Thread: Web Site Viewer is back! :(
View Single Post
Old 02-24-2005, 08:04 AM   #5 (permalink)
Omerr
TSF Enthusiast
 
Join Date: Feb 2005
Location: Israel
Posts: 1,032
OS: XP Proffesional


Send a message via ICQ to Omerr Send a message via MSN to Omerr
Quote:
Originally Posted by greyknight17
OK, just run those two again. Give us the StarDreck log and we'll take a look there.

Is WebSiteViewer being picked up by any programs?
Thanx a lot again. Actually the program is up only when I start the PC. Then it comes with the "Web Site Viewer", which is some kind of an "explorer" but in another design and you have only one website which explains about ways to pay them in order to get access to adults' stuff...

This is my log:
StartDreck (build 2.1.7 public stable) - 2005-02-24 @ 17:02:29 (GMT +02:00)
Platform: Windows XP (Win NT 5.1.2600 Service Pack 1)
Internet Explorer: 6.0.2800.1106
Logged in as USER at OMER

»Registry
»Run Keys
»Current User
»Run
*WebCamRT.exe=
*PowerBar=
*SIDEBAR="C:\Program Files\Desktop Sidebar\dsidebar.exe"
*msnmsgr="C:\Program Files\MSN Messenger\msnmsgr.exe" /background
*Gadu-Gadu="C:\Program Files\Gadu-Gadu\gg.exe" /tray
*NBJ="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
»RunOnce
»Default User
»Run
*CTFMON.EXE=C:\WINDOWS\System32\CTFMON.EXE
»RunOnce
»Local Machine
»Run
*NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
*nwiz=nwiz.exe /install
*anvshell=anvshell.exe
*LiveNote=livenote.exe
*WINDVDPatch=CTHELPER.EXE
*UpdReg=C:\WINDOWS\UpdReg.EXE
*Jet Detection="C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
*QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
*TkBellExe="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
*LVCOMS=C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
*Style=C:\Program Files\Instant Messaging In Style\Style.exe
*type32="C:\Program Files\Microsoft IntelliType Pro\type32.exe"
*WinDVRCtrl=C:\WINDOWS\WDVRCtrl.exe
*RecSche=C:\LifeView FlyVideo\RecSche.exe /Startup
*RemoteControl="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
*InCD=C:\Program Files\Ahead\InCD\InCD.exe
*NeroFilterCheck=C:\WINDOWS\system32\NeroCheck.exe
*msnappau="C:\Program Files\MSN Apps\Updater\01.02.3000.1001\he-il\msnappau.exe"
*SunJavaUpdateSched=C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
*ShStatEXE="C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
*McAfeeUpdaterUI="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
*Network Associates Error Reporting Service="C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
*LaunchList=C:\Program Files\Pinnacle\Studio 9\LaunchList.exe
*NvMediaCenter=RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
*CloneCDTray="C:\Program Files\CloneCD\CloneCDTray.exe" /s
*Mirabilis ICQ=C:\PROGRA~1\ICQ\ICQNet.exe
+OptionalComponents
+MSFS
*Installed=1
+MAPI
*Installed=1
*NoChange=1
+MAPI
*Installed=1
*NoChange=1
»RunOnce
»RunServices
»RunServicesOnce
»RunOnceEx
»RunServicesOnceEx
»File Associations (CR)
+.bat
*batfile="%1" %*
+.com
*comfile="%1" %*
+.disabled
*SpybotSD.DisabledFile="C:\Program Files\Spybot - Search & Destroy\blindman.exe" %1
+.exe
*exefile="%1" %*
+.hta
*htafile=C:\WINDOWS\System32\mshta.exe "%1" %*
+.htm
*htmlfile="C:\Program Files\Internet Explorer\iexplore.exe" -nohome
+.html
*htmlfile="C:\Program Files\Internet Explorer\iexplore.exe" -nohome
+.js
*JSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.jse
*JSEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.pif
*piffile="%1" %*
+.reg
*regfile=regedit.exe "%1"
+.scr
*scrfile="%1" /S
+.txt
*txtfile=%SystemRoot%\system32\NOTEPAD.EXE %1
+.vbs
*VBSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.vbe
*VBEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsh
*WSHFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsf
*WSFFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.lnk
`lnkfile= [key or value does not exist]
»Active Setup (LM)
+Windows Media Player/>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
*StubPath=C:\WINDOWS\inf\unregmp2.exe /ShowWMP
+Internet Explorer/>{26923b43-4d38-484f-9b9e-de460746276c}
*StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
+Browser Customizations/>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
*StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
+Outlook Express/>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
*StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
+Themes Setup/{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
*StubPath=%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
+Microsoft Outlook Express 6/{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
+NetMeeting 3.01/{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
+Windows Messenger 4.7/{5945c046-1e7d-11d1-bc44-00c04fd912be}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\msmsgs.inf,BLC.Install.PerUser
+Microsoft Windows Media Player/{6BF52A52-394A-11d3-B153-00C04F79FAA6}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub
+Address Book 5/{7790769C-0471-11d2-AF11-00C04FA35D02}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
+Windows Desktop Update/{89820200-ECBD-11cf-8B85-00AA005B4340}
*StubPath=regsvr32.exe /s /n /i:U shell32.dll
+Internet Explorer 6/{89820200-ECBD-11cf-8B85-00AA005B4383}
*StubPath=%SystemRoot%\System32\ie4uinit.exe
+CRLUpdate/{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11}
*StubPath=%SystemRoot%\System32\updcrl.exe -e -u %SystemRoot%\System32\verisignpub1.crl
»Browser Helper Objects (LM)
*BHO.HelperObject.1/{00C6482D-C502-44C8-8409-FCE54AD9C208}
`InprocServer32=C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
*AcroIEHelper.AcroIEHlprObj.1/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
`InprocServer32=c:\program files\Adobe\Acrobat Reader 5\Reader\ActiveX\AcroIEHelper.ocx
*{0F9561D0-03B2-44a3-89A6-E95E417CBA25}
`InprocServer32=C:\WINDOWS\cerbmod.dll
*idea2.SidebarBrowserMonitor.1/{45AD732C-2CE2-4666-B366-B2214AD57A49}
`InprocServer32=C:\Program Files\Desktop Sidebar\sbhelp.dll
*ST/{9394EDE7-C8B5-483E-8773-474BF36AF6E4}
`InprocServer32=C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
*Jccatch.IeCatch2.1/{A5366673-E8CA-11D3-9CD9-0090271D075B}
`InprocServer32=C:\PROGRA~1\FlashGet\jccatch.dll
*Google Toolbar Helper/{AA58ED58-01DD-4d91-8333-CF10577473F7}
`InprocServer32=c:\windows\googletoolbar2.dll
*MSNToolBandBHO/{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
`InprocServer32=C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\he-il\msntb.dll
»Internet Explorer
»Current User
*Local Page=C:\WINDOWS\System32\blank.htm
*Search Bar=http://g.msn.co.il/0SEHEIL/SAOS01
*Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Start Page=http://www.barca.co.il/
+SearchUrl
*provider=MSN
*=http://home.microsoft.com/access/autosearch.asp?p=%s
»Default User
»Local Machine
*Default_Page_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
*Default_Search_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Local Page=%SystemRoot%\system32\blank.htm
*Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Start Page=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
*CustomizeSearch=http://ie.search.msn.com/he/srchasst/srchcust.htm
*SearchAssistant=http://ie.search.msn.com/he/srchasst/srchasst.htm
»ShellServiceObjectDelayLoad (LM)
*PostBootReminder={7849596a-48ea-486e-8937-a2a3009f31a9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*CDBurn={fbeb8a05-beee-4442-804e-409d6c4515e9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
`InprocServer32=%SystemRoot%\System32\webcheck.dll
*SysTray={35CEC8A3-2BE6-11D2-8773-92E220524153}
`InprocServer32=C:\WINDOWS\System32\stobject.dll
»Special NT Values
»Current User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Default User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Local Machine
*AppInit_DLLs=
*SHELL=explorer.exe
*Userinit=c:\windows\system32\userinit.exe
»Files
»Autostart Folders
»Current User
*C:\Documents and Settings\USER\Start Menu\Programs\Startup\desktop.ini
*C:\Documents and Settings\USER\Start Menu\Programs\Startup\Wallpaper Changer.lnk
»Default User
*C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini
»Local Machine
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
»INI-Files
»WIN.INI\[windows]
*LOAD=
*RUN=
»SYSTEM.INI\[boot]
*SHELL=explorer.exe
»Text Files
*C:\boot.ini
`[boot loader]
`timeout=30
`default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
`[operating systems]
`multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect
*C:\msdos.sys
*C:\config.sys
*C:\WINDOWS\System32\config.nt
`dos=high, umb
`device=%SystemRoot%\system32\himem.sys
`files=40
`device=%SystemRoot%\system32\haspdos.sys
*C:\WINDOWS\wininit.ini
*C:\WINDOWS\System32\drivers\etc\hosts
`127.0.0.1 localhost
»Program Files
*C:\ntldr
*C:\ntdetect.com
*C:\io.sys
*C:\WINDOWS\System32\win.com
*C:\WINDOWS\explorer.exe
»%PATH% Companion Files
+C:\WINDOWS\System32\notepad.exe
*C:\WINDOWS\NOTEPAD.EXE
+C:\WINDOWS\System32\taskman.exe
*C:\WINDOWS\TASKMAN.EXE
+C:\WINDOWS\System32\UNINSTAL.EXE
*C:\WINDOWS\uninstal.exe
+C:\WINDOWS\System32\winhlp32.exe
*C:\WINDOWS\winhlp32.exe
»System/Drivers
»Running Processes
+0=<idle>
+4=<system>
+596=\SystemRoot\System32\smss.exe
+852=\??\C:\WINDOWS\system32\csrss.exe
+876=\??\C:\WINDOWS\system32\winlogon.exe
+920=C:\WINDOWS\system32\services.exe
+932=C:\WINDOWS\system32\lsass.exe
+1104=C:\WINDOWS\system32\svchost.exe
+1432=C:\WINDOWS\System32\svchost.exe
+1456=C:\Program Files\Ahead\InCD\InCDsrv.exe
+1772=C:\WINDOWS\System32\svchost.exe
+1812=C:\WINDOWS\System32\svchost.exe
+1972=C:\WINDOWS\system32\spoolsv.exe
+408=C:\WINDOWS\Explorer.EXE
+1720=C:\WINDOWS\System32\CTHELPER.EXE
+1172=C:\Program Files\QuickTime\qttask.exe
+1192=C:\Program Files\Common Files\Real\Update_OB\realsched.exe
+1204=C:\Program Files\Microsoft IntelliType Pro\type32.exe
+1220=C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
+1228=C:\Program Files\Ahead\InCD\InCD.exe
+1316=C:\Program Files\MSN Apps\Updater\01.02.3000.1001\he-il\msnappau.exe
+1372=C:\WINDOWS\System32\alg.exe
+1384=C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspnet_admin.exe
+1412=C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
+1468=C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
+1608=C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
+1668=C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
+1008=C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
+1792=C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
+1780=C:\Program Files\Network Associates\VirusScan\Mcshield.exe
+1876=C:\WINDOWS\System32\RUNDLL32.EXE
+248=C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
+432=C:\Program Files\Desktop Sidebar\dsidebar.exe
+520=C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
+536=C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
+752=C:\WINDOWS\System32\nvsvc32.exe
+1476=C:\WINDOWS\System32\PLServ.exe
+1592=C:\PROGRA~1\ICQ\ICQ.exe
+552=C:\Program Files\WallpaperToy\Wallpapertoy.Exe
+768=C:\WINDOWS\System32\svchost.exe
+128=C:\WINDOWS\System32\wdfmgr.exe
+2876=C:\WINDOWS\System32\wuauclt.exe
+3516=C:\Program Files\Internet Explorer\iexplore.exe
+3812=C:\Program Files\MSN Messenger\msnmsgr.exe
+2160=C:\Program Files\FlashFXP\FlashFXP.exe
+3368=C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
+2228=C:\Program Files\StartDreck\StartDreck.exe
»VMM32Files (LM)
»%System%\VMM32
»%System%\IOSUBSYS
»Application specific
»MS Office 97/8.0 STARTUP-PATH
»Current User
»Default User
»Local Machine
»ICQ NetDetect
»Current User
»Default User
Omerr is offline