Iexplore.exe - vie prosessia paljon

Lähetetääni tiedosto Virustotaliin
virustotal

1 Klikkaa Selaa... nappia
2 Selaa sitten siihen tämä tiedosto: C:\windows\inf\0409\inetset.iem
3 Klikkaa Avaa nappia
4 Klikkaa Send nappia
5 Sivusto scannaa tiedostoa hetken, tallenna sitten tulokset jotka saat vaikka muistioon.

jos ei yllä oleva vörki
sitten tuonne

Jotti



1.Lataa Combofix.exe työpöydällesi yhdestä linkistä:
Combofix1
Combofix2

Älä asenna palautus consolia
2. Tuplaklikkaa Combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

 

ComboFix 09-02-25.02 - yleinen 2009-02-26 17:15:39.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1035.18.479.153 [GMT 2:00]
Sijainti: c:\documents and settings\yleinen\Työpöytä\ComboFix.exe
AV: Norton Internet Security *On-access scanning enabled* (Updated)
FW: Norton Internet Security *enabled*
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\yleinen\Application Data\Adobe\crc.dat
c:\documents and settings\yleinen\Application Data\inst.exe
c:\windows\system32\fgMmVyxx.ini
c:\windows\system32\fgMmVyxx.ini2
c:\windows\system32\NTvCeMoq.ini
c:\windows\system32\NTvCeMoq.ini2
c:\windows\system32\tmp.reg
E:\Autorun.inf

.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-26 to 2009-02-26 )))))))))))))))))
.

2009-02-26 17:08 . 2009-02-26 17:09 <KANSIO> d-------- C:\32788R22FWJFW
2009-02-25 20:30 . 2009-02-25 20:30 <KANSIO> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-25 20:30 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-25 20:30 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-24 21:49 . 2009-02-24 21:49 0 --a------ C:\23990098.$$$
2009-02-24 17:24 . 2009-02-24 18:19 <KANSIO> d-------- C:\Downloads
2009-02-24 17:24 . 2009-02-24 18:13 <KANSIO> d-------- C:\Bases
2009-02-24 17:18 . 2009-02-24 18:22 <KANSIO> d-------- C:\Kaspersky
2009-02-23 22:49 . 2009-02-23 22:49 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-21 20:53 . 2009-02-21 20:53 <KANSIO> d-------- c:\documents and settings\yleinen\Application Data\Malwarebytes
2009-02-21 20:53 . 2009-02-21 20:53 <KANSIO> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-13 20:54 . 2009-02-13 20:54 <KANSIO> d-------- c:\documents and settings\yleinen\Application Data\KompoZer
2009-02-02 10:05 . 2009-02-19 17:20 <KANSIO> d-------- c:\documents and settings\yleinen\Application Data\IObit
2009-01-30 22:22 . 2009-01-30 22:29 <KANSIO> d-------- c:\windows\system32\NtmsData
2009-01-26 18:15 . 2009-01-26 18:19 <KANSIO> d-------- c:\program files\Winamp
2009-01-26 18:15 . 2009-01-26 18:25 <KANSIO> d-------- c:\documents and settings\yleinen\Application Data\Winamp
2009-01-26 13:54 . 2009-01-26 13:54 <KANSIO> d-------- c:\documents and settings\Mikko\Application Data\Symantec

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-26 15:20 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-25 19:45 --------- d-----w c:\program files\SUPERAntiSpyware
2009-02-25 17:49 --------- d-----w c:\documents and settings\yleinen\Application Data\uTorrent
2009-02-24 16:47 --------- d-----w c:\documents and settings\Timo\Application Data\Dead2Math
2009-02-23 20:49 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-02-23 20:48 --------- d-----w c:\program files\Java
2009-02-22 16:36 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-22 16:36 --------- d-----w c:\documents and settings\yleinen\Application Data\SUPERAntiSpyware.com
2009-02-21 17:05 --------- d-----w c:\documents and settings\yleinen\Application Data\dvdcss
2009-02-20 20:59 --------- d-----w c:\program files\WinAce
2009-02-19 15:23 --------- d-----w c:\program files\The FilmMachine
2009-02-19 15:23 --------- d-----w c:\program files\Oibaf Tech
2009-02-19 15:23 --------- d-----w c:\program files\MP3Gain
2009-02-19 15:23 --------- d-----w c:\documents and settings\yleinen\Application Data\Vso
2009-02-19 15:23 --------- d-----w c:\documents and settings\yleinen\Application Data\DVD Flick
2009-02-19 15:23 --------- d-----w c:\documents and settings\yleinen\Application Data\DeepBurner
2009-02-19 15:23 --------- d-----w c:\documents and settings\Timo\Application Data\Vso
2009-02-14 16:04 3,532 ----a-w C:\drmHeader.bin
2009-02-14 08:57 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-02-12 15:51 --------- d-----w c:\program files\SpywareBlaster
2009-02-12 12:52 --------- d-----w c:\program files\DC++
2009-02-11 18:22 --------- d-----w c:\program files\Messenger Plus! Live
2009-02-05 19:46 --------- d-----w c:\program files\BitrateView
2009-02-02 08:05 --------- d-----w c:\program files\IObit
2009-01-31 18:28 --------- d-----w c:\documents and settings\All Users\Application Data\DVD Shrink
2009-01-24 10:01 --------- d-----w c:\program files\Common Files\Adobe
2009-01-23 14:44 --------- d-----w c:\program files\MediaInfo
2009-01-19 20:26 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-19 20:26 --------- d-----w c:\program files\Pixia
2009-01-19 14:54 --------- d-----w c:\program files\Photo_Resizer
2009-01-16 19:16 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll
2009-01-11 19:43 --------- d-----w c:\program files\AllWebMenus
2009-01-10 19:43 --------- d-----w c:\program files\Evrsoft First Page 2006
2009-01-10 13:34 --------- d-----w c:\documents and settings\yleinen\Application Data\vlc
2009-01-10 13:25 --------- d-----w c:\program files\Opera
2009-01-10 09:41 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2009-01-10 09:41 60,808 ----a-w c:\windows\system32\S32EVNT1.DLL
2009-01-10 09:41 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-10 09:41 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-10 09:41 --------- d-----w c:\program files\Symantec
2009-01-05 22:33 3,751,995 ----a-w c:\windows\system32\GPhotos.scr
2009-01-01 10:35 --------- d-----w c:\documents and settings\yleinen\Application Data\BitTorrent
2009-01-01 09:49 --------- d-----w c:\program files\CCleaner
2008-12-27 16:37 --------- d-----w c:\program files\K-Lite Codec Pack
2008-12-27 16:37 --------- d-----w c:\program files\AviSynth 2.5
2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-20 22:47 826,368 ------w c:\windows\system32\dllcache\wininet.dll
2008-12-20 22:47 671,232 ------w c:\windows\system32\dllcache\mstime.dll
2008-12-20 22:47 477,696 ------w c:\windows\system32\dllcache\mshtmled.dll
2008-12-20 22:47 44,544 ------w c:\windows\system32\dllcache\pngfilt.dll
2008-12-20 22:47 233,472 ------w c:\windows\system32\dllcache\webcheck.dll
2008-12-20 22:47 193,024 ------w c:\windows\system32\dllcache\msrating.dll
2008-12-20 22:47 105,984 ------w c:\windows\system32\dllcache\url.dll
2008-12-20 22:47 102,912 ------w c:\windows\system32\dllcache\occache.dll
2008-12-20 22:47 1,160,192 ------w c:\windows\system32\dllcache\urlmon.dll
2008-12-19 09:11 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 05:25 634,024 ------w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 05:23 161,792 ------w c:\windows\system32\dllcache\ieakui.dll
2008-12-11 10:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2008-12-06 11:52 5,068,152 ----a-w c:\windows\system32\SpoonUninstall.exe
2008-03-28 14:27 47,360 ----a-w c:\documents and settings\yleinen\Application Data\pcouffin.sys
2007-01-21 16:23 87,608 ----a-w c:\documents and settings\yleinen\Application Data\ezpinst.exe
2008-06-30 10:44 324,976 ----a-w c:\program files\mozilla firefox\components\coFFPlgn.dll
2008-09-25 12:12 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Sivuhistoria\History.IE5\MSHist012008092520080926\index.dat
.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-02-25 1830128]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2008-02-07 718704]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-23 148888]
"SoundMan"="SOUNDMAN.EXE" [2006-03-02 c:\windows\SOUNDMAN.EXE]
"VTTimer"="VTTimer.exe" [2005-03-07 c:\windows\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2006-04-11 c:\windows\system32\VTTrayp.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 11:05 356352 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"msacm.avis"= ff_acm.acm

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-10-15 01:04 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 11:34 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 09:50 413696 c:\program files\QuickTime Alternative\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2009-02-23 22:49 148888 c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"14783:TCP"= 14783:TCP:BitComet 14783 TCP
"14783:UDP"= 14783:UDP:BitComet 14783 UDP
"14029:TCP"= 14029:TCP:BitComet 14029 TCP
"14029:UDP"= 14029:UDP:BitComet 14029 UDP

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2009-01-15 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-01-15 55024]
R2 Automaattinen LiveUpdate-ajastustoiminto;Automaattinen LiveUpdate-ajastustoiminto;c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-02-09 238968]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [2008-01-25 149352]
R2 OSCI_DRVNT;OSCI_DRVNT;c:\windows\system32\drivers\OSCI_DRVNT.sys [2007-12-24 6784]
R3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-01-12 23888]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-02-25 99376]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-01-15 7408]
S3 EraserUtilDrv10730;EraserUtilDrv10730;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10730.sys --> c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10730.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-02-25 38496]

--- Muut muistissa olevat ajurit/palvelut ---

*NewlyCreated* - COMHOST
*NewlyCreated* - ERASERUTILDRV10910
*NewlyCreated* - SASDIFSV
*Deregistered* - EraserUtilDrv10910
.
'Ajoitetut tehtävät'-kansion sisältö

2009-02-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57]

2009-02-22 c:\windows\Tasks\Norton Internet Security - Suorita täysi järjestelmäntarkistus - yleinen.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2008-02-07 08:05]
.
- - - - POISTETUT JÄMÄRIVIT - - - -

MSConfigStartUp-BitTorrent DNA - c:\program files\DNA\btdna.exe


.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://www.google.fi/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Vie Microsoft E&xceliin - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\yleinen\Application Data\Mozilla\Firefox\Profiles\1oqld2ui.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.fmi.fi/saa/paikalli.html?kunta=Mikkeli
FF - component: c:\program files\Mozilla Firefox\components\coFFPlgn.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin2.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin3.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin4.dll
FF - plugin: c:\program files\QuickTime Alternative\Plugins\npqtplugin5.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-26 17:19:51
Windows 5.1.2600 Service Pack 3 NTFS

tarkistaa piilotettuja prosesseja ...

tarkistaa piilotettuja käynnistysarvoja ...

tarkistaa piilotettuja tiedostoja ...

tarkistus on valmis
piilotetut tiedostot: 0

**************************************************************************
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------

[HKEY_USERS\S-1-5-21-3282887030-2585726634-2306389267-1006\Software\Microsoft\PerfVis\Settings\Default]
@DACL=(02 0000)
@SACL=

[HKEY_USERS\S-1-5-21-3282887030-2585726634-2306389267-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{065A8378-049E-4C1A-582E-2CE5667AA1BD}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"dbknpgljghdgjighnpbcpongjffcfoiajfcfgoej"=hex:6a,61,64,6a,6d,6d,64,61,70,6f,
64,62,6e,6b,66,61,62,61,63,65,00,dd
"cbaobjpcabmkblkgmeofdonghakhcehkjchjeh"=hex:6a,61,64,6a,6d,6d,64,61,70,6f,64,
62,6e,6b,66,61,62,61,63,65,00,dd
"abgopmobgedglhoddcdoiloanmmloiheab"=hex:61,61,00,f7
"mafokmlpbppkbjlacpbecjognj"=hex:61,61,00,f7

[HKEY_USERS\S-1-5-21-3282887030-2585726634-2306389267-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{61266279-B172-06E4-0D83-34B014116B48}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"cblnfenoefcabcicgbbadapgglbknfjicpggnh"=hex:6a,61,6b,6b,65,61,69,65,6e,63,6b,
6f,68,64,66,6e,6a,61,70,69,00,eb
"bbfelbchniebicnmgibgdmdneogbiaoipmdn"=hex:6a,61,6b,6b,65,61,69,65,6e,63,6b,6f,
68,64,66,6e,6a,61,70,69,00,eb

[HKEY_USERS\S-1-5-21-3282887030-2585726634-2306389267-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{96A5B540-33B7-32BB-1477-F04772BF94B6}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"dbojeidfgajeipcdifiegahpkamolcafolecpfgh"=hex:6a,61,6c,6c,61,65,6e,6d,61,6f,
70,6f,64,6f,6f,6e,68,64,61,6c,00,dd
"cbikgnbocaaagmnpdnfngdpbngafdogiokimfe"=hex:6a,61,6c,6c,61,65,6e,6d,61,6f,70,
6f,64,6f,6f,6e,68,64,61,6c,00,dd
"abkjenhfbjongaopnlbjilngpjjgcibhhd"=hex:61,61,00,00
"majjjmpaapmfadhceangeoialn"=hex:61,61,00,00

[HKEY_USERS\S-1-5-21-3282887030-2585726634-2306389267-1006\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{AFFB3BFC-3F6A-C413-1D00-046810CED6C9}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"dbcnmebjbdoofmacfpigmaefbepggefaebblmckn"=hex:6a,61,6c,65,6a,6c,6f,66,63,65,
6d,67,64,6b,62,68,6c,64,67,64,00,16
"cbmmckhiogmpkmjpnmmfcmiokoldahfdljgbgp"=hex:6a,61,6c,65,6a,6c,6f,66,63,65,6d,
67,64,6b,62,68,6c,64,67,64,00,16

[HKEY_LOCAL_MACHINE\software\Classes\Applications\dsidebar.exe\shell]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2440-A1A3-11d1-B024-006097C9A284}\LocalServer32]
@DACL=(02 0000)
@="c:\\Program Files\\Microsoft Office\\Office\\1035\\MSOHELP.EXE"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2440-A1A3-11d1-B024-006097C9A284}\ProgID]
@DACL=(02 0000)
@="MsoHelpKeyDlg.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2440-A1A3-11d1-B024-006097C9A284}\VersionIndependentProgID]
@DACL=(02 0000)
@="MsoHelpKeyDlg"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2441-A1A3-11d1-B024-006097C9A284}\LocalServer32]
@DACL=(02 0000)
@="c:\\Program Files\\Microsoft Office\\Office\\1035\\MSOHELP.EXE"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2441-A1A3-11d1-B024-006097C9A284}\ProgID]
@DACL=(02 0000)
@="MsoHelpAWDlg.1"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B58C2441-A1A3-11d1-B024-006097C9A284}\VersionIndependentProgID]
@DACL=(02 0000)
@="MsoHelpAWDlg"

[HKEY_LOCAL_MACHINE\software\Microsoft\Advanced INF Setup\IEHomePageInfo\RegBackup]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\10.0]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Automenu]
@DACL=(02 0000)
@SACL=
"classid"="clsid:6B28F900-8D64-4B80-9963-CC52DDD1FBB4"
"visible"="false"
"tabstop"="false"
"width"="1"
"height"="1"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\BalanceSlider]
@DACL=(02 0000)
@SACL=
"classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A"
"toolTip"="res://wmploc.dll/RT_STRING/#1845"
"min"="-100"
"max"="100"
"value"="wmpproplayer.settings.balance"
"value_onchange"="player.settings.balance=value;"
"accName"="res://wmploc.dll/RT_STRING/#2112"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2108"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\browser]
@DACL=(02 0000)
@SACL=
"classid"="clsid:8856F961-340A-11D0-A96B-00C04FD705A2"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Button]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2114"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ButtonGroup]
@DACL=(02 0000)
@SACL=
"classid"="clsid:AE3B6831-25A9-11d3-BD41-00C04F6EA5AE"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\CloseButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"upToolTip"="res://wmploc.dll/RT_STRING/#1812"
"onclick"="view.close();"
"accName"="res://wmploc.dll/RT_STRING/#2134"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2135"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\CurrentPositionText]
@DACL=(02 0000)
@SACL=
"classid"="clsidDDA102E-0E17-11D3-A2E2-00C04F79F88E"
"tabStop"="true"
"justification"="right"
"value"="wmpproplayer.controls.currentPositionString"
"accName"="res://wmploc.dll/RT_STRING/#2103"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\CustomSlider]
@DACL=(02 0000)
@SACL=
"classid"="clsid:95F45AA3-ED0A-11D2-BA67-0000F80855E6"
"cursor"="hand"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\DropDownPlaylist]
@DACL=(02 0000)
@SACL=
"classid"="clsid:5F9CFD93-8CAD-11d3-9A7E-00C04F8EFB70"
"playlistItemsVisible"="false"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\DurationText]
@DACL=(02 0000)
@SACL=
"classid"="clsidDDA102E-0E17-11D3-A2E2-00C04F79F88E"
"tabStop"="true"
"justification"="right"
"value"="wmpproplayer.currentMedia.DurationString"
"accName"="res://wmploc.dll/RT_STRING/#2104"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\EditBox]
@DACL=(02 0000)
@SACL=
"classid"="clsid:6342FCED-25EA-4033-BDDB-D049A14382D3"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Alchemy]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Ambience]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Bars]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Dotplane]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Plenoptic]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Effects\Spikes]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\EqualizerSettings]
@DACL=(02 0000)
@SACL=
"classid"="clsid:93EB32F5-87B1-45ad-ACC6-0F2483DB83BB"
"tabStop"="false"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\FFWDButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"enabled"="wmpenabledlayer.controls.fastforward"
"upToolTip"="res://wmploc.dll/RT_STRING/#1804"
"onclick"="player.controls.FastForward()"
"accName"="res://wmploc.dll/RT_STRING/#2120"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2121"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ImageButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"cursor"="hand"
"accName"="res://wmploc.dll/RT_STRING/#2140"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ItemsPlaylist]
@DACL=(02 0000)
@SACL=
"classid"="clsid:5F9CFD93-8CAD-11d3-9A7E-00C04F8EFB70"
"backgroundcolor"="black"
"foregroundcolor"="white"
"columnsVisible"="false"
"columns"="name=Name;Duration=Time"
"dropDownVisible"="false"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\LibraryTree]
@DACL=(02 0000)
@SACL=
"classid"="clsid9DE732A-AEE9-4503-9D11-5605589977A8"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ListBox]
@DACL=(02 0000)
@SACL=
"classid"="clsid:FC1880CF-83B9-43A7-A066-C44CE8C82583"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\menu]
@DACL=(02 0000)
@SACL=
"classid"="clsid:BAB3768B-8883-4AEC-9F9B-E14C947913EF"
"visible"="false"
"tabstop"="false"
"width"="1"
"height"="1"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\MinimizeButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"upToolTip"="res://wmploc.dll/RT_STRING/#1811"
"onclick"="view.minimize();"
"accName"="res://wmploc.dll/RT_STRING/#2132"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2133"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\MuteButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"upToolTip"="res://wmploc.dll/RT_STRING/#1807"
"downToolTip"="res://wmploc.dll/RT_STRING/#1808"
"sticky"="true"
"down"="wmpproplayer.settings.mute"
"onClick"="player.settings.mute=down;"
"accName"="res://wmploc.dll/RT_STRING/#2130"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2131"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\NextButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"enabled"="wmpenabledlayer.controls.next"
"upToolTip"="res://wmploc.dll/RT_STRING/#1806"
"onclick"="player.controls.Next()"
"accName"="res://wmploc.dll/RT_STRING/#2124"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2125"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\PauseButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"enabled"="wmpenabledlayer.controls.pause"
"upToolTip"="res://wmploc.dll/RT_STRING/#1801"
"onclick"="player.controls.pause()"
"accName"="res://wmploc.dll/RT_STRING/#2116"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2117"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\PlayButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"enabled"="wmpenabledlayer.controls.play"
"upToolTip"="res://wmploc.dll/RT_STRING/#1800"
"onclick"="player.controls.play()"
"accName"="res://wmploc.dll/RT_STRING/#2115"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2117"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Playlist]
@DACL=(02 0000)
@SACL=
"classid"="clsid:5F9CFD93-8CAD-11d3-9A7E-00C04F8EFB70"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\plugin]
@DACL=(02 0000)
@SACL=
"classid"="clsid:AA1AC37B-49A8-4B41-AF69-B0176C5FFC33"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\PopUp]
@DACL=(02 0000)
@SACL=
"classid"="clsid:FC1880CF-83B9-43A7-A066-C44CE8C82583"
"popup"="true"
"visible"="false"
"backgroundColor"="menu"
"foregroundColor"="menutext"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\PrevButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"enabled"="wmpenabledlayer.controls.previous"
"upToolTip"="res://wmploc.dll/RT_STRING/#1805"
"onclick"="player.controls.Previous()"
"accName"="res://wmploc.dll/RT_STRING/#2126"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2127"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ProgressBar]
@DACL=(02 0000)
@SACL=
"classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\RepeatButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"upToolTip"="res://wmploc.dll/RT_STRING/#1816"
"downToolTip"="res://wmploc.dll/RT_STRING/#1817"
"sticky"="true"
"down"="jscriptlayer.settings.GetMode(\"loop\");"
"onClick"="player.settings.setMode(\"loop\", down);"
"accName"="res://wmploc.dll/RT_STRING/#2138"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2139"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ReturnButton]
@DACL=(02 0000)
@SACL=
"upToolTip"="res://wmploc.dll/RT_STRING/#1813"
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"onclick"="view.returnToMediaCenter();"
"accName"="res://wmploc.dll/RT_STRING/#2128"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2129"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\REWButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"enabled"="wmpenabledlayer.controls.fastreverse"
"upToolTip"="res://wmploc.dll/RT_STRING/#1803"
"onclick"="player.controls.FastReverse()"
"accName"="res://wmploc.dll/RT_STRING/#2122"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2123"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\SeekSlider]
@DACL=(02 0000)
@SACL=
"classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A"
"toolTip"="res://wmploc.dll/RT_STRING/#1809"
"min"="0"
"max"="wmpproplayer.currentmedia.duration"
"value"="wmpproplayer.controls.currentposition"
"ondragend"="player.controls.currentposition=value;"
"foregroundProgress"="wmpproplayer.network.downloadProgress"
"useForegroundProgress"="true"
"accName"="res://wmploc.dll/RT_STRING/#2109"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2108"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\ShuffleButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"upToolTip"="res://wmploc.dll/RT_STRING/#1814"
"downToolTip"="res://wmploc.dll/RT_STRING/#1815"
"sticky"="true"
"down"="jscriptlayer.settings.GetMode(\"shuffle\");"
"onClick"="player.settings.setMode(\"shuffle\", down);"
"accName"="res://wmploc.dll/RT_STRING/#2136"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2137"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Slider]
@DACL=(02 0000)
@SACL=
"classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2108"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\StatusText]
@DACL=(02 0000)
@SACL=
"classid"="clsidDDA102E-0E17-11D3-A2E2-00C04F79F88E"
"tabStop"="true"
"value"="wmpproplayer.status"
"accName"="res://wmploc.dll/RT_STRING/#2102"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\StopButton]
@DACL=(02 0000)
@SACL=
"classid"="clsid:87291B51-0C8E-11D3-BB2A-00A0C93CA73A"
"enabled"="wmpenabledlayer.controls.stop"
"upToolTip"="res://wmploc.dll/RT_STRING/#1802"
"onclick"="player.controls.stop()"
"accName"="res://wmploc.dll/RT_STRING/#2118"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2119"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\taskcenter]
@DACL=(02 0000)
@SACL=
"classid"="clsid:395BF287-6477-495f-8427-2C09A23C3248"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Text]
@DACL=(02 0000)
@SACL=
"classid"="clsidDDA102E-0E17-11D3-A2E2-00C04F79F88E"
"tabStop"="false"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\TrackNameText]
@DACL=(02 0000)
@SACL=
"classid"="clsidDDA102E-0E17-11D3-A2E2-00C04F79F88E"
"tabStop"="true"
"value"="wmpproplayer.currentmedia.name"
"accName"="res://wmploc.dll/RT_STRING/#2105"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\Video]
@DACL=(02 0000)
@SACL=
"classid"="clsid:61CECF11-FC3A-11D2-A1CD-005004602752"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\VideoSettings]
@DACL=(02 0000)
@SACL=
"classid"="clsid:AE7BFAFE-DCC8-4a73-92C8-CC300CA88859"
"tabStop"="false"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\VolumeSlider]
@DACL=(02 0000)
@SACL=
"classid"="clsid:F2BF2C90-405F-11D3-BB39-00A0C93CA73A"
"min"="0"
"max"="100"
"value"="wmpproplayer.settings.volume"
"value_onchange"="if (value!=player.settings.volume){player.settings.volume=value;player.settings.mute=false;}"
"toolTip"="res://wmploc.dll/RT_STRING/#1810"
"accName"="res://wmploc.dll/RT_STRING/#2110"
"accKeyboardShortcut"="res://wmploc.dll/RT_STRING/#2111"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\WMPEffects]
@DACL=(02 0000)
@SACL=
"classid"="clsid:47DEA830-D619-4154-B8D8-6B74845D6A2D"
"tabStop"="false"
"width"="250"
"height"="200"
"horizontalAlignment"="stretch"
"verticalAlignment"="stretch"
"currentEffectType"="wmpprop:mediacenter.effectType"
"currentPreset"="wmpprop:mediacenter.effectPreset"
"currentEffectType_onchange"="mediacenter.effectType = currentEffectType;"
"currentPreset_onchange"="mediacenter.effectPreset = currentPreset;"
"onclick"="next();"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Objects\WMPVideo]
@DACL=(02 0000)
@SACL=
"classid"="clsid:61CECF11-FC3A-11D2-A1CD-005004602752"
"horizontalAlignment"="stretch"
"verticalAlignment"="stretch"
"zoom"="wmpprop:mediacenter.videoZoom"
"stretchToFit"="wmpprop:mediacenter.videoStretchToFit"
"backgroundColor"="black"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\services]
@DACL=(02 0000)
@SACL=
"NoServices"=dword:00000000

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\Settings]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{0890F930-4F80-4646-BAB1-4B6E5571FB89}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1491"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{1F32514F-1561-4922-A604-8A1F478B5A42}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1495"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{292AE934-4F49-40bb-9E7E-6F6398ED9C31}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Nero Fast CD-Burning -lisäosa"
"Description"="Polta CD:si"
"Capabilities"=dword:40000001

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{4769DAFC-DCBA-4B73-AC3D-76DC477583CB}]
@DACL=(02 0000)
"FriendlyName"="res://Windows Media Player Info Server.dll/RT_STRING/#102"
"Description"="res://Windows Media Player Info Server.dll/RT_STRING/#103"
"Capabilities"=dword:c0000001

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{52903d79-f993-4de6-8317-20c9c176d823}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1496"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{59E7BF52-E5C9-4382-A39A-522DEE9AFDFD}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1497"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{5DF031B7-6A37-42D9-8802-E27F4F224332}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000003
"FriendlyName"="Viz Plug-in"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{5F4BB5C9-4652-489B-8601-EEC0C3C32E2E}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1494"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{7F2B1D6B-1357-402C-A1C8-67E59583B41D}]
@DACL=(02 0000)
@SACL=
"Description"="Captions plugin description"
"Capabilities"=dword:000000f0
"FriendlyName"="Captions plugin name"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{93075F62-16B3-43EC-A53B-FFAD0E01D5E7}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000003
"FriendlyName"="res://wmploc.dll/RT_STRING/#209"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{9695AEF9-9D03-4671-8F2F-FF49D1BB01C4}]
@DACL=(02 0000)
@SACL=
"Description"="Media Information description"
"Capabilities"=dword:00000005
"FriendlyName"="res://wmploc.dll/RT_STRING/#1407"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{976ABECA-93F7-4d81-9187-2A6137829675}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1490"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{99DB05E3-F81E-4C8A-A252-F396306AB6FE}]
@DACL=(02 0000)
@SACL=
"Description"="Banner plugin description"
"Capabilities"=dword:000000f0
"FriendlyName"="Banner plugin name"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{9F9562EB-15B6-46C6-A7CB-0A66FC65130E}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1493"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{9FA014E3-076F-4865-A73C-117131B8E292}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000004
"FriendlyName"="res://wmploc.dll/RT_STRING/#1492"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{D5E49195-ED19-40fb-9EE0-E6625A808B77}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000003
"FriendlyName"="Video Plug-in"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{E641D09E-E500-4c09-8260-F1CD7B902E9C}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="WM View plugin name"
"Description"="WM View plugin description"
"Capabilities"=dword:000000f0

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{F24A1BC2-2331-4B91-8A13-5A549DA56E9D}]
@DACL=(02 0000)
@SACL=
"Capabilities"=dword:00000003
"FriendlyName"="Border Plug-in"

[HKEY_LOCAL_MACHINE\software\Microsoft\MediaPlayer\UIPlugins\{FD981763-B6BB-4d51-9143-6D372A0ED56F}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="res://wmploc.dll/RT_STRING/#5822"
"Description"="res://wmploc.dll/RT_STRING/#5823"
"Capabilities"=dword:00000003

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\�•€|ÿÿÿÿ"•€|ù•Ów*]
"b049C053C7D38EE4AB9A00CB3B5D2472"="C?\\Program Files\\Common Files\\Microsoft Shared\\Web Folders\\PUBPLACE.HTT"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\�•€|ÿÿÿÿ"•€|þ»Ów*]
"b049C053C7D38EE4AB9A00CB3B5D2472"="C?\\Program Files\\Common Files\\Microsoft Shared\\Web Folders\\PUBPLACE.HTT"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{077ACEC7-979C-40AB-9835-435BA1511E0D}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{077ACEC7-979C-40AB-9835-435BA1511E0D}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{077ACEC7-979C-40AB-9835-435BA1511E0D}\\MPPRE10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{077ACEC7-979C-40AB-9835-435BA1511E0D}\\mppre10.cat"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{30C7234B-6482-4A55-A11D-ECD9030313F2}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{30C7234B-6482-4A55-A11D-ECD9030313F2}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\WMDM10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{30C7234B-6482-4A55-A11D-ECD9030313F2}\\wmdm10.cat"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{3FDF25EE-E592-4495-8391-6E9C504DAC2B}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\\WMSET10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\\wmset10.cat"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{60204BB3-7078-4F70-8F69-68297621941C}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{60204BB3-7078-4F70-8F69-68297621941C}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{60204BB3-7078-4F70-8F69-68297621941C}\\MPSTUB10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{60204BB3-7078-4F70-8F69-68297621941C}\\mpstub10.cat"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{981FB688-E76B-4246-987B-92083185B90A}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{981FB688-E76B-4246-987B-92083185B90A}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\WPD10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{981FB688-E76B-4246-987B-92083185B90A}\\wpd10.cat"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{A47B3654-48EE-48A5-B629-97D70175E58F}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{A47B3654-48EE-48A5-B629-97D70175E58F}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\codecs10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{A47B3654-48EE-48A5-B629-97D70175E58F}\\codecs10.cat"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\WMFSDK10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\\wmfsdk10.cat"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\DRM10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\\drm10.cat"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}\\MPCD10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{CFB4B314-0328-45E1-94AF-45A3F5F48E0B}\\mpcd10.cat"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{DD90D410-1823-43EB-9A16-A2331BF08799}]
@DACL=(02 0000)
@SACL=
"FriendlyName"="Windows Media Files"
"ComponentGUID"="{DD90D410-1823-43EB-9A16-A2331BF08799}"
"Version"=dword:000a0000
"Sub-Version"=dword:00000eda
"ExceptionInfName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{DD90D410-1823-43EB-9A16-A2331BF08799}\\WMP10.inf"
"ExceptionCatalogName"=expand:"c:\\WINDOWS\\RegisteredPackages\\{DD90D410-1823-43EB-9A16-A2331BF08799}\\wmp10.cat"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\Codebases]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\Files]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\References]
@DACL=(02 0000)
@SACL=
"U_KB884883"=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_edf6fef0\Codebases]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_edf6fef0\Files]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\SideBySide\Installations\x86_policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_edf6fef0\References]
@DACL=(02 0000)
@SACL=
"U_KB884883"=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDeviceClasses]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\KnownDevices]
@DACL=(02 0000)
@SACL=

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SCP\SCPTRANS]
@DACL=(02 0000)
@SACL=
"ProgID"="MsScp.SCPTRANS.1"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SP\NeroBurnPlugin]
@DACL=(02 0000)
@SACL=
"ProgID"="MDNeroBurnPlugin.MDNeroBurnPlugin"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SP\WMDMCESP]
@DACL=(02 0000)
@SACL=
"ProgID"="WMDMCESP.WMDMCESP"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows Media Device Manager\Plugins\SP\WPDSp]
@DACL=(02 0000)
@SACL=
"PnPAware"=dword:00000001
"ProgID"="WPDSp.WPDServiceProvider"
.
--------------------- Prosesseihin ladatut DLLt ---------------------

- - - - - - - > 'winlogon.exe'(912)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
Valmistumisajankohta: 2009-02-26 17:22:59
ComboFix-quarantined-files.txt 2009-02-26 15:22:48

Ennen ajoa: 63 200 706 560 tavua vapaana
Ajon jälkeen: 63,301,185,536 tavua vapaana

WindowsXP-KB310994-SP2-Home-BootDisk-FIN.EXE
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
882 --- E O F --- 2009-02-25 22:22:48

 

Poista kansiot

C:\Bases
C:\Kaspersky

=============

Kirjoita suorita luukkuun

ComboFix /u

Klikkaa OK

 

Combofix valittaa, että norton pitäisi ottaa pois päältä, koska se voi aiheuttaa laitevian ja toiminto on omalla vastuulla, mutta en saa Nortonia pois päältä. Onko Nortonista mitään haittaa jos ajaa ton Combofixin.

 

Combofix ei ole lelu, eikä sitä tule ajaa säännöllisesti. Vain silloin kun joku ammattiauttaja/fixari niin sanoo.

Poista se vain koneelta kuten hujo neuvoi.

 

Poista mikä. Norton kokonaan pois koneelta vai? Eli en tee mitään muutoksia ajan vain sen, vaikka se antaa virheilmoituksen.

 

ensimmäine combofix ajo meni ok niin tolla combofixilla et tee enään mitään

poistossa meinasin combofixia, en nortonia

 

Tehty ja poistettu. Ja olisko jollakin jotakin vielä jotakin tekemistä koneen kanssa. Kone kyllä toimii hyvin.

 

Tuon ajoo vielä Poista vaikka aikasempi asennus ja lataa uudelleen
päivitä ennen täys scannausta.

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi

 

Ja taas, kun luulin, että scan olis valmis.. ohjelma ei avannut> tehtvähallinata> Ei vastaa. jee jee. :d

 

Mikäs on sen koneen toiminta.

 

Siis toimii ihan mahtavasti, mitä se oli silloin alussa. Olen tyytyväinen koneen toimintaan, minusta tässä ei ole enää mitään korjattavaa.

 

Ok.