smb_suspicious_files.nasl

漏洞扫描源码,可以扫描linux,windows,交换机路由器

NAME=Sexxxpassport.com browser plugin
URL=http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453079935
KEY=CLSID\{11904CE8-632A-4856-A7CC-00B33FE71BD8}\InprocServer32
ITEM=
EXP=Spp3.dll
NAME=SearchSquire
URL=http://www.doxdesk.com/parasite/SearchSquire.html 
KEY=CLSID\{11990E9F-2A4D-11D6-9507-02608CDD2842}\InprocServer32
ITEM=
EXP=SearchSquire.dll
NAME=CoolWebSearch parasite variant
URL=http://www.richardthelionhearted.com/~merijn/cwschronicles.html#
KEY=CLSID\{12D02C08-218F-4A11-BDE1-6611ADB7B81F}\InprocServer32
ITEM=
EXP=sys32_app.dll
NAME=Winpage Blocker
URL=http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453079932
KEY=CLSID\{12DF6E3E-6272-4AE8-880B-2158D60791C0}\InprocServer32
ITEM=
EXP=WinPage.dll
NAME=BrowserAid/Startium variant
URL=http://www.doxdesk.com/parasite/BrowserAid.html
KEY=CLSID\{12EE7A5E-0674-42f9-A76A-000000004D00}\InprocServer32
ITEM=
EXP=stlb2.dll
NAME=ActiveSearch/411Ferret
URL=http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453088053
KEY=CLSID\{12F02779-6D88-4958-8AD3-83C12D86ADC7}\InprocServer32
ITEM=
EXP=toolbar.dll
NAME=SuperBar
URL=http://www.doxdesk.com/parasite/SuperBar.html
KEY=CLSID\{136A9D1D-1F4B-43D4-8359-6F2382449255}\InprocServer32
ITEM=
EXP=Superbar.dll
NAME=FavoriteMan
URL=http://www.doxdesk.com/parasite/FavoriteMan.html
KEY=CLSID\{139D88E5-C372-469D-B4C5-1FE00852AB9B}\InprocServer32
ITEM=
EXP=ofrg.dll
NAME=p0rn related
URL=
KEY=CLSID\{13F90341-AD79-4A9F-9B57-0234675670D6}\InprocServer32
ITEM=
EXP=Ipsysdrv32.dll
NAME=StickyPops.com adware
URL=
KEY=CLSID\{1433F750-E53F-11D8-9669-0800200C9A66}\InprocServer32
ITEM=
EXP=STRAd32.dll
NAME=ShopNavSearch/Srng
URL=http://www.doxdesk.com/parasite/Srng.html 
KEY=CLSID\{14B3D246-6274-40B5-8D50-6C2ADE2AB29B}\InprocServer32
ITEM=
EXP=Snhelper.dll
NAME=CoolWebSearch parasite variant
URL=http://www.richardthelionhearted.com/~merijn/cwschronicles.html#
KEY=CLSID\{150FA160-130D-451F-B863-B655061432BA}\InprocServer32
ITEM=
EXP=mgs_32.dll
NAME=ClientMan
URL=http://www.doxdesk.com/parasite/ClientMan.html
KEY=CLSID\{166348F1-2C41-4C9F-86BB-EB2B8ADE030C}\InprocServer32
ITEM=
EXP=msvrfy
NAME=Comet Cursor
URL=http://www.doxdesk.com/parasite/CometCursor.html
KEY=CLSID\{1678F7E1-C422-11D0-AD7D-00400515CAAA}\InprocServer32
ITEM=
EXP=comet.dll
NAME=CoolWebSearch parasite variant
URL=http://www.richardthelionhearted.com/~merijn/cwschronicles.html#
KEY=CLSID\{17DA0C9E-4A27-4ac5-BB75-5D24B8CDB972}\InprocServer32
ITEM=
EXP=Excel10.dll
NAME=Spyware.DigitalNames variant
URL=http://securityresponse.symantec.com/avcenter/venc/data/spyware.digitalnames.html
KEY=CLSID\{183D5161-0C62-4295-896C-44E7442CD6F2}\InprocServer32
ITEM=
EXP=DigitalNamesPlugIn150.dll
NAME=VirtuMonde adware variant
URL=http://securityresponse.symantec.com/avcenter/venc/data/adware.virtumonde.html
KEY=CLSID\{18722863-6D1D-4300-BF29-406948EDA7CB}\InprocServer32
ITEM=
EXP=dat
NAME=I-Lookup
URL=http://www.doxdesk.com/parasite/ILookup.html
KEY=CLSID\{18B79968-1A76-4953-9EBB-B651407F8998}\InprocServer32
ITEM=
EXP=winenc32.dll
NAME=i-lookup/Sbus
URL=http://www.doxdesk.com/parasite/ILookup.html
KEY=CLSID\{19A447BA-9C2E-4864-93F5-A0645229771E}\InprocServer32
ITEM=
EXP=Sbus.dll
NAME=SearchEx
URL=http://www.doxdesk.com/parasite/Searchex.html
KEY=CLSID\{1A98BCA2-0BD1-47DE-9710-C7665F7F1FCB}\InprocServer32
ITEM=
EXP=Iebrw.dll
NAME=CnsMin
URL=http://www.aluriasoftware.com/spyware-removal/details/CnsMin/
KEY=CLSID\{1B0E7716-898E-48cc-9690-4E338E8DE1D3}\InprocServer32
ITEM=
EXP=Assist.dll
NAME=Clickspring/PurityScan
URL=http://doxdesk.com/parasite/PurityScan.html
KEY=CLSID\{1B7D753B-1981-4bd2-91F3-6D055EE113A0}\InprocServer32
ITEM=
EXP=NDrv.dll
NAME=Browserplugin.com malware
URL=
KEY=CLSID\{1BDD55B8-3985-4E59-B906-5E0AD56D6710}\InprocServer32
ITEM=
EXP=WH
NAME=Adware.IEPageHelper
URL=http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453083026
KEY=CLSID\{1C4DA27D-4D52-4465-A089-98E01BB725CA}\InprocServer32
ITEM=
EXP=inetdctr.dll
NAME=iSearch toolbar
URL=http://www.kephyr.com/spywarescanner/library/isearch/index.phtml
KEY=CLSID\{1C78AB3F-A857-482e-80C0-3A1E5238A565}\InprocServer32
ITEM=
EXP=toolbar.dll
NAME=SpiderSearch, iLookup variant
URL=
KEY=CLSID\{1D022C27-3771-4D1D-B1B7-1953E271C6CA}\InprocServer32
ITEM=
EXP=winsps32.dll
NAME=BlazeFind/SearchRelevancy hijacker
URL=
KEY=CLSID\{1D7E3B41-23CE-469B-BE1B-A64B877923E1}\InprocServer32
ITEM=
EXP=SearchRelevancy.dll
NAME=SubSearch v22
URL=http://www.doxdesk.com/parasite/SubSearch.html
KEY=CLSID\{1D870C86-AA3C-4451-81E4-71D480A1A652}\InprocServer32
ITEM=
EXP=SbSrch_V22.dll
NAME=NJStar Asian Explorer
URL=http://www.njstar.com/asianexplorer/
KEY=CLSID\{1E1B2879-30C7-11D4-8DDF-525400E483E3}\InprocServer32
ITEM=
EXP=ETop100.dll
NAME=Backdoor.Lixy.B
URL=http://www.symantec.com/avcenter/venc/data/backdoor.lixy.b.html
KEY=CLSID\{1E1B2879-88FF-11D2-8D96-000000000003}\InprocServer32
ITEM=
EXP=SSocks5.dll
NAME=Backdoor.Lixy.B
URL=http://www.symantec.com/avcenter/venc/data/backdoor.lixy.b.html
KEY=CLSID\{1E1B2879-88FF-11D2-8D96-000000000004}\InprocServer32
ITEM=
EXP=Ssocks32.dll
NAME=Clitor
URL=http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453079921
KEY=CLSID\{1E1B2879-88FF-11D2-8D96-123457123457}\InprocServer32
ITEM=
EXP=Explorer.dll
NAME=unidentified adware
URL=
KEY=CLSID\{1E1B2879-88FF-11D2-8D96-D7ACAC31337F}\InprocServer32
ITEM=
EXP=Mslink32.dll
NAME=BackDoor Lixy
URL=http://securityresponse.symantec.com/avcenter/venc/data/backdoor.lixy.html
KEY=CLSID\{1E1B2879-88FF-11D2-8D96-D7ACAC95951A}\InprocServer32
ITEM=
EXP=Lid.dll
NAME=Commonname toolbar
URL=http://www.doxdesk.com/parasite/CommonName.html
KEY=CLSID\{1E1B2879-88FF-11D2-8D96-D7ACAC95951F}\InprocServer32
ITEM=
EXP=CnbarIE.dll
NAME=CooolWebSearch parasite variant
URL=http://www.spywareinfo.com/~merijn/cwschronicles.html
KEY=CLSID\{1E1B2879-88FF-11D2-8D96-D7ACAC95951F}\InprocServer32
ITEM=
EXP=DNSErr.dll
NAME=GoGoTools
URL=http://doxdesk.com/parasite/GogoTools.html parasite
KEY=CLSID\{1E1B2879-88FF-11D2-8D96-D7ACAC95951F}\InprocServer32
ITEM=
EXP=HTMLEdit.dll
NAME=p0rn related
URL=
KEY=CLSID\{1E1B2879-88FF-11D2-8D96-D7ACAC97972F}\InprocServer32
ITEM=
EXP=Msudp.dll
NAME=Personal Antispy keylogger
URL=http://www.botspot.com/Intelligent_Agent/2235.html
KEY=CLSID\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A}\InprocServer32
ITEM=
EXP=Funnywb.dll
NAME=QuickFlicks Streaming Player
URL=http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453073164
KEY=CLSID\{1E6F1D6A-1F20-11D4-8859-00A0CCE26836}\InprocServer32
ITEM=
EXP=SVAplayer.dll
NAME=ToolbarCC
URL=http://www.doxdesk.com/parasite/ToolbarCC.html
KEY=CLSID\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFA2}\InprocServer32
ITEM=
EXP=dll
NAME=ToolbarCC/Rnd
URL=http://www.doxdesk.com/parasite/ToolbarCC.html
KEY=CLSID\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFA7}\InprocServer32
ITEM=
EXP=win
NAME=ToolbarCC/Rnd
URL=http://www.doxdesk.com/parasite/ToolbarCC.html
KEY=CLSID\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFA8}\InprocServer32
ITEM=
EXP=win
NAME=ToolbarCC/Rnd
URL=http://www.doxdesk.com/parasite/ToolbarCC.html 
KEY=CLSID\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFAF}\InprocServer32
ITEM=
EXP=dll
NAME=CoolWebSearch parasite variant
URL=http://www.richardthelionhearted.com/~merijn/cwschronicles.html#
KEY=CLSID\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFB1}\InprocServer32
ITEM=
EXP=MS
NAME=CoolWebSearch parasite variant
URL=http://www.richardthelionhearted.com/~merijn/cwschronicles.html#
KEY=CLSID\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFB2}\InprocServer32
ITEM=
EXP=MS
NAME=i-lookup/Abeb
URL=http://www.doxdesk.com/parasite/ILookup.html 
KEY=CLSID\{2038A287-4221-4F76-A7C0-ADDD77AFABB3}\InprocServer32
ITEM=
EXP=abeb.dll
NAME=Myaopop Adware
URL=
KEY=CLSID\{204E9F8F-38CA-4E11-BA91-06B685285CC0}\InprocServer32
ITEM=
EXP=xpllog.dll
NAME=HotBar
URL=http://www.doxdesk.com/parasite/HotBar.html
KEY=CLSID\{204F937E-519E-4597-96FA-8F1F59F3CB6D}\InprocServer32
ITEM=
EXP=ctor.dll
NAME=Give4Free
URL=
KEY=CLSID\{208E7E77-507A-4649-B0C9-D39E9049C7A2}\InprocServer32
ITEM=
EXP=ibho.dll
NAME=CustomToolbar
URL=http://www.doxdesk.com/parasite/CustomToolbar.html 
KEY=CLSID\{21301D69-B8F1-46AA-B0B5-09EE2285914C}\InprocServer32
ITEM=
EXP=CustomToolbar.dll
NAME=SearchEnhancement hijacker
URL=http://groups.google.com/groups?q=searchenhancement&hl=en&lr=&ie=UTF-8&oe=UTF-8&selm=5fa201c33b6c%24abac7a20%243101280a%40phx.gbl&rnum=1 
KEY=CLSID\{22941A26-7033-432C-94C7-6371DE343822}\InprocServer32
ITEM=
EXP=Scbar.dll
NAME=hijacker,  as yet unidentified
URL=
KEY=CLSID\{22B9A67D-E689-44B6-B775-0E8FE84B4F9B}\InprocServer32
ITEM=
EXP=dll
NAME=VirtuMonde adware variant
URL=http://securityresponse.symantec.com/avcenter/venc/data/adware.virtumonde.html
KEY=CLSID\{2316230A-C89C-4BCC-95C2-66659AC7A775}\InprocServer32
ITEM=
EXP=dat
NAME=Expext/MetaDirect hijacker
URL=http://www.securemost.com/articles/trou_3_remove_expext.htm
KEY=CLSID\{23BC1CCF-4BE7-497F-B154-6ADA68425FBB}\InprocServer32
ITEM=
EXP=expext.dll
NAME=ClientMan
URL=http://www.doxdesk.com/parasite/ClientMan.html
KEY=CLSID\{25F7FA20-3FC3-11D7-B487-00D05990014C}\InprocServer32
ITEM=
EXP=ms
NAME=Xupiter
URL=http://www.doxdesk.com/parasite/Xupiter.html
KEY=CLSID\{2662BDD7-05D6-408F-B241-FF98FACE6054}\InprocServer32
ITEM=
EXP=Xtupdate.dll
NAME=Whazit
URL=http://www.doxdesk.com/parasite/Whazit.html
KEY=CLSID\{267D5BD3-0DC2-4724-A196-7F4794FBB9EB}\InprocServer32
ITEM=
EXP=outones.dll
NAME=eUniverse/Keenvalue variant
URL=http://www.doxdesk.com/parasite/KeenValue.html
KEY=CLSID\{269B6797-664E-48AA-B283-B012BDF6E525}\InprocServer32
ITEM=
EXP=BHO.dll
NAME=WurldMedia
URL=http://www.doxdesk.com/parasite/WurldMedia.html
KEY=CLSID\{2737A6C0-7E24-11D7-B299-00E0297E0844}\InprocServer32
ITEM=
EXP=
NAME=WhistleSoftware
URL=http://www.uslocalweather.com/privacy.asp
KEY=CLSID\{27557cf1-a237-496d-8c8f-08f3844c6a8b}\InprocServer32
ITEM=
EXP=WhistleHelper.dll
NAME=CoolWebSearch parasite variant
URL=http://www.richardthelionhearted.com/~merijn/cwschronicles.html#
KEY=CLSID\{275636E4-A535-4668-9FF1-86DC0C62D446}\InprocServer32
ITEM=
EXP=msopt.dll
NAME=MyPageFinder
URL=http://www.doxdesk.com/parasite/MyPageFinder.html
KEY=CLSID\{27A5FF76-9919-492C-98E3-EDA3502FC829}\InprocServer32
ITEM=
EXP=ml_32.dll
NAME=SearchMiracle.EliteBar
URL=http://www.giantcompany.com/antispyware/research/spyware/spyware-SearchMiracle.EliteBar.aspx
KEY=CLSID\{28CAEFF3-0F18-4036-B504-51D73BD81ABC}\InprocServer32
ITEM=
EXP=EliteToolBar version 53.dll
NAME=EliteBar/SearchMiracle adware
URL=http://www.giantcompany.com/antispyware/research/spyware/spyware-SearchMiracle.EliteBar.aspx
KEY=CLSID\{28CAEFF3-0F18-4036-B504-51D73BD81C3A}\InprocServer32
ITEM=
EXP=Elitebar.dll
NAME=Searchportal.info - CoolWebSearch parasite variant
URL=http://www.spywareinfo.com/~merijn/cwschronicles.html
KEY=CLSID\{28F65FCB-D130-11D8-BA48-8BE0C49AF370}\InprocServer32
ITEM=
EXP=popup_bl.dll
NAME=unidentified hijacker
URL=http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453073363
KEY=CLSID\{29A38549-AF6F-11D4-89D6-BC1DFD912B00}\InprocServer32
ITEM=
EXP=bho1.dll
NAME=Commander toolbar
URL=http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453083035
KEY=CLSID\{29F7B7FA-ADC8-48ea-9E1C-EA87A05AE642}\InprocServer32
ITEM=
EXP=sbb.dll
NAME=FastFind.org SubSearch
URL=http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453074896
KEY=CLSID\{2A57772A-D963-4533-A999-A4D66B7EF424}\InprocServer32
ITEM=
EXP=00S00.dll
NAME=Make-deal.com malware
URL=
KEY=CLSID\{2A7B720A-7A28-4e99-80A0-2DF985EC93D0}\InprocServer32
ITEM=
EXP=Font.dll
NAME=SmartShopper
URL=http://www.giantcompany.com/antispyware/research/spyware/spyware-Hotbar.ShoppingReports.aspx
KEY=CLSID\{2A8A997F-BB9F-48F6-AA2B-2762D50F9289}\InprocServer32
ITEM=
EXP=smrtshpr.dll
NAME=LookThru Cool Search Bar
URL=
KEY=CLSID\{2AF8CED6-5BD8-4310-A90C-9664EFB16B10}\InprocServer32
ITEM=
EXP=coolbar.dll
NAME=BookedSpace/Remanent
URL=http://www.doxdesk.com/parasite/BookedSpace.html
KEY=CLSID\{2B3452C5-1B9A-440F-A203-F6ED0F64C895}\InprocServer32
ITEM=
EXP=rem00001.dll
NAME=Dynamic Desktop Media adware
URL=http://www.spyany.com/program/article_spw_rm_Dynamic_Desktop_Media.html
KEY=CLSID\{2BC43670-C0BD-4794-BB11-F60F3E001DC5}\InprocServer32
ITEM=
EXP=ddmp.dll
NAME=IESearch Toolbar
URL=http://www.giantcompany.com/antispyware/research/spyware/spyware-IESearchToolbar.aspx
KEY=CLSID\{2c5175a2-adf3-4f57-ab70- ba90fd60a383}\InprocServer32
ITEM=
EXP=IESEARCHTOOLBAR.DLL
NAME=IESearch toolbar hijacker
URL=
KEY=CLSID\{2C5175A2-ADF3-4F57-AB70-BA90FD60A383}\InprocServer32
ITEM=
EXP=IESearchToolbar.dll
NAME=BrowserAid/Startium
URL=http://www.doxdesk.com/parasite/BrowserAid.html
KEY=CLSID\{2CF0B992-5EEB-4143-99C0-5297EF71F443}\InprocServer32
ITEM=
EXP=stlbdist.dll
NAME=BrowserAid/Startium
URL=http://www.doxdesk.com/parasite/BrowserAid.html
KEY=CLSID\{2CF0B992-5EEB-4143-99C0-5297EF71F444}\InprocServer32
ITEM=
EXP=stlbdist.dll
NAME=BrowserAid/Startium
URL=http://www.doxdesk.com/parasite/BrowserAid.html
KEY=CLSID\{2CF0B992-5EEB-4143-99C0-5297EF71F44A}\InprocServer32
ITEM=
EXP=stlbad123.dll
NAME=BrowserAid/Startium
URL=http://www.doxdesk.com/parasite/BrowserAid.html
KEY=CLSID\{2CF0B992-5EEB-4143-99C2-5297EF71F44A}\InprocServer32
ITEM=
EXP=stlbad123.dll
NAME=CoolWebSearch parasite variant
URL=http://www.richardthelionhearted.com/~merijn/cwschronicles.html#
KEY=CLSID\{2D38A51A-23C9-48a1-A33C-48675AA2B494}\InprocServer32
ITEM=
EXP=winres.dll
NAME=i-lookup/Drbr
URL=http://www.doxdesk.com/parasite/ILookup.html 
KEY=CLSID\{2D556983-83D7-4630-9AA5-27C74CA27B79}\InprocServer32
ITEM=
EXP=Drbr.dll
NAME=AdBlaster Adware
URL=http://www.spyany.com/program/article_adw_rm_AdBlaster.html
KEY=CLSID\{2D7CB618-CC1C-4126-A7E3-F5B12D3BCF71}\InprocServer32
ITEM=