CastleCops® - O21 ShellServiceObjectDelayLoad

Need help? Click here to register for free! Absolutely zero advertisements on this site!

O21 ShellServiceObjectDelayLoad

Currently 240 entries and growing...
Last updated on 2008-07-27 10:02:23 Eastern.

FBJ originally ran this list but closed it permanently. FBJ graciously permitted CastleCops to continue maintaining the list as of Jul 8, 2005. The full HTML list is here.

KEY:

"L" = Legitimate

"O" = Open to Debate

"X" = Malware/Bad

"?" - Unknown

ABC List: A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z

CLSID	Status	Name	Path/File	Description
{******----**********}	X	sapnet	%WINDIR%\sapnet.dll	Smitfraud
{******----**********}	X	ServicePrx ServiceRam ServiceRom ServiceSys SetupAlrt SetupMon SetupService SrvAlrt SrvCheck	%WINDIR%\Installer\{******----**********}\[name].dll	Trojan.Win32.Agent (browser hijacker)
{8FB2D6CA-E258-48CF-9DAB-EEFB735E225C}	X	shellservice	ShellService.dll	Spyware.Ultraview
{******----**********}	X	sounddrv	%WINDIR%\sounddrv.dll	Smitfraud
{******----**********}	X	SrvComponent SrvSetup SrvUnknown SysDrive SysService SysSys UnknownKbd UnknownCD UnknownDrive UnknownKernel	%WINDIR%\Installer\{******----**********}\[name].dll	Trojan.Win32.Agent (browser hijacker)
{******----**********}	X	SvcSys	svcsys.dll	Infostealer.Bancos
{6CBCB0E8-BAAD-4450-AF88-CE02C567AC36}	X	Svrpnp	geteng.dll	Spyware.Eblaster
{******----**********}	X	syscore	%WINDIR%\syscore.dll	Smitfraud
{23456789-0000-0020-0900-00AAFF6D2EA4}	X	Sysctl Desktop Handler	ntosv.dll	Troj/Agent-CL
{******----**********}	X	sysdx	%WINDIR%\sysdx.dll	Smitfraud
{******----**********}	X	syshelps	%SYSDIR%\syshelps.dll, wmhs32.dll	Troj/IRCBot-WL
{******----**********}	X	syshelps	systesrt32.dll	W32/IRCBot-XF
{******----**********}	X	syshosts	syshosts.dll	http://www.sophos.com/security/analyses/w32ircbotwb.html
{D7FFD784-5276-42D1-887B-00267870A4C7}	X	SysRun	svshost.dll	Troj/Small-CPO
{******----**********}	X	System	vr_sys.dll	Troj/LdPinch
{******----**********}	X	system32	sysprinters.dll	W32/IRCBot-WV
{54645654-2225-4455-44A1-9F4543D34545}	X	SystemCheck2	vbsys2.dll	Troj/AdClick
{******----**********}	X	systemie	systemie.dll	Troj/Sisie-D
{******----**********}	X	systemp	systemp.dll	Troj/Narod-D
{35CEC8A3-2BE6-11D2-8773-92E220524153}	L	SysTray	%SYSDIR%\stobject.dll	SysTray Shell Service Object Library
{6368D1FC-6F5C-4f1b-B164-E67214F678E9}	X	SysTray.Exbr	[random].dll	Troj/Slogger-I
{5368D5FC-6F6C-4f5b-B564-E67214F67552}	X	SysTray.Exbt	[random].dll	Troj/Slogger-K
{1722ECFF-4356-4f5b-B534-E67294FE75E9}	X	SysTray.Excn	[random].dll	Worm.Prox.c
{1722ECFF-4356-4f5b-B534-E67294FE75E9}	X	SysTray.Excn2	[random].dll	Troj/Cozdoor-C
{636821FC-6F5C-2f1b-B164-E67214F678E2}	X	SysTray.Exgl	[random].dll	Trojan-Proxy.Win32.Small variant
{2963ECFC-4E5C-2f3b-B334-D67434FC72E0}	X	SysTray.Exiv	[random].dll	Troj/Slogger-F
{5368DCFC-4F5C-4f5b-B134-E67294FC78E9}	X	SysTray.Exlv	[random].dll	Unidentified malware (probable cozdoor variant)
{73F8D5FF-6F5C-4f5b-B964-E6F214F6F852}	X	SysTray.Exmr	[random].dll	Backdoor.Krepper.b
{1768ECFC-4F5C-4f5b-B134-D67294FC78E9}	X	SysTray.Exsh	[random].dll	Troj/Cozdoor-D
{2368D1FC-2F5C-4f1b-B124-E67214FC78E2}	X	SysTray.Exsn	[random].dll	Backdoor.Small.ig
{7368D5FC-6F5C-4f5b-B964-E67214F67852}	X	SysTray.Exys	[random].dll	TR/Drop.Small.afo.2

Engine Version 2.0 by CastleCops


	2002-2008 � Computer Cops LLC dba CastleCops®. All rights reserved. Acceptable Use Policy. Use signifies your agreement. 142ppm 0.080s (0.002s) Making cybercriminals unhappy since 2002*