smb_suspicious_files.nasl

漏洞扫描源码,可以扫描linux,windows,交换机路由器

EXP=ngpw34.dll
NAME=GoGoData toolbar
URL=http://gogodata.com/toolbar/index.htm
KEY=CLSID\{2D877C0B-3F44-42CD-A283-57AAA9186CB9}\InprocServer32
ITEM=
EXP=GoGoDataBar.dll
NAME=VX2.aBetterInternet variant
URL=
KEY=CLSID\{2DC9D850-144D-11E1-B3C9-10805E499D95}\InprocServer32
ITEM=
EXP=mplay32.dll
NAME=InetSpeak
URL=http://www.doxdesk.com/parasite/InetSpeak.html
KEY=CLSID\{2E12B523-3D4C-4FAC-9B04-0376A8F5E879}\InprocServer32
ITEM=
EXP=WindowsIE.dll
NAME=FastFind adware variant
URL=http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_STARTPAG.KF&VSect=T
KEY=CLSID\{2E65A557-173C-4DE9-860B-28FC5CACA542}\InprocServer32
ITEM=
EXP=Setup.dll
NAME=P0rn related
URL=
KEY=CLSID\{2E77E33F-671E-4334-ABAA-0C2E2BE654F1}\InprocServer32
ITEM=
EXP=mdv_32.dll
NAME=SubmitHook
URL=http://www.lurhq.com/submithook.html
KEY=CLSID\{2E9CAFF6-30C7-4208-8807-E79D4EC6F806}\InprocServer32
ITEM=
EXP=Submithook.dll
NAME=ezSearching
URL=http://doxdesk.com/parasite/ezSearching.html
KEY=CLSID\{2F24B54D-3A27-11D8-8169-00C02623048A}\InprocServer32
ITEM=
EXP=Testadit3.dll
NAME=Porn Hijacker
URL=
KEY=CLSID\{2FF5573C-0EB5-43db-A1B2-C4326813468E}\InprocServer32
ITEM=
EXP=iehr.dll
NAME=CoolWebSearch parasite variant
URL=http://www.richardthelionhearted.com/~merijn/cwschronicles.html#
KEY=CLSID\{30192F8D-0958-44E6-B54D-331FD39AC959}\InprocServer32
ITEM=
EXP=toolband.dll
NAME=SBSoft IWantSearch hijacker
URL=http://sarc.com/avcenter/venc/data/adware.iwantsearch.html
KEY=CLSID\{30192F8D-0958-44E6-B54D-331FD39AC959}\InprocServer32
ITEM=
EXP=rundlg32.dll
NAME=SBSoft Web-Search hijacker variant, a member of the CoolWebSearch parasite family
URL=http://sarc.com/avcenter/venc/data/adware.iwantsearch.html
KEY=CLSID\{30192F8D-0958-44E6-B54D-331FD39AC959}\InprocServer32
ITEM=
EXP=webdlg32.dll
NAME=EZtracks/Pickoftheweb toolbar
URL=
KEY=CLSID\{3023AF97-870E-476A-B30E-3923DF2B84BD}\InprocServer32
ITEM=
EXP=eztracks_ieplug.dll
NAME=VirtuMonde adware variant
URL=http://securityresponse.symantec.com/avcenter/venc/data/adware.virtumonde.html
KEY=CLSID\{30279F2D-1A38-4785-97D4-5C3508BDB289}\InprocServer32
ITEM=
EXP=dat
NAME=Adware.OpenSite
URL=http://sarc.com/avcenter/venc/data/adware.opensite.html
KEY=CLSID\{30A56549-9D5B-4D34-AFA7-440A7F0538A9}\InprocServer32
ITEM=
EXP=Opnste.dll
NAME=ProBot Activity Monitor
URL=http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453076611
KEY=CLSID\{312FA154-E1B7-4336-9833-EE6B38D58B56}\InprocServer32
ITEM=
EXP=pbcommon.dll
NAME=SubSearch v22
URL=http://www.doxdesk.com/parasite/SubSearch.html
KEY=CLSID\{31995C64-CB4D-483E-82C2-CCFFE2F66CAB}\InprocServer32
ITEM=
EXP=msvcn.dll
NAME=ezSearching
URL=http://www.doxdesk.com/parasite/ezSearching.html
KEY=CLSID\{34D516EA-40E3-4E3B-8BA8-505112738ED5}\InprocServer32
ITEM=
EXP=ctavp3.dll
NAME=i-Lookup/Chgrgs
URL=http://www.doxdesk.com/parasite/ILookup.html
KEY=CLSID\{35CC7369-C6EB-4A64-AB05-44CF0B5087A0}\InprocServer32
ITEM=
EXP=Chgrgs.dll
NAME=E2Give
URL=http://www.doxdesk.com/parasite/E2Give.html
KEY=CLSID\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6}\InprocServer32
ITEM=
EXP=IeBHOs.dll
NAME=Burnaby Module >e-card_viewer
URL=http://www.symantec.com/avcenter/venc/data/ortyc.trojan.html
KEY=CLSID\{3750BFA3-1392-4AF3-AF86-9D2D4776E5A4}\InprocServer32
ITEM=
EXP=potd.dll
NAME=Oasisnet.com Hijacker/web downloader
URL=
KEY=CLSID\{37A5FF76-9919-492C-98E3-EDA3502FC829}\InprocServer32
ITEM=
EXP=Oasis.dll
NAME=InetSpeak/Iexplorr
URL=http://www.doxdesk.com/parasite/InetSpeak.html
KEY=CLSID\{388D7EBB-CBB9-4126-8DB2-86DC6863A206}\InprocServer32
ITEM=
EXP=iexplorr11.dll
NAME=BookedSpace
URL=http://www.doxdesk.com/parasite/BookedSpace.html
KEY=CLSID\{392BE62B-E7DE-430A-8859-0AFE677DE6E1}\InprocServer32
ITEM=
EXP=bs2.dll
NAME=Hijacker, as yet unidentified
URL=
KEY=CLSID\{397D7D63-816E-4ECF-8761-775C932C5CF1}\InprocServer32
ITEM=
EXP=iDonate.dll
NAME=InetSpeak/Iexplorr
URL=http://www.doxdesk.com/parasite/InetSpeak.html
KEY=CLSID\{39AF31DD-EAFC-45EA-A56C-385B52E25CC0}\InprocServer32
ITEM=
EXP=iexplorr22.dll
NAME=WurldMedia
URL=http://www.doxdesk.com/parasite/WurldMedia.html
KEY=CLSID\{3A279869-C6B6-4410-A041-0435DE6AD916}\InprocServer32
ITEM=
EXP=M030106SHOP.DLL
NAME=Wishbone Toolbar
URL=http://www.wishbonemedia.com/products.html
KEY=CLSID\{3AA90BC2-58C0-4F4D-A87C-2C6F3D3CD5FE}\InprocServer32
ITEM=
EXP=Minst.dll
NAME=LZIO.com adware
URL=http://www.spywareguide.com/product_show.php?id=853
KEY=CLSID\{3BC2C2D1-758E-4912-BED2-AE50DE69E8AF}\InprocServer32
ITEM=
EXP=iedcb1f5.dll
NAME=Alexa
URL=http://www.safersite.com/PestInfo/a/Alexa_Toolbar.asp
KEY=CLSID\{3DF73DF8-41E2-4fc2-8CBF-4B9407433755}\InprocServer32
ITEM=
EXP=lxTB.dll
NAME=porn hijacker
URL=
KEY=CLSID\{3E307D7F-5F68-4ddb-9294-EE230950F60C}\InprocServer32
ITEM=
EXP=winacl.dll
NAME=VirtuMonde adware variant
URL=http://securityresponse.symantec.com/avcenter/venc/data/adware.virtumonde.html
KEY=CLSID\{3EC8E271-FAB9-418a-8A8E-65AEB4029E64}\InprocServer32
ITEM=
EXP=dat
NAME=Traffix Inc/iMatchup
URL=http://www.webhelper4u.com/transponders/potwbar.html
KEY=CLSID\{3F68A524-6E47-44E6-9FE7-795EABFA3B36}\InprocServer32
ITEM=
EXP=traffix1.1.0.25.dll
NAME=Not yet identified malware
URL=
KEY=CLSID\{40205287-E793-41AC-B95C-D8D064BA33CA}\InprocServer32
ITEM=
EXP=mscfg.dll
NAME=WurldMedia/bpboh
URL=http://www.doxdesk.com/parasite/WurldMedia.html
KEY=CLSID\{40AC4D2D-491D-11D4-AAF2-0008C75DCD2B}\InprocServer32
ITEM=
EXP=Bpboh.dll
NAME=Popmonster adware
URL=http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453078833
KEY=CLSID\{4209B4C1-1295-4908-9312-A53C036EB3CD}\InprocServer32
ITEM=
EXP=BHO.dll
NAME=PBar
URL=http://www.pbar.net/?id=BAFDJFFBBEdDBEZKVCSKL
KEY=CLSID\{42132494-F48F-4187-ABC8-0F343AD2E465}\InprocServer32
ITEM=
EXP=Pbshmd.dll
NAME=Dyfuca/Internet Optimizer
URL=http://www.doxdesk.com/parasite/InternetOptimizer
KEY=CLSID\{432D8C41-8586-11D8-997D-00C026232EB9}\InprocServer32
ITEM=
EXP=bvm202.dll
NAME=LoveTester foistware
URL=http://spamwatch.codefish.net.au/modules.php?op=modload&name=News&file=index&catid=&topic=24
KEY=CLSID\{43FA5935-E36E-4937-8127-A90191B2EC68}\InprocServer32
ITEM=
EXP=domain11.dll
NAME=CoolWebSearch parasite variant
URL=http://www.richardthelionhearted.com/~merijn/cwschronicles.html#
KEY=CLSID\{441354C5-911B-409B-9A66-A11D6D4E1A22}\InprocServer32
ITEM=
EXP=sdmtb.dll
NAME=VirtuMonde adware variant
URL=http://securityresponse.symantec.com/avcenter/venc/data/adware.virtumonde.html
KEY=CLSID\{446CF8A5-617E-4D91-95AE-AE78CE0D06AF}\InprocServer32
ITEM=
EXP=dat
NAME=ClientMan
URL=http://www.doxdesk.com/parasite/ClientMan.html
KEY=CLSID\{447160CD-ECF5-4EA2-8A8A-1F70CA363F85}\InprocServer32
ITEM=
EXP=bundle
NAME=Msinfosys/AutoSearch hijacker
URL=http://www.doxdesk.com/parasite/AutoSearch.html
KEY=CLSID\{44A23DAB-8D31-43AE-9F68-5AC24CF7CE8C}\InprocServer32
ITEM=
EXP=Msinfosys.dll
NAME=VirtuMonde adware variant
URL=http://securityresponse.symantec.com/avcenter/venc/data/adware.virtumonde.html
KEY=CLSID\{44E5B409-35A2-4E8D-BF94-344222323A53}\InprocServer32
ITEM=
EXP=dat
NAME=Naupoint toolbar
URL=http://doxdesk.com/parasite/Naupoint.html
KEY=CLSID\{44FD0AF8-9D30-4E96-8ECE-306446B5E0D3}\InprocServer32
ITEM=
EXP=iEBINST2.dll
NAME=Icoo Loader
URL=http://www.by-users.co.uk/forums/?board=help&action=display&num=1085918311
KEY=CLSID\{465A59EC-20E5-4fca-A38A-E5EC3C480218}\InprocServer32
ITEM=
EXP=icoou.dll
NAME=CoolWebSearch parasite variant
URL=http://www.richardthelionhearted.com/~merijn/cwschronicles.html#
KEY=CLSID\{467FAEB2-5F5B-4c81-BAE0-2A4752CA7F4E}\InprocServer32
ITEM=
EXP=dll
NAME=W32.Aspam.Trojan.B
URL=http://securityresponse.symantec.com/avcenter/venc/data/w32.aspam.trojan.b.html
KEY=CLSID\{499DB658-1909-420B-931A-4A8CAEFD232F}\InprocServer32
ITEM=
EXP=Drvman32.dll
NAME=NewDotNet
URL=http://www.doxdesk.com/parasite/NewDotNet.html
KEY=CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\InprocServer32
ITEM=
EXP=newdotnet
NAME=ezSearching
URL=http://www.doxdesk.com/parasite/ezSearching.html
KEY=CLSID\{4B021269-DD24-48B2-96B4-DA121E9C0502}\InprocServer32
ITEM=
EXP=ctpp
NAME=StartNow/HyperBar
URL=http://www.castlecops.com/tk266-HyperBHO.html
KEY=CLSID\{4B2F5308-2CB0-40E2-8030-59936ED5D22C}\InprocServer32
ITEM=
EXP=Hyperbar.dll
NAME=Adware.Sa
URL=http://sarc.com/avcenter/venc/data/adware.sa.html
KEY=CLSID\{4BCF322B-9621-4e90-9678-F1424EB7584E}\InprocServer32
ITEM=
EXP=Udpmod.dll
NAME=CoolWebSearch parasite variant
URL=http://www.richardthelionhearted.com/~merijn/cwschronicles.html#
KEY=CLSID\{4C1B116F-2860-46db-8E6C-B4BFC4DFD683}\InprocServer32
ITEM=
EXP=ietlbass32.dll
NAME=SubSearch
URL=http://www.doxdesk.com/parasite/SubSearch.html
KEY=CLSID\{4C4871FD-30F6-4430-8834-BC75D58F1529}\InprocServer32
ITEM=
EXP=Sbsrch_v2.dll
NAME=InetSpeak/Iexplorr
URL=http://www.doxdesk.com/parasite/InetSpeak.html
KEY=CLSID\{4CEBBC6B-5CEE-4644-80CF-38980BAE93F6}\InprocServer32
ITEM=
EXP=Iexplorr23.dll
NAME=Begin2Search bar, iLookup variant
URL=http://www.doxdesk.com/parasite/ILookup.html
KEY=CLSID\{4D568F0F-8AC9-40AB-88B7-415134C78777}\InprocServer32
ITEM=
EXP=dll
NAME=Trojan-Clicker.Win32.Delf.bc
URL=
KEY=CLSID\{4E7BD74F-2B8D-469E-85AC-FD60BB9AAE32}\InprocServer32
ITEM=
EXP=seotoolbar.dll
NAME=2020Search
URL=http://www.kephyr.com/spywarescanner/library/2020search/index.phtml
KEY=CLSID\{4E7BD74F-2B8D-469E-92C6-CE7EB590A94D}\InprocServer32
ITEM=
EXP=2020Search2.dll
NAME=Naupoint toolbar
URL=http://doxdesk.com/parasite/Naupoint.html
KEY=CLSID\{4E7BD74F-2B8D-469E-95BE-B378BA9CB52D}\InprocServer32
ITEM=
EXP=Naupointbar.dll
NAME=SearchCentrix adware variant
URL=http://www.kephyr.com/spywarescanner/library/searchcentrix.somatic/index.phtml
KEY=CLSID\{4E7BD74F-2B8D-469E-96F7-EB6DB99AA92E}\InprocServer32
ITEM=
EXP=gssomatic.dll
NAME=SearchCentrix adware variant
URL=http://www.kephyr.com/spywarescanner/library/searchcentrix.somatic/index.phtml
KEY=CLSID\{4E7BD74F-2B8D-469E-98F7-EB6DB99AA93B}\InprocServer32
ITEM=
EXP=ifsomatic.dll
NAME=Push toolbar
URL=
KEY=CLSID\{4E7BD74F-2B8D-469E-A0E8-F76FA694BF2E}\InprocServer32
ITEM=
EXP=searchv2.dll
NAME=Hijacker,  as yet unidentified
URL=
KEY=CLSID\{4E7BD74F-2B8D-469E-A1F6-FC7EB590A97D}\InprocServer32
ITEM=
EXP=search3.dll
NAME=KeenValue/PowerSearch
URL=http://www.doxdesk.com/parasite/KeenValue.html
KEY=CLSID\{4E7BD74F-2B8D-469E-A3EE-FB7FA682AA7D}\InprocServer32
ITEM=
EXP=pwrsdp1.dll
NAME=KeenValue/PowerSearch
URL=http://www.doxdesk.com/parasite/KeenValue.html
KEY=CLSID\{4E7BD74F-2B8D-469E-A3FA-F161A787AD2D}\InprocServer32
ITEM=
EXP=pwrsmnd1.dll
NAME=Grip Toolbar
URL=http://www.giantcompany.com/antispyware/research/spyware/spyware-Grip-Toolbar.aspx
KEY=CLSID\{4E7BD74F-2B8D-469E-A4E4-FC7CBD87BD7D}\InprocServer32
ITEM=
EXP=gripcz6.dll
NAME=PowerSearch toolbar
URL=http://www.doxdesk.com/parasite/KeenValue.html
KEY=CLSID\{4E7BD74F-2B8D-469E-A58D-8F6FA787AD2D}\InprocServer32
ITEM=
EXP=PWRSC037.DLL
NAME=SearchCentrix adware variant
URL=http://www.kephyr.com/spywarescanner/library/searchcentrix.wzhelper/index.phtml
KEY=CLSID\{4E7BD74F-2B8D-469E-C0FB-EF60B19DA02A}\InprocServer32
ITEM=
EXP=Wzhelper.dll
NAME=SRNG/ShopNav
URL=http://www.doxdesk.com/parasite/Srng.html
KEY=CLSID\{4E7BD74F-2B8D-469E-C0FB-EF60B19DB42E}\InprocServer32
ITEM=
EXP=SNHelper.dll
NAME=SearchCentrix adware variant
URL=http://www.kephyr.com/spywarescanner/library/searchcentrix.somatic/index.phtml
KEY=CLSID\{4E7BD74F-2B8D-469E-C0FB-EF60B19DBC34}\InprocServer32
ITEM=
EXP=ifhelper.dll
NAME=KeenValue/PowerSearch
URL=http://www.doxdesk.com/parasite/KeenValue.html
KEY=CLSID\{4E7BD74F-2B8D-469E-C0FC-F378A787AD2D}\InprocServer32
ITEM=
EXP=Toolbarpwrstlbr.dll
NAME=eUniverse SirSearch
URL=http://www.doxdesk.com/parasite/KeenValue.html
KEY=CLSID\{4E7BD74F-2B8D-469E-C0FC-F76FA694BF2E}\InprocServer32
ITEM=
EXP=Searchbr.dll
NAME=MegaSearch
URL=http://doxdesk.com/parasite/MegaSearch.html
KEY=CLSID\{4E7BD74F-2B8D-469E-C0FF-FA7FB592BF30}\InprocServer32
ITEM=
EXP=megasear.dll
NAME=Gamebar
URL=http://member.game.net/Membership/Privacy.asp
KEY=CLSID\{4E7BD74F-2B8D-469E-C0FF-FD69B994BD7D}\InprocServer32
ITEM=
EXP=gamebar.dll
NAME=PickOfTheWeb toolbar
URL=http://www.webhelper4u.com/transponders/potwbar.html
KEY=CLSID\{4E7BD74F-2B8D-469E-C0FF-FD7BA09AAA7D}\InprocServer32
ITEM=
EXP=potwbar.dll
NAME=eUniverse SearchNugget Toolbar
URL=http://www.doxdesk.com/parasite/KeenValue.html
KEY=CLSID\{4E7BD74F-2B8D-469E-C0FF-FD7FF4D5FA7D}\InprocServer32
ITEM=
EXP=sbar.dll
NAME=KeenValue/PowerSearch
URL=http://www.doxdesk.com/parasite/KeenValue.html
KEY=CLSID\{4E7BD74F-2B8D-469E-C8FB-FC6DA787AD2D}\InprocServer32
ITEM=
EXP=pwrsacez.dll
NAME=SearchCentrix adware variant
URL=http://www.kephyr.com/spywarescanner/library/searchcentrix.somatic/index.phtml
KEY=CLSID\{4E7BD74F-2B8D-469E-D1F7-EB6DB99AA97D}\InprocServer32
ITEM=
EXP=somatic.dll
NAME=Voonda Toolbar
URL=http://www.castlecops.com/tk1479-tafbar.html
KEY=CLSID\{4E7BD74F-2B8D-469E-D4FF-EB2CF4D5FA7D}\InprocServer32
ITEM=
EXP=taf.dll
NAME=KeenValue/PowerSearch
URL=http://www.doxdesk.com/parasite/KeenValue.html
KEY=CLSID\{4E7BD74F-2B8D-469E-D4FF-ED78A787AD2D}\InprocServer32
ITEM=
EXP=pwrstraf.dll
NAME=SearchCentrix adware variant
URL=http://www.kephyr.com/spywarescanner/library/searchcentrix.webalize/index.phtml
KEY=CLSID\{4E7BD74F-2B8D-469E-D7E4-F660B597BF2A}\InprocServer32
ITEM=
EXP=Webalize.dll
NAME=BrowserVillage Toolbar
URL=http://www.giantcompany.com/antispyware/research/spyware/spyware-BrowserVillage-Toolbar.aspx
KEY=CLSID\{4E7BD74F-2B8D-469E-D7F9-FE60B89CAC3F}\InprocServer32
ITEM=
EXP=bvillage.dll
NAME=SearchCentrix variant
URL=http://www.kephyr.com/spywarescanner/library/searchcentrix.mygeek/index.phtml 
KEY=CLSID\{4E7BD74F-2B8D-469E-D9FB-FA6BAD98FA7D}\InprocServer32
ITEM=
EXP=MyGeek.dll - MyGeek/Search-o-Matic2000
NAME=InstaFinder hijacker
URL=
KEY=CLSID\{4E7BD74F-2B8D-469E-DCF7-F96DA086B434}\InprocServer32