c:\program files\AviSynth 2.5
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-20 22:47 826,368 ------w c:\windows\system32\dllcache\wininet.dll
2008-12-20 22:47 671,232 ------w c:\windows\system32\dllcache\mstime.dll
2008-12-20 22:47 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll
2008-12-20 22:47 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll
2008-12-20 22:47 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
2008-12-20 22:47 193,024 ------w c:\windows\system32\dllcache\msrating.dll
2008-12-20 22:47 105,984 ------w c:\windows\system32\dllcache\url.dll
2008-12-20 22:47 102,912 ------w c:\windows\system32\dllcache\occache.dll
2008-12-20 22:47 1,160,192 ------w c:\windows\system32\dllcache\urlmon.dll
2008-12-19 09:11 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024 ------w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
2008-12-11 10:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2008-12-06 11:52 5,068,152 ----a-w c:\windows\system32\SpoonUninstall.exe
2008-03-28 14:27 47,360 ----a-w c:\documents and settings\yleinen\Application Data\pcouffin.sys
2007-01-21 16:23 87,608 ----a-w c:\documents and settings\yleinen\Application Data\ezpinst.exe
2008-06-30 10:44 324,976 ----a-w c:\program files\mozilla firefox\components\coFFPlgn.dll
2008-09-25 12:12 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\MSHist012008092520080926\index.dat
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-02-25 1830128]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2008-02-07 718704]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-23 148888]
"SoundMan"="SOUNDMAN.EXE" [2006-03-02 c:\windows\SOUNDMAN.EXE]
"VTTimer"="VTTimer.exe" [2005-03-07 c:\windows\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2006-04-11 c:\windows\system32\VTTrayp.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"msacm.avis"= ff_acm.acm
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-10-15 01:04 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 11:34 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 09:50 413696 c:\program files\QuickTime Alternative\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2009-02-23 22:49 148888 c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"14783:TCP"= 14783:TCP:BitComet 14783 TCP
"14783:UDP"= 14783:UDP:BitComet 14783 UDP
"14029:TCP"= 14029:TCP:BitComet 14029 TCP
"14029:UDP"= 14029:UDP:BitComet 14029 UDP
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-01-15 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-01-15 55024]
R2 Automaattinen LiveUpdate-ajastustoiminto;Automaattinen LiveUpdate-ajastustoiminto;c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-02-09 238968]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [2008-01-25 149352]
R2 OSCI_DRVNT;OSCI_DRVNT;c:\windows\system32\drivers\OSCI_DRVNT.sys [2007-12-24 6784]
R3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-01-12 23888]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-02-25 99376]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408]
S3 EraserUtilDrv10730;EraserUtilDrv10730;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10730.sys --> c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10730.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-02-25 38496]
--- Muut muistissa olevat ajurit/palvelut ---
*NewlyCreated* - COMHOST
*NewlyCreated* - ERASERUTILDRV10910
*NewlyCreated* - SASDIFSV
*Deregistered* - EraserUtilDrv10910
.
'Ajoitetut tehtävät'-kansion sisältö
2009-02-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57]
2009-02-22 c:\windows\Tasks\Norton Internet Security - Suorita täysi järjestelmäntarkistus - yleinen.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2008-02-07 08:05]
.
- - - - POISTETUT JÄMÄRIVIT - - - -
MSConfigStartUp-BitTorrent DNA - c:\program files\DNA\btdna.exe
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://www.google.fi/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Vie Microsoft E&xceliin - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\yleinen\Application Data\Mozilla\Firefox\Profiles\1oqld2ui.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.fmi.fi/saa/paikalli.html?kunta=Mikkeli
FF - component: c:\program files\Mozilla Firefox\components\coFFPlgn.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin2.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin3.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin4.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin5.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-26 17:19:51
Windows 5.1.2600 Service Pack 3 NTFS
tarkistaa piilotettuja prosesseja ...
tarkistaa piilotettuja käynnistysarvoja ...
tarkistaa piilotettuja tiedostoja ...
tarkistus on valmis
piilotetut tiedostot: 0
**************************************************************************
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
[HKEY_USERS\S-1-5-21-3282887030-2585726634-2306389267-1006\Software\Microsoft\PerfVis\Settings\Default]
@DACL=(02 0000)
@SACL=
[HKEY_USERS\S-1-5-21-3282887030-2585726634-2306389267-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{065A8378-049E-4C1A-582E-2CE5667AA1BD}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"dbknpgljghdgjighnpbcpongjffcfoiajfcfgoej"=hex:6a,61,64,6a,6d,6d,64,61,70,6f,
64,62,6e,6b,66,61,62,61,63,65,00,dd
"cbaobjpcabmkblkgmeofdonghakhcehkjchjeh"=hex:6a,61,64,6a,6d,6d,64,61,70,6f,64,
62,6e,6b,66,61,62,61,63,65,00,dd
"abgopmobgedglhoddcdoiloanmmloiheab"=hex:61,61,00,f7
"mafokmlpbppkbjlacpbecjognj"=hex:61,61,00,f7
[HKEY_USERS\S-1-5-21-3282887030-2585726634-2306389267-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{61266279-B172-06E4-0D83-34B014116B48}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"cblnfenoefcabcicgbbadapgglbknfjicpggnh"=hex:6a,61,6b,6b,65,61,69,65,6e,63,6b,
6f,68,64,66,6e,6a,61,70,69,00,eb
"bbfelbchniebicnmgibgdmdneogbiaoipmdn"=hex:6a,61,6b,6b,65,61,69,65,6e,63,6b,6f,
68,64,66,6e,6a,61,70,69,00,eb
[HKEY_USERS\S-1-5-21-3282887030-2585726634-2306389267-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{96A5B540-33B7-32BB-1477-F04772BF94B6}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"dbojeidfgajeipcdifiegahpkamolcafolecpfgh"=hex:6a,61,6c,6c,61,65,6e,6d,61,6f,
70,6f,64,6f,6f,6e,68,64,61,6c,00,dd
"cbikgnbocaaagmnpdnfngdpbngafdogiokimfe"=hex:6a,61,6c,6c,61,65,6e,6d,61,6f,70,
6f,64,6f,6f,6e,68,64,61,6c,00,dd
"abkjenhfbjongaopnlbjilngpjjgcibhhd"=hex:61,61,00,00
"majjjmpaapmfadhceangeoialn"=hex:61,61,00,00
[HKEY_USERS\S-1-5-21-3282887030-2585726634-2306389267-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AFFB3BFC-3F6A-C413-1D00-046810CED6C9}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"dbcnmebjbdoofmacfpigmaefbepggefaebblmckn"=hex:6a,61,6c,65,6a,6c,6f,66,63,65,
6d,67,64,6b,62,68,6c,64,67,64,00,16
"cbmmckhiogmpkmjpnmmfcmiokoldahfdljgbgp"=hex:6a,61,6c,65,6a,6c,6f,66,63,65,6d,
67,64,6b,62,68,6c,64,67,64,00,16
[HKEY_LOCAL_MACHINE\software\Classes\Applications\dsidebar.exe\shell]
@DACL=(02 0000)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2440-A1A3-11d1-B024-006097C9A284}\LocalServer32]
@DACL=(02 0000)
@="c:\\Program Files\\Microsoft Office\\Office\\1035\\MSOHELP.EXE"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2440-A1A3-11d1-B024-006097C9A284}\ProgID]
@DACL=(02 0000)
@="MsoHelpKeyDlg.1"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2440-A1A3-11d1-B024-006097C9A284}\VersionIndependentProgID]
@DACL=(02 0000)
@="MsoHelpKeyDlg"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2441-A1A3-11d1-B024-006097C9A284}\LocalServer32]
@DACL=(02 0000)
@="c:\\Program Files\\Microsoft Office\\Office\\1035\\MSOHELP.EXE"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2441-A1A3-11d1-B024-006097C9A284}\ProgID]
@DACL=(02 0000)
@="MsoHelpAWDlg.1"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2441-A1A3-11d1-B024-006097C9A284}\VersionIndependentProgID]
@DACL=(02 0000)
@="MsoHelpAWDlg"
[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\10.0]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Automenu]
@DACL=(02 0000)
@SACL=
"classid"="clsid:6B28F900-8D64-4B80-9963-CC52DDD1FBB4"
"visible"="false"
"tabstop"="false"
"width"="1"
"height"="1"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\BalanceSlider]
@DACL=(02 0000)
@SACL=
"classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A"
"toolTip"="res://wmploc.dll/RT_STRING/#1845"
"min"="-100"
"max"="100"
"value"="wmpprop:player.settings.balance"
"value_onchange"="player.settings.balance=value;"
"accName"="res://wmploc.dll/RT_STRING/#2112"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2108"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\browser]
@DACL=(02 0000)
@SACL=
"classid"="clsid:8856F961-340A-11D0-A96B-00C04FD705A2"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Button]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2114"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ButtonGroup]
@DACL=(02 0000)
@SACL=
"classid"="clsid:AE3B6831-25A9-11d3-BD41-00C04F6EA5AE"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\CloseButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"upToolTip"="res://wmploc.dll/RT_STRING/#1812"
"onclick"="view.close();"
"accName"="res://wmploc.dll/RT_STRING/#2134"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2135"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\CurrentPositionText]
@DACL=(02 0000)
@SACL=
"classid"="clsid:DDDA102E-0E17-11D3-A2E2-00C04F79F88E"
"tabStop"="true"
"justification"="right"
"value"="wmpprop:player.controls.currentPositionString"
"accName"="res://wmploc.dll/RT_STRING/#2103"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\CustomSlider]
@DACL=(02 0000)
@SACL=
"classid"="clsid:95F45AA3-ED0A-11D2-BA67-0000F80855E6"
"cursor"="hand"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\DropDownPlaylist]
@DACL=(02 0000)
@SACL=
"classid"="clsid:5F9CFD93-8CAD-11d3-9A7E-00C04F8EFB70"
"playlistItemsVisible"="false"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\DurationText]
@DACL=(02 0000)
@SACL=
"classid"="clsid:DDDA102E-0E17-11D3-A2E2-00C04F79F88E"
"tabStop"="true"
"justification"="right"
"value"="wmpprop:player.currentMedia.DurationString"
"accName"="res://wmploc.dll/RT_STRING/#2104"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\EditBox]
@DACL=(02 0000)
@SACL=
"classid"="clsid:6342FCED-25EA-4033-BDDB-D049A14382D3"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Alchemy]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Ambience]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Bars]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Dotplane]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Plenoptic]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Spikes]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\EqualizerSettings]
@DACL=(02 0000)
@SACL=
"classid"="clsid:93EB32F5-87B1-45ad-ACC6-0F2483DB83BB"
"tabStop"="false"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\FFWDButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"enabled"="wmpenabled:player.controls.fastforward"
"upToolTip"="res://wmploc.dll/RT_STRING/#1804"
"onclick"="player.controls.FastForward()"
"accName"="res://wmploc.dll/RT_STRING/#2120"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2121"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ImageButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"cursor"="hand"
"accName"="res://wmploc.dll/RT_STRING/#2140"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ItemsPlaylist]
@DACL=(02 0000)
@SACL=
"classid"="clsid:5F9CFD93-8CAD-11d3-9A7E-00C04F8EFB70"
"backgroundcolor"="black"
"foregroundcolor"="white"
"columnsVisible"="false"
"columns"="name=Name;Duration=Time"
"dropDownVisible"="false"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\LibraryTree]
@DACL=(02 0000)
@SACL=
"classid"="clsid:D9DE732A-AEE9-4503-9D11-5605589977A8"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ListBox]
@DACL=(02 0000)
@SACL=
"classid"="clsid:FC1880CF-83B9-43A7-A066-C44CE8C82583"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\menu]
@DACL=(02 0000)
@SACL=
"classid"="clsid:BAB3768B-8883-4AEC-9F9B-E14C947913EF"
"visible"="false"
"tabstop"="false"
"width"="1"
"height"="1"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\MinimizeButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"upToolTip"="res://wmploc.dll/RT_STRING/#1811"
"onclick"="view.minimize();"
"accName"="res://wmploc.dll/RT_STRING/#2132"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2133"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\MuteButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"upToolTip"="res://wmploc.dll/RT_STRING/#1807"
"downToolTip"="res://wmploc.dll/RT_STRING/#1808"
"sticky"="true"
"down"="wmpprop:player.settings.mute"
"onClick"="player.settings.mute=down;"
"accName"="res://wmploc.dll/RT_STRING/#2130"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2131"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\NextButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"enabled"="wmpenabled:player.controls.next"
"upToolTip"="res://wmploc.dll/RT_STRING/#1806"
"onclick"="player.controls.Next()"
"accName"="res://wmploc.dll/RT_STRING/#2124"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2125"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\PauseButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"enabled"="wmpenabled:player.controls.pause"
"upToolTip"="res://wmploc.dll/RT_STRING/#1801"
"onclick"="player.controls.pause()"
"accName"="res://wmploc.dll/RT_STRING/#2116"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2117"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\PlayButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"enabled"="wmpenabled:player.controls.play"
"upToolTip"="res://wmploc.dll/RT_STRING/#1800"
"onclick"="player.controls.play()"
"accName"="res://wmploc.dll/RT_STRING/#2115"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2117"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Playlist]
@DACL=(02 0000)
@SACL=
"classid"="clsid:5F9CFD93-8CAD-11d3-9A7E-00C04F8EFB70"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\plugin]
@DACL=(02 0000)
@SACL=
"classid"="clsid:AA1AC37B-49A8-4B41-AF69-B0176C5FFC33"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\PopUp]
@DACL=(02 0000)
@SACL=
"classid"="clsid:FC1880CF-83B9-43A7-A066-C44CE8C82583"
"popup"="true"
"visible"="false"
"backgroundColor"="menu"
"foregroundColor"="menutext"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\PrevButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"enabled"="wmpenabled:player.controls.previous"
"upToolTip"="res://wmploc.dll/RT_STRING/#1805"
"onclick"="player.controls.Previous()"
"accName"="res://wmploc.dll/RT_STRING/#2126"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2127"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ProgressBar]
@DACL=(02 0000)
@SACL=
"classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\RepeatButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"upToolTip"="res://wmploc.dll/RT_STRING/#1816"
"downToolTip"="res://wmploc.dll/RT_STRING/#1817"
"sticky"="true"
"down"="jscript:player.settings.GetMode(\"loop\");"
"onClick"="player.settings.setMode(\"loop\", down);"
"accName"="res://wmploc.dll/RT_STRING/#2138"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2139"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ReturnButton]
@DACL=(02 0000)
@SACL=
"upToolTip"="res://wmploc.dll/RT_STRING/#1813"
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"onclick"="view.returnToMediaCenter();"
"accName"="res://wmploc.dll/RT_STRING/#2128"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2129"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\REWButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"enabled"="wmpenabled:player.controls.fastreverse"
"upToolTip"="res://wmploc.dll/RT_STRING/#1803"
"onclick"="player.controls.FastReverse()"
"accName"="res://wmploc.dll/RT_STRING/#2122"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2123"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\SeekSlider]
@DACL=(02 0000)
@SACL=
"classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A"
"toolTip"="res://wmploc.dll/RT_STRING/#1809"
"min"="0"
"max"="wmpprop:player.currentmedia.duration"
"value"="wmpprop:player.controls.currentposition"
"ondragend"="player.controls.currentposition=value;"
"foregroundProgress"="wmpprop:player.network.downloadProgress"
"useForegroundProgress"="true"
"accName"="res://wmploc.dll/RT_STRING/#2109"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2108"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ShuffleButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"upToolTip"="res://wmploc.dll/RT_STRING/#1814"
"downToolTip"="res://wmploc.dll/RT_STRING/#1815"
"sticky"="true"
"down"="jscript:player.settings.GetMode(\"shuffle\");"
"onClick"="player.settings.setMode(\"shuffle\", down);"
"accName"="res://wmploc.dll/RT_STRING/#2136"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2137"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Slider]
@DACL=(02 0000)
@SACL=
"classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2108"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\StatusText]
@DACL=(02 0000)
@SACL=
"classid"="clsid:DDDA102E-0E17-11D3-A2E2-00C04F79F88E"
"tabStop"="true"
"value"="wmpprop:player.status"
"accName"="res://wmploc.dll/RT_STRING/#2102"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\StopButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"enabled"="wmpenabled:player.controls.stop"
"upToolTip"="res://wmploc.dll/RT_STRING/#1802"
"onclick"="player.controls.stop()"
"accName"="res://wmploc.dll/RT_STRING/#2118"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2119"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\taskcenter]
@DACL=(02 0000)
@SACL=
"classid"="clsid:395BF287-6477-495f-8427-2C09A23C3248"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Text]
@DACL=(02 0000)
@SACL=
"classid"="clsid:DDDA102E-0E17-11D3-A2E2-00C04F79F88E"
"tabStop"="false"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\TrackNameText]
@DACL=(02 0000)
@SACL=
"classid"="clsid:DDDA102E-0E17-11D3-A2E2-00C04F79F88E"
"tabStop"="true"
"value"="wmpprop:player.currentmedia.name"
"accName"="res://wmploc.dll/RT_STRING/#2105"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Video]
@DACL=(02 0000)
@SACL=
"classid"="clsid:61CECF11-FC3A-11D2-A1CD-005004602752"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\VideoSettings]
@DACL=(02 0000)
@SACL=
"classid"="clsid:AE7BFAFE-DCC8-4a73-92C8-CC300CA88859"
"tabStop"="false"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\VolumeSlider]
@DACL=(02 0000)
@SACL=
"classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A"
"min"="0"
"max"="100"
"value"="wmpprop:player.settings.volume"
"value_onchange"="if (value!=player.settings.volume){player.settings.volume=value;player.settings.mute=false;}"
"toolTip"="res://wmploc.dll/RT_STRING/#1810"
"accName"="res://wmploc.dll/RT_STRING/#2110"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2111"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\WMPEffects]
@DACL=(02 0000)
@SACL=
"classid"="clsid:47DEA830-D619-4154-B8D8-6B74845D6A2D"
"tabStop"="false"
"width"="250"
"height"="200"
"horizontalAlignment"="stretch"
"verticalAlignment"="stretch"
"currentEffectType"="wmpprop:mediacenter.effectType"
"currentPreset"="wmpprop:mediacenter.effectPreset"
"currentEffectType_onchange"="mediacenter.effectType = currentEffectType;"
"currentPreset_onchange"="mediacenter.effectPreset = currentPreset;"
"onclick"="next();"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\WMPVideo]
@DACL=(02 0000)
@SACL=
"classid"="clsid:61CECF11-FC3A-11D2-A1CD-005004602752"
"horizontalAlignment"="stretch"
"verticalAlignment"="stretch"
"zoom"="wmpprop:mediacenter.videoZoom"
"stretchToFit"="wmpprop:mediacenter.videoStretchToFit"
"backgroundColor"="black"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\services]
@DACL=(02 0000)
@SACL=
"NoServices"=dword:00000000
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Settings]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1491"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1495"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Nero Fast CD-Burning -lisäosa"
"Description"="Polta CD:si"
"Capabilities"=dword:40000001
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{4769DAFC-DCBA-4B73-AC3D-76DC477583CB}]
@DACL=(02 0000)
"FriendlyName"="res://Windows Media Player Info Server.dll/RT_STRING/#102"
"Description"="res://Windows Media Player Info Server.dll/RT_STRING/#103"
"Capabilities"=dword:c0000001
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1496"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1497"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000003
"FriendlyName"="Viz Plug-in"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1494"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}]
@DACL=(02 0000)
@SACL=
"Description"="Captions plugin description"
"Capabilities"=dword:000000f0
"FriendlyName"="Captions plugin name"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000003
"FriendlyName"="res://wmploc.dll/RT_STRING/#209"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}]
@DACL=(02 0000)
@SACL=
"Description"="Media Information description"
"Capabilities"=dword:00000005
"FriendlyName"="res://wmploc.dll/RT_STRING/#1407"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1490"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}]
@DACL=(02 0000)
@SACL=
"Description"="Banner plugin description"
"Capabilities"=dword:000000f0
"FriendlyName"="Banner plugin name"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1493"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1492"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000003
"FriendlyName"="Video Plug-in"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="WM View plugin name"
"Description"="WM View plugin description"
"Capabilities"=dword:000000f0
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000003
"FriendlyName"="Border Plug-in"
[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="res://wmploc.dll/RT_STRING/#5822"
"Description"="res://wmploc.dll/RT_STRING/#5823"
"Capabilities"=dword:00000003
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\???|’’’’"??|ł?Ów�*]
"b049C053C7D38EE4AB9A00CB3B5D2472"="C?\\Program Files\\Common Files\\Microsoft Shared\\Web Folders\\PUBPLACE.HTT"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\???|’’’’"??|ž»Ów�*]
"b049C053C7D38EE4AB9A00CB3B5D2472"="C?\\Program Files\\Common Files\\Microsoft Shared\\Web Folders\\PUBPLACE.HTT"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{077ACEC7-979C-40AB-9835-435BA1511E0D}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{077ACEC7-979C-40AB-9835-435BA1511E0D}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{077ACEC7-979C-40AB-9835-435BA1511E0D}\\MPPRE10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{077ACEC7-979C-40AB-9835-435BA1511E0D}\\mppre10.cat"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{30C7234B-6482-4A55-A11D-ECD9030313F2}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{30C7234B-6482-4A55-A11D-ECD9030313F2}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\WMDM10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\wmdm10.cat"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{3FDF25EE-E592-4495-8391-6E9C504DAC2B}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\\WMSET10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\\wmset10.cat"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60204BB3-7078-4F70-8F69-68297621941C}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{60204BB3-7078-4F70-8F69-68297621941C}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{60204BB3-7078-4F70-8F69-68297621941C}\\MPSTUB10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{60204BB3-7078-4F70-8F69-68297621941C}\\mpstub10.cat"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{981FB688-E76B-4246-987B-92083185B90A}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{981FB688-E76B-4246-987B-92083185B90A}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\WPD10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wpd10.cat"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{A47B3654-48EE-48A5-B629-97D70175E58F}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{A47B3654-48EE-48A5-B629-97D70175E58F}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\codecs10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\codecs10.cat"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\WMFSDK10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\wmfsdk10.cat"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\DRM10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\drm10.cat"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}\\MPCD10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}\\mpcd10.cat"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{DD90D410-1823-43EB-9A16-A2331BF08799}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{DD90D410-1823-43EB-9A16-A2331BF08799}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{DD90D410-1823-43EB-9A16-A2331BF08799}\\WMP10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{DD90D410-1823-43EB-9A16-A2331BF08799}\\wmp10.cat"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\Codebases]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\Files]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\References]
@DACL=(02 0000)
@SACL=
"U_KB884883"=""
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_edf6fef0\Codebases]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_edf6fef0\Files]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_edf6fef0\References]
@DACL=(02 0000)
@SACL=
"U_KB884883"=""
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDeviceClasses]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDevices]
@DACL=(02 0000)
@SACL=
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SCP\SCPTRANS]
@DACL=(02 0000)
@SACL=
"ProgID"="MsScp.SCPTRANS.1"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SP\NeroBurnPlugin]
@DACL=(02 0000)
@SACL=
"ProgID"="MDNeroBurnPlugin.MDNeroBurnPlugin"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SP\WMDMCESP]
@DACL=(02 0000)
@SACL=
"ProgID"="WMDMCESP.WMDMCESP"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SP\WPDSp]
@DACL=(02 0000)
@SACL=
"PnPAware"=dword:00000001
"ProgID"="WPDSp.WPDServiceProvider"
.
--------------------- Prosesseihin ladatut DLLt ---------------------
- - - - - - - > 'winlogon.exe'(912)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Valmistumisajankohta: 2009-02-26 17:22:59
ComboFix-quarantined-files.txt 2009-02-26 15:22:48
Ennen ajoa: 63 200 706 560 tavua vapaana
Ajon jälkeen: 63,301,185,536 tavua vapaana
WindowsXP-KB310994-SP2-Home-BootDisk-FIN.EXE
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
882 --- E O F --- 2009-02-25 22:22:48
|
|
Hujo
Suspended permanently
|
27. helmikuuta 2009 @ 03:44 |
Linkki tähän viestiin
|
|
Poista kansiot
C:\Bases
C:\Kaspersky
=============
Kirjoita suorita luukkuun
ComboFix /u
Klikkaa OK
Voiko tietsikka koskaan toimia?
|
Member
8 tuotearviota
|
27. helmikuuta 2009 @ 18:12 |
Linkki tähän viestiin
|
|
Combofix valittaa, että norton pitäisi ottaa pois päältä, koska se voi aiheuttaa laitevian ja toiminto on omalla vastuulla, mutta en saa Nortonia pois päältä. Onko Nortonista mitään haittaa jos ajaa ton Combofixin.
|
|
Mainos
|
|
|
Senior Member
9 tuotearviota
|
27. helmikuuta 2009 @ 20:15 |
Linkki tähän viestiin
|
|
Combofix ei ole lelu, eikä sitä tule ajaa säännöllisesti. Vain silloin kun joku ammattiauttaja/fixari niin sanoo.
Poista se vain koneelta kuten hujo neuvoi.
Nykyinen luuri: Samsung Galaxy S III
Nykyinen kone: Asus K54SV + DNA 4G WLAN Mokkula, joka toimii jos toimii.
|
|
