Chip 2007 January, February, March & April

home *** CD-ROM | disk | FTP | other *** search

/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / AntySpyware / Spy Sweeper Free / ssftrialsnrsetup1_1894289931.exe / {app} / SpySweeperUI.exe / 1033 / FILE / SPYREPORT

Wrap

Text File | 2006-10-20 | 14.8 KB | 300 lines

# Spy Sweeper 4.x INI file ###### RUNNING PROCESSES ###### [Misc] DumpProcesses = 1 #Only use this one if you want to dump all .dll's running. Full_DLL_Dump = 1 ###### STARTUP METHODS ###### [RunKeys] section=Run [Run-HKCU] KeyRoot=1 Key=Software\Microsoft\Windows\CurrentVersion\Run default_value=ctfmon.exe||mobsync.exe /logon||KernelFaultCheck||ScanRegistry||SystemTray||TaskMonitor||LoadPowerProfile||PCHealth||Synchronization Manager [Run-HKLM] KeyRoot=2 Key=Software\Microsoft\Windows\CurrentVersion\Run default_value=ctfmon.exe||mobsync.exe /logon||KernelFaultCheck||ScanRegistry||SystemTray||TaskMonitor||LoadPowerProfile||PCHealth||Synchronization Manager [RunOnce-HKCU] KeyRoot=1 Key=Software\Microsoft\Windows\CurrentVersion\RunOnce [RunOnce-HKLM] KeyRoot=2 Key=Software\Microsoft\Windows\CurrentVersion\RunOnce [RunServices-HKCU] keyroot=1 key=Software\Microsoft\Windows\CurrentVersion\RunServices default_value=LoadPowerProfile||SchedulingAgent||*StateMgr [RunServices-HKLM] keyroot=2 key=Software\Microsoft\Windows\CurrentVersion\RunServices default_value=LoadPowerProfile||SchedulingAgent||*StateMgr [RunServicesOnce-HKCU] keyroot=1 key=Software\Microsoft\Windows\CurrentVersion\RunServicesOnce [RunServicesOnce-HKLM] keyroot=2 key=Software\Microsoft\Windows\CurrentVersion\RunServicesOnce [Load-HKCU] keyroot=1 key=Software\Microsoft\Windows NT\CurrentVersion\Windows\load [Load-HKLM] keyroot=2 key=Software\Microsoft\Windows NT\CurrentVersion\Windows\load [WinLogon-HKCU] section=WinLogon keyroot=1 key=Software\Microsoft\Windows NT\CurrentVersion\WinLogon value=userinit||shell default_data=explorer.exe||C:\WINDOWS\system32\userinit.exe,||C:\WINNT\system32\userinit.exe, [WinLogon-HKLM] keyroot=2 key=Software\Microsoft\Windows NT\CurrentVersion\WinLogon value=userinit||shell default_data=explorer.exe||C:\WINDOWS\system32\userinit.exe,||C:\WINNT\system32\userinit.exe, [AppInit_DLLs-HKCU] section=AppInit_DLLs keyroot=1 key=Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs [AppInit_DLLs-HKLM] keyroot=2 key=Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs [ShellServiceObjectDelayLoad] keyroot=2 key=Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad guid_type=2 default_data={fbeb8a05-beee-4442-804e-409d6c4515e9}||{7849596a-48ea-486e-8937-a2a3009f31a9}||{E6FB5E20-DE35-11CF-9C87-00AA005127ED}||{35CEC8A3-2BE6-11D2-8773-92E220524153}||{7007ACCF-3202-11D1-AAD2-00805FC1270E}||{BCBCD383-3E06-11D3-91A9-00C04F68105C} [Services] section=Windows Services keyroot=2 key=SYSTEM\CurrentControlSet\Services value=DisplayName||ImagePath Service_Type=1||2||64 default_key=xmlprov||WZCSVC||wscsvc||WmiApSrv||Wmi||WmdmPmSN||winmgmt||WebClient||w32time||VSS||UPS||upnphost||UMWdf||TrkWks||TlntSvr||Themes||TermService||TapiSrv||SysmonLog||SwPrv||stisvc||SSDPSRV||srservice||Spooler||ShellHWDetection||SharedAccess||SENS||seclogon||Schedule||SCardSvr||SamSs||RSVP||RpcSs||RpcLocator||wuauserv||RemoteRegistry||RemoteAccess||RDSessMgr||RasMan||RasAuto||ProtectedStorage||PolicyAgent||PlugPlay||NtmsSvc||NtLmSsp||Nla||Netman||Netlogon||NetDDEdsdm||NetDDE||MSIServer||MSDTC||mnmsrvc||Messenger||LmHosts||lanmanworkstation||lanmanserver||ImapiService||HTTPFilter||HidServ||helpsvc||FastUserSwitchingCompatibility||EventSystem||Eventlog||ERSvc||Dnscache||dmserver||dmadmin||Dhcp||DcomLaunch||CryptSvc||COMSysApp||ClipSrv||CiSvc||Browser||BITS||AudioSrv||aspnet_state||AppMgmt||ALG||Alerter||UtilMan||ScardDrv||Fax||MSFtpsvc||IISADMIN||uploadmgr||W3SVC ##### INTERNET EXPLOREER SEARCH SETTINGS ##### [Internet Explorer Search Settings] section=Internet Explorer Search Settings [Internet Explorer Search VALUES-HKCU] keyroot=1 key=Software\Microsoft\Internet Explorer value=CustomizeSearch||Default_Page_URL||Default_Search_URL||Search Bar||Search Page||SearchAssistant||SearchURL||Start Page default_data=%SystemRoot%\system32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm||http://ie.search.msn.com/*||http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome||C:\WINDOWS\System32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home||C:\WINNT\system32\blank.htm||C:\WINDOWS\SYSTEM\blank.htm||http://www.msn.com [Internet Explorer Search VALUES-HKLM] keyroot=2 key=Software\Microsoft\Internet Explorer value=CustomizeSearch||Default_Page_URL||Default_Search_URL||Search Bar||Search Page||SearchAssistant||SearchURL||Start Page default_data=%SystemRoot%\system32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm||http://ie.search.msn.com/*||http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome||C:\WINDOWS\System32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home||C:\WINNT\system32\blank.htm||C:\WINDOWS\SYSTEM\blank.htm||http://www.msn.com [Search-HKCU] keyroot=1 key=Software\Microsoft\Internet Explorer\Search default_data=%SystemRoot%\system32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm||http://ie.search.msn.com/*||http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome||C:\WINDOWS\System32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home||C:\WINNT\system32\blank.htm||C:\WINDOWS\SYSTEM\blank.htm||http://www.msn.com [Search-HKLM] keyroot=2 key=Software\Microsoft\Internet Explorer\Search default_data=%SystemRoot%\system32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm||http://ie.search.msn.com/*||http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome||C:\WINDOWS\System32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home||C:\WINNT\system32\blank.htm||C:\WINDOWS\SYSTEM\blank.htm||http://www.msn.com [Main] keyroot=1 key=Software\Microsoft\Internet Explorer\Main value=CustomizeSearch||Default_Page_URL||Default_Search_URL||First Home Page||HomeOldSP||Local Page||Search Bar||Search Page||Search Page||SearchAssistant||SearchURL||Start Page||Start Page_bak||Startpagina||Window Title||YAHOOSubst default_data=%SystemRoot%\system32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm||http://ie.search.msn.com/*||http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome||C:\WINDOWS\System32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home||C:\WINNT\system32\blank.htm||C:\WINDOWS\SYSTEM\blank.htm||http://www.msn.com [Internet Explorer\Main - HKLM] keyroot=2 key=Software\Microsoft\Internet Explorer\Main value=CustomizeSearch||Default_Page_URL||Default_Search_URL||First Home Page||HomeOldSP||Local Page||Search Bar||Search Page||Search Page||SearchAssistant||SearchURL||Start Page||Start Page_bak||Startpagina||Window Title||YAHOOSubst default_data=%SystemRoot%\system32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm||http://ie.search.msn.com/*||http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome||C:\WINDOWS\System32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home||C:\WINNT\system32\blank.htm||C:\WINDOWS\SYSTEM\blank.htm||http://www.msn.com [URLSearchHooks-HKCU] section=URLSearchHooks keyroot=1 key=Software\Microsoft\Internet Explorer\URLSearchHooks default_value={CFBFAE00-17A6-11D0-99CB-00C04FD64497} guid_type=3 [URLSearchHooks-HKLM] keyroot=2 key=Software\Microsoft\Internet Explorer\URLSearchHooks default_value={CFBFAE00-17A6-11D0-99CB-00C04FD64497} guid_type=3 [URL Prefixes] Section=URL Prefixes keyroot=1 key=Software\Microsoft\Windows\CurrentVersion\URL dumpsubkeys=1 default_data=gopher://||ftp://||http:// [URL Prefixes - HKLM] keyroot=2 key=Software\Microsoft\Windows\CurrentVersion\URL dumpsubkeys=1 default_data=gopher://||ftp://||http:// [Internet Explorer Security Zones] section=Internet Explorer Security Zones [2=Trusted, 4=Restricted] keyroot=1 key=Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains dumpsubkeys=1 value=* [Internet Explorer Security Zones - HKLM] keyroot=2 key=Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains dumpsubkeys=1 value=* ##### INTERNET EXPLORER RELATED ###### [Browser Helper Objects] Section=Browser Helper Objects keyroot=1 key=Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects guid_type=1 [Browser Helper Objects-HKLM] keyroot=2 key=Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects guid_type=1 [Toolbar-HKCU] section=Internet Explorer Toolbars keyroot=1 key=Software\Microsoft\Internet Explorer\Toolbar dumpsubkeys=1 guid_type=3 default_value={8E718888-423F-11D2-876E-00A0C9082467}||{01E04581-4EEE-11D0-BFE9-00AA005B4383}||{0E5CBF21-D15F-11D0-8301-00AA005B4383} [Toolbar-HKLM] keyroot=2 key=Software\Microsoft\Internet Explorer\Toolbar dumpsubkeys=1 guid_type=3 default_value={8E718888-423F-11D2-876E-00A0C9082467}||{01E04581-4EEE-11D0-BFE9-00AA005B4383}||{0E5CBF21-D15F-11D0-8301-00AA005B4383} [Extensions-HKCU] section=Internet Explorer Extensions keyroot=1 key=Software\Microsoft\Internet Explorer\Extensions\CmdMapping default_value={08B0E5C0-4FCB-11CF-AAA5-00401C608501} guid_type=3 [Extentions-HKLM] keyroot=2 key=Software\Microsoft\Internet Explorer\Extensions default_data={E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16} dumpsubkeys=1 guid_type=2 [Internet Explorer Context Menu Extentions-HKCU] section=Internet Explorer Context Menu keyroot=1 key=Software\Microsoft\Internet Explorer\MenuExt dumpsubkeys=1 default_value=contexts [Internet Explorer Context Menu Extentions-HKLM] keyroot=2 key=Software\Microsoft\Internet Explorer\MenuExt dumpsubkeys=1 default_value=contexts [Internet Explorer\Styles] section=Internet Explorer Styles keyroot=2 key=Software\Microsoft\Internet Explorer\Styles default_value=Count_Style_Sheets [Internet Explorer Explorer Settings] section=General Internet Explorer Settings keyroot=1 key=Software\Microsoft\Windows\CurrentVersion\Internet Settings value=ProxyOverride||ProxyServer [Internet Explorer Explorer Settings - HKLM] keyroot=2 key=Software\Microsoft\Windows\CurrentVersion\Internet Settings value=ProxyOverride||ProxyServer [Downloaded Program Files-HKCU] section=Downloaded Program Files keyroot=1 key=Software\Microsoft\Code Store Database\Distribution Units guid_type=1 [Downloaded Program Files-HKLM] keyroot=2 key=Software\Microsoft\Code Store Database\Distribution Units guid_type=1 [Downloaded Program Files-HKCU CODEBASE] section=Downloaded Program Files - CODEBASE keyroot=1 key=Software\Microsoft\Code Store Database\Distribution Units default_value=installer||systemcomponent||lastmodified||""||C:\WINNT\system32\mfc42.dll||C:\WINDOWS\system32\mfc42.dll||C:\WINNT\system32\msvcrt.dll||C:\WINDOWS\system32\msvcrt.dll||C:\WINNT\system32\msvcrt.dll||C:\WINDOWS\system32\msvcrt.dll dumpsubkeys=1 [Downloaded Program Files-HKLM CODEBASE] keyroot=2 key=Software\Microsoft\Code Store Database\Distribution Units default_value=installer||systemcomponent||lastmodified||"" dumpsubkeys=1 ##### NETWORK RELATED ###### [Protocols\Filter] Section=Protocol Filters keyroot=0 key=PROTOCOLS\Filter dumpsubkeys=1 guid_type=2 default_data={1E66F26B-79EE-11D2-8710-00C04F79ED0D}||{32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}||{8f6b0360-b80d-11d0-a9b3-006097942311}||{733AC4CB-F1A4-11d0-B951-00A0C90312E1} [Protocols\Handler - HKCR] section=Protocol Handlers keyroot=0 key=PROTOCOLS\Handler dumpsubkeys=1 guid_type=2 default_data={3050F406-98B5-11CF-BB82-00AA00BDCE0B}||{3dd53d40-7b8b-11D0-b013-00aa0059ce02}||{12D51199-0DB5-46FE-A120-47A3D7D937CC}||{79eac9e7-baf9-11ce-8c82-00aa004ba90b}||{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}||{79eac9e5-baf9-11ce-8c82-00aa004ba90b}||{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}||{9D148291-B9C8-11D0-A4CC-0000F80149F6}||{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}||{79eac9e7-baf9-11ce-8c82-00aa004ba90b}||{3050f3DA-98B5-11CF-BB82-00AA00BDCE0B}||{05300401-BCBC-11d0-85E3-00C04FD85AB4}||{79eac9e6-baf9-11ce-8c82-00aa004ba90b}||{9D148291-B9C8-11D0-A4CC-0000F80149F6}||{0A9007C0-4076-11D3-8789-0000F8105754}||{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}||{3D9F03FA-7A94-11D3-BE81-0050048385D1}||{32505114-5902-49B2-880A-1F7738E5A384}||{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}||{76E67A63-06E9-11D2-A840-006008059382}||{CBD30858-AF45-11D2-B6D6-00C04FBBDE6E}||{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}||{13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE}||{79eac9e3-baf9-11ce-8c82-00aa004ba90b}||{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}||{79eac9e4-baf9-11ce-8c82-00aa004ba90b}||{79eac9e2-baf9-11ce-8c82-00aa004ba90b}||{807553E5-5146-11D5-A672-00B0D022E945}||{3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} [LSP] Section=Winsock LSP's KeyRoot=2 Key=System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries value=LibraryPath DumpSubKeys=1 DumpSubKeyValues=1 default_data=%SystemRoot%\System32\mswsock.dll||%SystemRoot%\System32\winrnr.dll||%SystemRoot%\System32\mswsock.dll||%SystemRoot%\System32\rnr20.dll||C:\WINDOWS\SYSTEM\rnr20.dll ##### SYSTEM RELATED ###### ### At this point in time, not enough hijackers modify these entries, however, leaving the configs avaiable for the future. #[Internet Explorer Restrictions] #section=Internet Explorer Restrictions #keyroot=1 #key=Software\Policies\Microsoft\Internet Explorer\Restrictions #[Internet Explorer Restrictions - HKLM] #section=Internet Explorer Restrictions #keyroot=2 #key=Software\Policies\Microsoft\Internet Explorer\Restrictions #[Internet Explorer Toolbar Restrictions] #section=IE Toolbar Restrictions #keyroot=1 #key=Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions #[Internet Explorer Toolbar Restrictions - HKLM] #section=IE Toolbar Restrictions #keyroot=2 #key=Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions #[Regedit Disabled] #section=Regedit Disabled #keyroot=1 #key=Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools #[Regedit Disabled - HKLM] #keyroot=2 #key=Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools