啟動項目/檔案/命令名稱
程式分類
描述
iPushIEAD_ ([path to soohost.exe])
絕對不需要的程式
Detected by Dr.Web as Trojan.Venusu.24 and by Malwarebytes as Trojan.Agent.E
Image Distributed NGEN Registry WinHTTP DHCP ([path to trojan])
絕對不需要的程式
Detected by Malwarebytes as Trojan.Agent.RND
Input Function Instrumentation ([path to trojan])
絕對不需要的程式
Detected by Malwarebytes as Trojan.Agent.RND - see an example here
Isolation Credential Panel Color ([path to trojan])
絕對不需要的程式
Detected by Malwarebytes as Trojan.Agent.RND - see an example here
IEXPLORE.EXE ([path to trojan])
絕對不需要的程式
Detected by Sophos as Troj/Bancos-CJ and by Malwarebytes as Trojan.Agent
InstallProgram ([path to trojan])
絕對不需要的程式
Detected by Sophos as Troj/Agent-HHU and by Malwarebytes as Trojan.Agent
IEService ([path to trojan])
絕對不需要的程式
Detected by Malwarebytes as Trojan.Downloader - see examples here and here
ICQMsn ([path to trojan])
絕對不需要的程式
Detected by Sophos as Troj/Ranck-AH. The most common example is "cbfks.exe" located in %System%
imonitor ([path to trojan])
絕對不需要的程式
Detected by Sophos as Troj/Imoni-A. The filename can be random but the most common one is "imonitor.exe" in %Windir%
Installs SP4 ([path] repcale.exe [path] p0rd.exe)
絕對不需要的程式
Detected by Sophos as W32/Randon-AK. Both files are located in %System%\ekrlgc
Installs SP2 ([path] repcale.exe [path] palsp.exe)
絕對不需要的程式
Added by a variant of the RANDON.AN WORM! Both files are located in %System%\qpalsp