[spyware] Weergave IE ineens weg*

Hallo,

Ik heb Ad-aware gedraaid, het volgende gaf het aan:

16-5-2004 11:01:00 - Scan started. (Smart mode)

Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 16-5-2004 8:41:54
BasePriority : Normal


#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 16-5-2004 8:42:01
BasePriority : High


#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 16-5-2004 8:42:01
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services en controllertoepassingen
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Besturingssysteem Microsoft
Created on : 8-9-2003 22:24:53
Last accessed : 16-5-2004 8:41:54
Last modified : 11-9-2002 20:00:00

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 16-5-2004 8:42:01
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 8-9-2003 22:24:44
Last accessed : 16-5-2004 8:41:54
Last modified : 11-9-2002 20:00:00

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 16-5-2004 8:42:02
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8-9-2003 22:24:56
Last accessed : 16-5-2004 8:41:54
Last modified : 11-9-2002 20:00:00

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 16-5-2004 8:42:02
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 8-9-2003 22:24:56
Last accessed : 16-5-2004 8:41:54
Last modified : 11-9-2002 20:00:00

#:7 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 16-5-2004 8:42:03
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 8-9-2003 22:24:55
Last accessed : 16-5-2004 8:41:54
Last modified : 11-9-2002 20:00:00

#:8 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 16-5-2004 8:42:03
BasePriority : Normal
FileSize : 313 KB
FileVersion : 1.03.4
ProductVersion : 1.03.4
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
OriginalFilename : ccEvtMgr.exe
ProductName : Event Manager
Created on : 13-5-2004 16:07:20
Last accessed : 16-5-2004 8:41:54
Last modified : 6-12-2002 9:28:42

#:9 [nisum.exe]
FilePath : C:\Program Files\Norton Internet Security\
ThreadCreationTime : 16-5-2004 8:42:03
BasePriority : Normal
FileSize : 137 KB
FileVersion : 6.00.2036
ProductVersion : 6.00.2036
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton Internet Security NISUM
InternalName : NISUM
OriginalFilename : NISUM.exe
ProductName : Norton Internet Security
Created on : 16-9-2002 14:06:38
Last accessed : 16-5-2004 8:41:54
Last modified : 16-9-2002 14:06:38

#:10 [ccpxysvc.exe]
FilePath : C:\Program Files\Norton Internet Security\
ThreadCreationTime : 16-5-2004 8:42:04
BasePriority : Normal
FileSize : 33 KB
FileVersion : 6.00.2036
ProductVersion : 6.00.2036
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton Internet Security Proxy Service
InternalName : ccPxySvc
OriginalFilename : ccPxySvc.exe
ProductName : Norton Internet Security
Created on : 16-9-2002 14:05:50
Last accessed : 16-5-2004 8:41:54
Last modified : 16-9-2002 14:05:50

#:11 [ceepwrsvc.exe]
FilePath : C:\Program Files\TOSHIBA\Power Management\
ThreadCreationTime : 16-5-2004 8:42:05
BasePriority : Normal
FileSize : 72 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright 2003 Compal Electronic Inc.
CompanyName : COMPAL ELECTRONIC INC.
FileDescription : CeEPwrSvc Module
InternalName : CeEPwrSvc
OriginalFilename : CeEPwrSvc.EXE
ProductName : CeEPwrSvc Module
Created on : 11-7-2003 10:18:46
Last accessed : 16-5-2004 8:41:54
Last modified : 11-7-2003 10:18:46

#:12 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ThreadCreationTime : 16-5-2004 8:42:05
BasePriority : Normal
FileSize : 113 KB
FileVersion : 9.05.1015
ProductVersion : 9.05.1015
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 12-5-2004 16:08:50
Last accessed : 16-5-2004 8:41:54
Last modified : 28-11-2002 7:44:52

#:13 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 16-5-2004 8:42:05
BasePriority : Normal
FileSize : 76 KB
FileVersion : 6.14.10.4485
ProductVersion : 6.14.10.4485
Copyright : (C) NVIDIA Corporation. All rights reserved.
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 44.85
InternalName : NVSVC
OriginalFilename : nvsvc32.exe
ProductName : NVIDIA Driver Helper Service, Version 44.85
Created on : 26-8-2003 10:15:31
Last accessed : 16-5-2004 8:41:54
Last modified : 31-7-2003 22:08:00

#:14 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 16-5-2004 8:42:12
BasePriority : Normal
FileSize : 984 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Windows Verkenner
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Besturingssysteem Microsoft
Created on : 8-9-2003 22:24:40
Last accessed : 16-5-2004 9:00:08
Last modified : 11-9-2002 20:00:00

#:15 [apoint.exe]
FilePath : C:\Program Files\Apoint2K\
ThreadCreationTime : 16-5-2004 8:42:13
BasePriority : Normal
FileSize : 148 KB
FileVersion : 5.3.10.166
ProductVersion : 5.3.10.166
Copyright : Copyright (C) 1999-2003 Alps Electric Co., Ltd.
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver
InternalName : Alps Pointing-device Driver
OriginalFilename : Apoint.exe
ProductName : Alps Pointing-device Driver
Created on : 26-8-2003 9:56:11
Last accessed : 16-5-2004 8:41:54
Last modified : 18-6-2003 13:44:06

#:16 [cepmtray.exe]
FilePath : C:\Program Files\TOSHIBA\Power Management\
ThreadCreationTime : 16-5-2004 8:42:13
BasePriority : Normal
FileSize : 132 KB
FileVersion : 1, 0, 0, 28
ProductVersion : 1, 0, 0, 28
Copyright : Copyright 2003 Compal Electronic Inc.
CompanyName : COMPAL ELECTRONIC INC.
FileDescription : CeTray MFC Application
InternalName : CeTray
OriginalFilename : CeTray.EXE
ProductName : CeTray Application
Created on : 9-8-2003 16:11:22
Last accessed : 16-5-2004 8:41:54
Last modified : 9-8-2003 16:11:22

#:17 [cplbtq00.exe]
FilePath : C:\Program Files\EzButton\
ThreadCreationTime : 16-5-2004 8:42:14
BasePriority : Normal
FileSize : 692 KB
FileVersion : 1.210
ProductVersion : 1.210
Copyright : Copyright (C) 2003 Dritek System Inc.
CompanyName : Dritek System Inc.
FileDescription : Compal ATR10 Easy Button ( Multi-Language )
InternalName : CPATR10
OriginalFilename : CPATR10.exe
ProductName : Dritek System Inc. CPATR10 01.17.2003 ( VC60 )
Created on : 26-8-2003 10:12:00
Last accessed : 16-5-2004 8:41:54
Last modified : 27-6-2003 17:33:10

#:18 [ceekey.exe]
FilePath : C:\Program Files\TOSHIBA\E-KEY\
ThreadCreationTime : 16-5-2004 8:42:14
BasePriority : Normal
FileSize : 624 KB
FileVersion : 2, 0, 0, 16
ProductVersion : 2, 0, 0, 16
Copyright : Copyright 2003 Compal Electronic Inc.
CompanyName : COMPAL ELECTRONIC INC.
FileDescription : TOSHIBA HotKey Utility
InternalName : E_Key
OriginalFilename : CeEKey.EXE
ProductName : EKey Application
Created on : 23-7-2003 13:04:56
Last accessed : 16-5-2004 8:41:54
Last modified : 23-7-2003 13:04:56

#:19 [tptray.exe]
FilePath : C:\Program Files\TOSHIBA\TouchPad\
ThreadCreationTime : 16-5-2004 8:42:14
BasePriority : Normal
FileSize : 48 KB
FileVersion : 1, 0, 0, 11
ProductVersion : 1, 0, 0, 11
Copyright : Copyright 2002 Compal Electronic Inc.
CompanyName : COMPAL ELECTRONIC INC.
FileDescription : TPTray Application
InternalName : TPTray
OriginalFilename : TPTray.EXE
ProductName : TPTray Application
Created on : 18-7-2003 13:24:08
Last accessed : 16-5-2004 8:41:54
Last modified : 18-7-2003 13:24:08

#:20 [ndstray.exe]
FilePath : C:\Program Files\TOSHIBA\ConfigFree\
ThreadCreationTime : 16-5-2004 8:42:14
BasePriority : Normal
FileSize : 688 KB
FileVersion : 2, 5, 0, 2
ProductVersion : 2, 5, 0, 4
Copyright : Copyright 2002-2003 (C) TOSHIBA CORPORATION. All rights reserved.
CompanyName : TOSHIBA CORPORATION
FileDescription : ConfigFree(TM) Tray
InternalName : ndstray
OriginalFilename : NDSTray.exe
ProductName : ConfigFree(TM) Tray
Created on : 10-9-2003 10:03:35
Last accessed : 16-5-2004 8:41:54
Last modified : 24-7-2003 16:41:56

#:21 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ThreadCreationTime : 16-5-2004 8:42:14
BasePriority : Normal
FileSize : 56 KB
FileVersion : 1.08.01
ProductVersion : 1.08.01
Copyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Common Client CC App
InternalName : ccApp
OriginalFilename : ccApp.exe
ProductName : Common Client
Created on : 13-5-2004 16:09:57
Last accessed : 16-5-2004 8:41:54
Last modified : 15-7-2003 12:56:58

#:22 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 16-5-2004 8:42:15
BasePriority : Normal
FileSize : 13 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
OriginalFilename : CTFMON.EXE
ProductName : Microsoft
Created on : 8-9-2003 22:25:08
Last accessed : 16-5-2004 8:41:54
Last modified : 11-9-2002 20:00:00

#:23 [em_exec.exe]
FilePath : C:\Program Files\Logitech\MouseWare\system\
ThreadCreationTime : 16-5-2004 8:42:15
BasePriority : Normal
FileSize : 37 KB
FileVersion : 9.78.034
ProductVersion : 9.78.034
Copyright : (C) 1987-2003 Logitech. All rights reserved.
CompanyName : Logitech Inc.
FileDescription : Logitech Events Handler Application
InternalName : Em_Exec
OriginalFilename : Em_Exec.exe
ProductName : MouseWare
Created on : 12-5-2004 15:43:11
Last accessed : 16-5-2004 8:41:54
Last modified : 7-7-2003 7:50:00

#:24 [apntex.exe]
FilePath : C:\Program Files\Apoint2K\
ThreadCreationTime : 16-5-2004 8:42:16
BasePriority : Normal
FileSize : 44 KB
FileVersion : 5.0.1.15
ProductVersion : 5.0.1.15
Copyright : Copyright (C) 1998-2003 Alps Electric Co., Ltd.
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver for Windows NT/2000/XP
InternalName : Alps Pointing-device Driver for Windows NT/2000/XP
OriginalFilename : ApntEx.exe
ProductName : Alps Pointing-device Driver for Windows NT/2000/XP
Created on : 26-8-2003 9:56:10
Last accessed : 16-5-2004 8:42:16
Last modified : 26-2-2003 10:08:42

#:25 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ThreadCreationTime : 16-5-2004 9:00:45
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 16-5-2004 9:00:39
Last accessed : 16-5-2004 9:00:40
Last modified : 12-7-2003 19:00:20

Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0


Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Alexa Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}


Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 1
Objects found so far: 1


Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 1


Ik heb ook Spybot gedraaid, en die gaf ook 5 dingen aan in het register.

5 keer, DSO Exploit: Data source object exploit.

HKEY_USERS\S-1-5-20\software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004=W=3

HKEY_USERS\S-1-5-18\software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004=W=3

HKEY_USERS\S-1-5-21-2473718366-918996554-2786969047-1005\Software\Microsoft\Windows\CurrentVerion\Internet Settings\Zones\0\1004=W=3

HKEY_USERS\S-1-5-19\software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004=W=3

HKEY_USERS\DEFAULT\software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004=W=3


Misschien wordt het voor jullie duidelijk?

Mvg,

Willy

Kan het zo zijn dat Norton IS de Microsoft updates ziet als een bedreiging?
En dat het dan blokkeerd?

Want als ik de laatste M updates verwijderd, blijven de problemen weg....


Willy