home *** CD-ROM | disk | FTP | other *** search

---

/ PC World 2008 March / PCWorld_2008-03_cd.bin / komercni software / miton / spysweeper50setup.exe / {app} / SpySweeperUI.exe / 1033 / FILE / SPYREPORT

Wrap

Text File  |  2006-08-03  |  15KB  |  300 lines

---

1. # Spy Sweeper 4.x INI file
2.  
3. ###### RUNNING PROCESSES ######
4. [Misc]
5. DumpProcesses = 1
6. #Only use this one if you want to dump all .dll's running.
7. Full_DLL_Dump = 1
8.  
9.  
10. ###### STARTUP METHODS ######
11. [RunKeys]
12. section=Run
13.  
14. [Run-HKCU]
15. KeyRoot=1
16. Key=Software\Microsoft\Windows\CurrentVersion\Run
17. default_value=ctfmon.exe||mobsync.exe /logon||KernelFaultCheck||ScanRegistry||SystemTray||TaskMonitor||LoadPowerProfile||PCHealth||Synchronization Manager
18. [Run-HKLM]
19. KeyRoot=2
20. Key=Software\Microsoft\Windows\CurrentVersion\Run
21. default_value=ctfmon.exe||mobsync.exe /logon||KernelFaultCheck||ScanRegistry||SystemTray||TaskMonitor||LoadPowerProfile||PCHealth||Synchronization Manager
22.  
23. [RunOnce-HKCU]
24. KeyRoot=1
25. Key=Software\Microsoft\Windows\CurrentVersion\RunOnce
26. [RunOnce-HKLM]
27. KeyRoot=2
28. Key=Software\Microsoft\Windows\CurrentVersion\RunOnce
29.  
30. [RunServices-HKCU]
31. keyroot=1
32. key=Software\Microsoft\Windows\CurrentVersion\RunServices
33. default_value=LoadPowerProfile||SchedulingAgent||*StateMgr
34. [RunServices-HKLM]
35. keyroot=2
36. key=Software\Microsoft\Windows\CurrentVersion\RunServices
37. default_value=LoadPowerProfile||SchedulingAgent||*StateMgr
38.  
39. [RunServicesOnce-HKCU]
40. keyroot=1
41. key=Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
42. [RunServicesOnce-HKLM]
43. keyroot=2
44. key=Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
45.  
46. [Load-HKCU]
47. keyroot=1
48. key=Software\Microsoft\Windows NT\CurrentVersion\Windows\load
49. [Load-HKLM]
50. keyroot=2
51. key=Software\Microsoft\Windows NT\CurrentVersion\Windows\load
52.  
53. [WinLogon-HKCU]
54. section=WinLogon
55. keyroot=1
56. key=Software\Microsoft\Windows NT\CurrentVersion\WinLogon
57. value=userinit||shell
58. default_data=explorer.exe||C:\WINDOWS\system32\userinit.exe,||C:\WINNT\system32\userinit.exe,
59. [WinLogon-HKLM]
60. keyroot=2
61. key=Software\Microsoft\Windows NT\CurrentVersion\WinLogon
62. value=userinit||shell
63. default_data=explorer.exe||C:\WINDOWS\system32\userinit.exe,||C:\WINNT\system32\userinit.exe,
64.  
65. [AppInit_DLLs-HKCU]
66. section=AppInit_DLLs
67. keyroot=1
68. key=Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs
69. [AppInit_DLLs-HKLM]
70. keyroot=2
71. key=Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs
72.  
73. [ShellServiceObjectDelayLoad]
74. keyroot=2
75. key=Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
76. guid_type=2
77. default_data={fbeb8a05-beee-4442-804e-409d6c4515e9}||{7849596a-48ea-486e-8937-a2a3009f31a9}||{E6FB5E20-DE35-11CF-9C87-00AA005127ED}||{35CEC8A3-2BE6-11D2-8773-92E220524153}||{7007ACCF-3202-11D1-AAD2-00805FC1270E}||{BCBCD383-3E06-11D3-91A9-00C04F68105C}
78.  
79. [Services]
80. section=Windows Services
81. keyroot=2
82. key=SYSTEM\CurrentControlSet\Services
83. value=DisplayName||ImagePath
84. Service_Type=1||2||64
85. default_key=xmlprov||WZCSVC||wscsvc||WmiApSrv||Wmi||WmdmPmSN||winmgmt||WebClient||w32time||VSS||UPS||upnphost||UMWdf||TrkWks||TlntSvr||Themes||TermService||TapiSrv||SysmonLog||SwPrv||stisvc||SSDPSRV||srservice||Spooler||ShellHWDetection||SharedAccess||SENS||seclogon||Schedule||SCardSvr||SamSs||RSVP||RpcSs||RpcLocator||wuauserv||RemoteRegistry||RemoteAccess||RDSessMgr||RasMan||RasAuto||ProtectedStorage||PolicyAgent||PlugPlay||NtmsSvc||NtLmSsp||Nla||Netman||Netlogon||NetDDEdsdm||NetDDE||MSIServer||MSDTC||mnmsrvc||Messenger||LmHosts||lanmanworkstation||lanmanserver||ImapiService||HTTPFilter||HidServ||helpsvc||FastUserSwitchingCompatibility||EventSystem||Eventlog||ERSvc||Dnscache||dmserver||dmadmin||Dhcp||DcomLaunch||CryptSvc||COMSysApp||ClipSrv||CiSvc||Browser||BITS||AudioSrv||aspnet_state||AppMgmt||ALG||Alerter||UtilMan||ScardDrv||Fax||MSFtpsvc||IISADMIN||uploadmgr||W3SVC
86.  
87. ##### INTERNET EXPLOREER SEARCH SETTINGS #####
88. [Internet Explorer Search Settings]
89. section=Internet Explorer Search Settings
90.  
91. [Internet Explorer Search VALUES-HKCU]
92. keyroot=1
93. key=Software\Microsoft\Internet Explorer
94. value=CustomizeSearch||Default_Page_URL||Default_Search_URL||Search Bar||Search Page||SearchAssistant||SearchURL||Start Page
95. default_data=%SystemRoot%\system32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm||http://ie.search.msn.com/*||http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome||C:\WINDOWS\System32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home||C:\WINNT\system32\blank.htm||C:\WINDOWS\SYSTEM\blank.htm||http://www.msn.com
96. [Internet Explorer Search VALUES-HKLM]
97. keyroot=2
98. key=Software\Microsoft\Internet Explorer
99. value=CustomizeSearch||Default_Page_URL||Default_Search_URL||Search Bar||Search Page||SearchAssistant||SearchURL||Start Page
100. default_data=%SystemRoot%\system32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm||http://ie.search.msn.com/*||http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome||C:\WINDOWS\System32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home||C:\WINNT\system32\blank.htm||C:\WINDOWS\SYSTEM\blank.htm||http://www.msn.com
101.  
102. [Search-HKCU]
103. keyroot=1
104. key=Software\Microsoft\Internet Explorer\Search
105. default_data=%SystemRoot%\system32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm||http://ie.search.msn.com/*||http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome||C:\WINDOWS\System32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home||C:\WINNT\system32\blank.htm||C:\WINDOWS\SYSTEM\blank.htm||http://www.msn.com
106. [Search-HKLM]
107. keyroot=2
108. key=Software\Microsoft\Internet Explorer\Search
109. default_data=%SystemRoot%\system32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm||http://ie.search.msn.com/*||http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome||C:\WINDOWS\System32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home||C:\WINNT\system32\blank.htm||C:\WINDOWS\SYSTEM\blank.htm||http://www.msn.com
110.  
111. [Main]
112. keyroot=1
113. key=Software\Microsoft\Internet Explorer\Main
114. value=CustomizeSearch||Default_Page_URL||Default_Search_URL||First Home Page||HomeOldSP||Local Page||Search Bar||Search Page||Search Page||SearchAssistant||SearchURL||Start Page||Start Page_bak||Startpagina||Window Title||YAHOOSubst
115. default_data=%SystemRoot%\system32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm||http://ie.search.msn.com/*||http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome||C:\WINDOWS\System32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home||C:\WINNT\system32\blank.htm||C:\WINDOWS\SYSTEM\blank.htm||http://www.msn.com
116. [Internet Explorer\Main - HKLM]
117. keyroot=2
118. key=Software\Microsoft\Internet Explorer\Main
119. value=CustomizeSearch||Default_Page_URL||Default_Search_URL||First Home Page||HomeOldSP||Local Page||Search Bar||Search Page||Search Page||SearchAssistant||SearchURL||Start Page||Start Page_bak||Startpagina||Window Title||YAHOOSubst
120. default_data=%SystemRoot%\system32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm||http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm||http://ie.search.msn.com/*||http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome||C:\WINDOWS\System32\blank.htm||http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home||C:\WINNT\system32\blank.htm||C:\WINDOWS\SYSTEM\blank.htm||http://www.msn.com
121.  
122. [URLSearchHooks-HKCU]
123. section=URLSearchHooks
124. keyroot=1
125. key=Software\Microsoft\Internet Explorer\URLSearchHooks
126. default_value={CFBFAE00-17A6-11D0-99CB-00C04FD64497}
127. guid_type=3
128. [URLSearchHooks-HKLM]
129. keyroot=2
130. key=Software\Microsoft\Internet Explorer\URLSearchHooks
131. default_value={CFBFAE00-17A6-11D0-99CB-00C04FD64497}
132. guid_type=3
133.  
134. [URL Prefixes]
135. Section=URL Prefixes
136. keyroot=1
137. key=Software\Microsoft\Windows\CurrentVersion\URL
138. dumpsubkeys=1
139. default_data=gopher://||ftp://||http://
140. [URL Prefixes - HKLM]
141. keyroot=2
142. key=Software\Microsoft\Windows\CurrentVersion\URL
143. dumpsubkeys=1
144. default_data=gopher://||ftp://||http://
145.  
146. [Internet Explorer Security Zones]
147. section=Internet Explorer Security Zones [2=Trusted, 4=Restricted]
148. keyroot=1
149. key=Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains
150. dumpsubkeys=1
151. value=*
152. [Internet Explorer Security Zones - HKLM]
153. keyroot=2
154. key=Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains
155. dumpsubkeys=1
156. value=*
157.  
158. ##### INTERNET EXPLORER RELATED ######
159. [Browser Helper Objects]
160. Section=Browser Helper Objects
161. keyroot=1
162. key=Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
163. guid_type=1
164. [Browser Helper Objects-HKLM]
165. keyroot=2
166. key=Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
167. guid_type=1
168.  
169. [Toolbar-HKCU]
170. section=Internet Explorer Toolbars
171. keyroot=1
172. key=Software\Microsoft\Internet Explorer\Toolbar
173. dumpsubkeys=1
174. guid_type=3
175. default_value={8E718888-423F-11D2-876E-00A0C9082467}||{01E04581-4EEE-11D0-BFE9-00AA005B4383}||{0E5CBF21-D15F-11D0-8301-00AA005B4383}
176. [Toolbar-HKLM]
177. keyroot=2
178. key=Software\Microsoft\Internet Explorer\Toolbar
179. dumpsubkeys=1
180. guid_type=3
181. default_value={8E718888-423F-11D2-876E-00A0C9082467}||{01E04581-4EEE-11D0-BFE9-00AA005B4383}||{0E5CBF21-D15F-11D0-8301-00AA005B4383}
182.  
183. [Extensions-HKCU]
184. section=Internet Explorer Extensions
185. keyroot=1
186. key=Software\Microsoft\Internet Explorer\Extensions\CmdMapping
187. default_value={08B0E5C0-4FCB-11CF-AAA5-00401C608501}
188. guid_type=3
189. [Extentions-HKLM]
190. keyroot=2
191. key=Software\Microsoft\Internet Explorer\Extensions
192. default_data={E0DD6CAB-2D10-11D2-8F1A-0000F87ABD16}
193. dumpsubkeys=1
194. guid_type=2
195.  
196. [Internet Explorer Context Menu Extentions-HKCU]
197. section=Internet Explorer Context Menu
198. keyroot=1
199. key=Software\Microsoft\Internet Explorer\MenuExt
200. dumpsubkeys=1
201. default_value=contexts
202. [Internet Explorer Context Menu Extentions-HKLM]
203. keyroot=2
204. key=Software\Microsoft\Internet Explorer\MenuExt
205. dumpsubkeys=1
206. default_value=contexts
207.  
208. [Internet Explorer\Styles]
209. section=Internet Explorer Styles
210. keyroot=2
211. key=Software\Microsoft\Internet Explorer\Styles
212. default_value=Count_Style_Sheets
213.  
214. [Internet Explorer Explorer Settings]
215. section=General Internet Explorer Settings
216. keyroot=1
217. key=Software\Microsoft\Windows\CurrentVersion\Internet Settings
218. value=ProxyOverride||ProxyServer
219. [Internet Explorer Explorer Settings - HKLM]
220. keyroot=2
221. key=Software\Microsoft\Windows\CurrentVersion\Internet Settings
222. value=ProxyOverride||ProxyServer
223.  
224. [Downloaded Program Files-HKCU]
225. section=Downloaded Program Files
226. keyroot=1
227. key=Software\Microsoft\Code Store Database\Distribution Units
228. guid_type=1
229. [Downloaded Program Files-HKLM]
230. keyroot=2
231. key=Software\Microsoft\Code Store Database\Distribution Units
232. guid_type=1
233.  
234.  
235. [Downloaded Program Files-HKCU CODEBASE]
236. section=Downloaded Program Files - CODEBASE
237. keyroot=1
238. key=Software\Microsoft\Code Store Database\Distribution Units
239. default_value=installer||systemcomponent||lastmodified||""||C:\WINNT\system32\mfc42.dll||C:\WINDOWS\system32\mfc42.dll||C:\WINNT\system32\msvcrt.dll||C:\WINDOWS\system32\msvcrt.dll||C:\WINNT\system32\msvcrt.dll||C:\WINDOWS\system32\msvcrt.dll
240. dumpsubkeys=1
241. [Downloaded Program Files-HKLM CODEBASE]
242. keyroot=2
243. key=Software\Microsoft\Code Store Database\Distribution Units
244. default_value=installer||systemcomponent||lastmodified||""
245. dumpsubkeys=1
246.  
247. ##### NETWORK RELATED ######
248. [Protocols\Filter]
249. Section=Protocol Filters
250. keyroot=0
251. key=PROTOCOLS\Filter
252. dumpsubkeys=1
253. guid_type=2
254. default_data={1E66F26B-79EE-11D2-8710-00C04F79ED0D}||{32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}||{8f6b0360-b80d-11d0-a9b3-006097942311}||{733AC4CB-F1A4-11d0-B951-00A0C90312E1}
255.  
256. [Protocols\Handler - HKCR]
257. section=Protocol Handlers
258. keyroot=0
259. key=PROTOCOLS\Handler
260. dumpsubkeys=1
261. guid_type=2
262. default_data={3050F406-98B5-11CF-BB82-00AA00BDCE0B}||{3dd53d40-7b8b-11D0-b013-00aa0059ce02}||{12D51199-0DB5-46FE-A120-47A3D7D937CC}||{79eac9e7-baf9-11ce-8c82-00aa004ba90b}||{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}||{79eac9e5-baf9-11ce-8c82-00aa004ba90b}||{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}||{9D148291-B9C8-11D0-A4CC-0000F80149F6}||{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}||{79eac9e7-baf9-11ce-8c82-00aa004ba90b}||{3050f3DA-98B5-11CF-BB82-00AA00BDCE0B}||{05300401-BCBC-11d0-85E3-00C04FD85AB4}||{79eac9e6-baf9-11ce-8c82-00aa004ba90b}||{9D148291-B9C8-11D0-A4CC-0000F80149F6}||{0A9007C0-4076-11D3-8789-0000F8105754}||{E1D2BF42-A96B-11d1-9C6B-0000F875AC61}||{3D9F03FA-7A94-11D3-BE81-0050048385D1}||{32505114-5902-49B2-880A-1F7738E5A384}||{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}||{76E67A63-06E9-11D2-A840-006008059382}||{CBD30858-AF45-11D2-B6D6-00C04FBBDE6E}||{3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}||{13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE}||{79eac9e3-baf9-11ce-8c82-00aa004ba90b}||{E1D2BF40-A96B-11d1-9C6B-0000F875AC61}||{79eac9e4-baf9-11ce-8c82-00aa004ba90b}||{79eac9e2-baf9-11ce-8c82-00aa004ba90b}||{807553E5-5146-11D5-A672-00B0D022E945}||{3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020}
263.  
264. [LSP]
265. Section=Winsock LSP's
266. KeyRoot=2
267. Key=System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries
268. value=LibraryPath
269. DumpSubKeys=1
270. DumpSubKeyValues=1
271. default_data=%SystemRoot%\System32\mswsock.dll||%SystemRoot%\System32\winrnr.dll||%SystemRoot%\System32\mswsock.dll||%SystemRoot%\System32\rnr20.dll||C:\WINDOWS\SYSTEM\rnr20.dll
272.  
273. ##### SYSTEM RELATED ######
274. ### At this point in time, not enough hijackers modify these entries, however, leaving the configs avaiable for the future.
275.  
276. #[Internet Explorer Restrictions]
277. #section=Internet Explorer Restrictions
278. #keyroot=1
279. #key=Software\Policies\Microsoft\Internet Explorer\Restrictions            
280. #[Internet Explorer Restrictions - HKLM]
281. #section=Internet Explorer Restrictions
282. #keyroot=2
283. #key=Software\Policies\Microsoft\Internet Explorer\Restrictions            
284.  
285. #[Internet Explorer Toolbar Restrictions]
286. #section=IE Toolbar Restrictions
287. #keyroot=1
288. #key=Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions
289. #[Internet Explorer Toolbar Restrictions - HKLM]
290. #section=IE Toolbar Restrictions
291. #keyroot=2
292. #key=Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions
293.  
294. #[Regedit Disabled]
295. #section=Regedit Disabled
296. #keyroot=1
297. #key=Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools
298. #[Regedit Disabled - HKLM]
299. #keyroot=2
300. #key=Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools