Assiste.com
Virus - Vaccination - Injection trace pour immunisation
Virus - Vaccination : : Système à protéger - Injection d'une trace des malveillances dont on veut bloquer l'installation (immunisation). Voir aussi « Kill bit ».
cr 01.04.2012 r+ 21.08.2020 r- 20.04.2024 Pierre Pinard. (Alertes et avis de sécurité au jour le jour)
|
Dossier (collection) : Encyclopédie |
|---|
| Introduction Liste Malwarebytes et Kaspersky ou Emsisoft (incluant Bitdefender) |
| Sommaire (montrer / masquer) |
|---|
Vaccination : Injection dans un système (Windows) à protéger d'un identifiant d'une malveillance lui faisant croire qu'elle est déjà installée. Lorsqu'elle se présente et tente d'infecter le système, elle se croit déjà présente et ne l'infecte pas.
Il s'agit de créer, dans le système à immuniser, les marqueurs inertes des virus contre lesquels on souhaite se protéger. Il faut que ces marqueurs soient certains (par exemple un nom de fichier certain et non aléatoire, une valeur certaine et non aléatoire dans une clé de registre, etc.).
Par exemple :
- Enregistrement d'un fichier vide, mais portant le nom de l'un des fichiers de la malveillance, et protection de ce fichier vide.
- Enregistrement de l'identifiant (CLSID) de l'application malveillante dans le registre Windows
Il faut aussi protéger ces marqueurs inertes contre la destruction ou l'écrasement (lecture seule - modification et suppression interdites [write-protect et delete-protect]).
Certains virus assez primaires croiront alors avoir déjà infecté la machine et ne s'installeront pas.
Est-ce que cette technique est applicable aux virus ?
Oui, mais très partiellement et uniquement contre des virus totalement primitifs.
La vaccination ne relève pas d'une technologie, mais d'une simple astuce. Les mutations automatiques des virus polymorphes durant leurs réplications, comme les clones singuliers produits par les générateurs de virus rendent le principe de la vaccination totalement obsolète et vieillot.
Dans la pratique, cette astuce ne s'applique que très mal aux purs virus et n'a donc jamais été déployée. Elle l'est massivement contre des objets malicieux non viraux comme :
- Les contrôles ActiveX (qui peuvent être des chevaux de Troie véhiculant un virus). Voir la technique du Kill Bit. Les outils comme SpyBot Search & Destroy ou SpywareBlaster ont utilisé cette astuce. La technologie scélérate ActiveX, de Microsoft, est enfin abandonnée.
Contre les virus, rien ne vaut, avant tout, le Safe CeX, puis un bon antivirus et un bon contrôleur d'intégrité.
Exemple du principe de vaccination appliqué aux virus : Malware Immunizer :
Avec ce logiciel, il s'agit de créer des marqueurs indélébiles et de les protéger afin de faire croire au parasite qu'il est déjà installé ou de l'empêcher de s'installer. C'est le principe des « dummy » files. Cela a très peu d'envergure et cible des trucs qui n'existent plus.
Par exemple, Malware Immunizer écrit et protège les marqueurs d'environ 250 parasites et quelques crapwares mais on trouve dedans des trucs qui n'existent plus du tout (les sociétés ont déposé le bilan ou ont totalement cessé cette activité depuis des années) comme Claria, Gator, Gator/Claria, Aureate/Radiate (n'existe plus depuis 2002 !), CoolWebSearch, Cydoor, etc.
D'autre part, si l'on compare la liste des fichiers leurrés pour BargainBuddy par Malware Immunizer (44 fichiers) à ma propre liste de fichiers de ce parasite (231 fichiers et 7 répertoires) on voit que Malware Immunizer est « léger » et mal informé.
Relire cette plainte contre BargainBuddy (anglais, 5 pages).
Bref... Il n'y a pas de vaccination contre les virus informatiques.
Voici les marqueurs de vaccination (« signatures ») de Malware Immunizer au 16 août 2007. Ce sont des « enveloppes » (« contenants ») et non pas des « contenus » ce qui est contraire à toutes les recommandations faites ici. C'est juste un « délit de sale gueule ».
;This is the malware definition file for Malware Immunizer
;DO NOT delete this file! DO NOT modify this file unless you know what you are doing
;If you wish to add your own definition you may do so
;The symbol ":" (without quotes) should be used to define the name of the malware file
;After that just add the path with file/folder name below
;Predefined pathes - %w for Windows directory
; %s for System directory
; %p for Program Files directory
; %c for Common Files directory
; %r for the root directory
;DO NOT use the real path! you must substitute the Windows directory with %w and so on
:Unknown
;For item with path & name that belongs to 2 or more malware or it is unknown
%s\regsvc32.exe
%s\server.exe
%s\svhost.exe
%s\svchost32.exe
%s\winsvc.exe
%s\winupd.exe
%w\csrss.exe
%w\explore.exe
%w\rundll16.exe
%w\svchost.exe
:Potential Destructive
;For items that remove the registry entries or files without asking the user which can cause damages and does not provide working undo function prior to removal. Also for items that make the system inoperable. These can be legitimate application
%p\beclean\
%p\fix my registry\
;Registry Power Cleaner
%s\winctl3.ocx
%s\winctl4.dll
%s\winutil4.dll
%p\winferno\
:Rogue Anti-Malware & Software
;100 Percent Anti-Spyware
%p\scorpio software\
;1 Click Spy Clean
%p\secure pc solutions\
;#1 Spyware Killer
%p\#1spywarekillerv2.1\
;1stAntiVirus
%p\1stantivirus\
;Ad Armor
%p\ad armor\
;Ads Alert
%p\pcprivacysoftware.com\
;ADS Adware Remover
%p\ads adware remover\
;Adware Agent
%p\adware agent\
;ADWare Bazooka
%p\adwarebazooka\
;Adware Finder
%p\adfindertoolbar\
%p\adwarefinder\
;AdwarePatrol
%p\adware patrol\
;Adware Punisher
%p\adwarepunisher\
;Adware Remover
%p\adware remover\
;Adware Remover Gold
%p\adwareremovergold.com\
;Adware Sheriff
%p\adwaresheriff\
;AdwareSpy
%p\adwarespy\
;AdWare SpyWare Removal
%p\adware spyWare removal\
;AdwareX Eliminator
%p\adwareX eliminator\
;Agent Spyware
%p\softwaredoctor\
;AlertSpy
%p\alertspy\
%s\fk.dll
;AntiSpyware Soldier
%p\antispyware soldier\
;AntiSpyZone
%p\antispyzone 5.0\
;AntiVermins
%p\antivermins\
;Antivirus Protection
%p\antivirus protection\
%s\filekiller.dll
;Antivirus Solution
%p\antivirus solution\
;AntivirusGolden
%p\antiviralgolden\
%p\antivirusgoldenpro\
;AVSystemCare
%p\avsystemcare\
;BPS Spyware Remover
%p\bps remover\
%p\bulletproofsoft.com\
;BraveSentry
%p\bravesentry\
;CleanX
%p\cleanx2007\
;CodeClean
%p\codeclean2007\
;ContraVirus
%p\contravirus\
;CurePCSolution
%p\curepcsolution\
;Doctor Adware
%p\doctor adware\
%p\doctor adware pro\
;Easy Erase Spyware Remover
%p\easy erase spyware remover\
;ETD Security Scanner
%p\etd security scanner\
;ExpertAntivirus
%p\expertantivirus\
;Flobo Spyware Clean
%p\flobo spyware clean\
;Froggie Scan
%p\froggie scan demo\
;GoodBye Spy
%p\goodbye spy\
;GuardBar
%p\guardbar\
;HitVirus
%p\hitvirus\
;IC Spyware Scanner
%p\allume systems\
;Kazaap Adware and Spyware Remover
%p\kazaap\
;Kill And Clean
%p\killandclean\
;KillSpy
%p\killspy.net\
;MalwareAlarm
%p\malwarealarm\
%w\xpupdate.exe
;Malware Sweeper
%p\malwaresweeper.com\
;Malware Stopper
%p\malwarestopper\
;MalwareWipe
%p\malwarewipe.com\
%p\malwarewipers\
;MyNetProtector
%p\mynetprotector\
;MySpyProtector
%p\myspyprotector\
;Neospace Internet Security
%p\neospace\
;PAL Spyware Remover
%p\pal spyrem\
;PC Health Plan
%p\pc health plan\
;PerfectCleaner
%p\perfectcleaner\
;Pestbot
%p\pestbot\
;PestCapture
%p\pestcapture\
;PestTrap
%p\pesttrap\
;Privacy Champion
%p\privacy champion\
;Privacy Crusader
%p\privacy crusader demo\
;Privacy Defender
%p\btppdv2.2\
%p\pcsecurityshield\
%p\prvdef4.0\
;PSGuard
%p\psguard\
;PurityScan
%p\purityscan\
%s\ndrv.dll
%s\ndrv.exe
%s\winservn.exe
%s\winservs.exe
%s\wnscpit.exe
%s\wnsintsv.exe
%s\wnsinttr.exe
%s\wnsapisv.exe
%s\wnsapisu.exe
%s\wnscpcc.exe
%s\wintsvsu.exe
;RazeSpyware
%p\razespyware\
;RegFreeze
%p\regfreeze\
;Remedy AntiSpy
%p\remedyantispy\
;Safe & Clean
%p\unspypc\
;Scan & Repair Utilities
%p\scan & repair utilities 2007\
;ScanSpyware
%p\scanspyware v3.8.0.4\
;SecureMYpc
%p\securemypc\
;Security iGuard
%p\security iguard\
;SpyFalcon
%p\spyfalcon\
%s\dxmpp.dll
%s\ginuerep.dll
%s\twain32.dll
;SpySheriff
%p\spysheriff\
%r\winstall.exe
;Spyware Remover
%p\spyware remover\
:123Search
%s\msiebho.dll
%s\msietk1020.dll
:180search Assistant
%p\180search assistant\
%p\180searchassistant\
%w\fejgl.exe
%w\ihsn.exe
:2020search
%p\srng\
%s\2020search.dll
%s\2020search2.dll
%w\2020install.exe
%w\2020search.dll
%w\2020search2.dll
%w\mssvr.exe
:2ndThought
%p\stc\
%s\2ndsrch.dll
%s\stcloader.exe
:2Search
%p\2search\
%p\the guard\
%s\007guard.exe
%s\2searchinstaller.exe
%s\feeds\
:7FaSSt
%p\fs\
%s\7search.dll
:ABetterInternet
%c\betterinternet\
%p\abetterinternet\
%p\netturbotrial\
%s\bdle4012.exe
%s\bik.exe
%s\ezxiiyv.exe
%s\farmmext.exe
%s\imgiant.dll
%s\laziqn.exe
%s\ln_reco.exe
%s\nnmzoq.exe
%s\polau2c.exe
%s\randreco.exe
%s\stmtreco.exe
%s\susp_reco.exe
%s\wbtvsffd.exe
%s\xxvyaj.exe
%w\abiuninst.htm
%w\banner.dll
%w\bi.dll
%w\biprep.exe
%w\btgrab.dll
%w\buddy.exe
%w\ceres.dll
%w\dlmax.dll
%w\druninst.exe
%w\ejgekgpq.ini
%w\farmmext.exe
%w\imgiant.dll
%w\imguninst.exe
%w\morphacl.dll
%w\mxtarget.dll
%w\pynix.dll
%w\speer2.dll
%w\speeryox.dll
%w\voiceip.dll
%w\zserv.dll
:Accoona Toolbar
%p\accoona\
:ACEBar
%p\acetoolbar\
%p\internet explorer\atlapp.sys
:AdPartner
%s\aplsp.dll
:AdStatus
%p\adstatus service\
:Altnet
%p\altnet\
:Apropos
%p\aproposclient\
%p\aprps\
%p\cxtpls\
%p\sysal\
%s\atmon.exe
%s\intfaxui.exe
:ArcadeRockstar
%p\arcaderockstar\
:Assasin Backdoor
%s\dhcp32\
%s\ide\
%s\win type\
%w\ms spool32.dat
%w\ms spool32.exe
%w\pool32.exe
:Aureate/Radiate
%p\mediaring talk\
%s\adimage.dll
%s\advert.dll
%s\advertcontrolxcontrol.ocx
%s\amcis.dll
%s\amcis2.dll
%s\amcis3.dll
%s\anadsc.ocx
%s\anadscb.ocx
%s\htmdeng.exe
%s\ipcclient.dll
%s\ipclient.dll
%s\msipcsv.exe
%s\tfde.dll
:Aurora
%s\drpmon.dll
%s\poller.exe
%w\aurora.exe
%w\aurorahandler.dll
%w\bolger.dll
%w\nail.exe
%w\svcproc.exe
:AutoSearch
%s\msinfosys.dll
%s\safesearch.dll
:AutoStartup
%s\ast.exe
%w\ac.aut
%w\ast.exe
%w\ib.exe
%w\unast.exe
:BackWeb
%p\backweb\
%s\dlgli.exe
:Bagle Worm
%r\ntldr.exe
%s\_dll.exe
%s\anti_troj.exe
%s\bawindo.exe
%s\bawindo.exeopen
%s\bawindo.exeopenopen
%s\doriot.exe
%s\drvddll.exe
%s\drvddll.exeopen
%s\drvddll.exeopenopen
%s\exefld\
%s\hldrrr.exe
%s\loader_name.exe
%s\loader_name.exeopen
%s\loader_name.exeopenopen
%s\re_file.exe
%s\sys_xp.exe
%s\sys_xp.exeopen
%s\sys_xp.exeopenopen
%s\win32lib.exe
%s\windirect.exe
%s\windll.exe
%s\windll.exeopen
%s\windll.exeopenopen
%s\wingo.exe
%s\wingo.exeopen
%s\wingo.exeopenopen
%s\winhost.exe
%s\wintems.exe
%s\winxp.exe
%s\winxp.exeopen
%s\winxp.exeopenopen
%s\winxp.exeopenopenopen
%s\winxp.exeopenopenopenopen
:BargainBuddy
%p\bargain buddy\
%p\bullseye network\
%p\cardcrazy\
%p\cashback\
%p\funcade\
%p\navisearch\
%s\angelex.exe
%s\bbchk.exe
%s\exclean.exe
%s\exdl.exe
%s\exdl0.exe
%s\exdl1.exe
%s\exdl2.exe
%s\exdl3.exe
%s\exul.exe
%s\exul1.exe
%s\exul3.exe
%s\instsrv.exe
%s\javex80.vxd
%s\javexulm.vxd
%s\mqexdlm.srg
%s\msbe.dll
%s\mscb.dll
%s\msexreg.exe
%s\msxct.exe
%s\netut80ex.vxd
%s\nvms.dll
%s\vx0.nls
%s\vx0x.nls
%s\vx1.nls
%s\vx1x.nls
%s\vx2.nls
%s\vx2x.nls
%s\vx3.nls
%s\vx3x.nls
%w\ahcb.exe
%w\bargain4.exe
%w\bbchk.exe
%w\exclean.exe
%w\exdl.exe
%w\exul.exe
%w\msxct.exe
%w\zeta.exe
:BDE
%p\bde\
%r\bde\
%s\bdedata2.dll
%s\bdedownloader.dll
%s\bdefdi.dll
%s\bdeinsta2.dll
%s\bdeinstall.exe
%s\bdesecureinstall.cab
%s\bdesecureinstall.exe
%s\bdeverify.dll
%w\bde\
:Best Offers
%p\tbonbin\
:BlazeFind
%p\windowssa\
%s\2_0_1browserhelper2.dll
%s\3_0_1browserhelper3.dll
%s\5_0_1browserhelper5.dll
%s\iesearchbar.dll
%s\unstsa2.exe
:BonziBuddy
%p\bonzibuddy\
:BookedSpace
%s\acd.dll
%s\anaamon.dll
%s\bs2.dll
%s\bs3.dll
%s\bsx5.dll
%s\bxsx5.dll
%s\bxxs5.dll
%s\oo4.dll
%s\rem00001.dll
%w\bs2.dll
%w\bs3.dll
%w\bsx32\
%w\bsx5.dll
%w\bxxs5.dll
%w\cfg32p.dll
%w\oo4.dll
:BroadcastPC
%p\bcpc\
%p\bpc_search\
%p\bpt\
%p\brp\
%p\btv\
%p\rvp\
%p\tvs\
:BrowserAid
%p\browser pal\
%p\letssearch\
%s\broweraidtoolbar.dll
%s\highlighthelper.dll
%s\inetp60.dll
%s\msiefr40.dll
%s\quicklaunchie.dll
%s\rsstoolbar.dll
%s\rundll16.dll
%s\stlbad123.dll
%s\stlbdist.dll
%s\stlbupdt.dll
%w\rundll16.dll
%w\uptodate.exe
:Buchon Worm
%r\csrss.exe
:BuddyLinks
%c\psd tools\
%p\buddylinks.net\
:BZub Trojan
%s\ipv6mons.dll
:Claria
%c\cmeii\
%c\gmt\
%p\gator.com\
:ClearSearch
%p\clearsearch\
%p\cntrc\
%p\csbb\
%p\lycos\
%s\csie.dll
%s\ie_clrsch.dll
%s\ietie.dll
:ClickTheButton
%s\ctbhooks.dll
%w\ctb3_shared\
:ClickToSearch
%s\bpv1a.dll
%s\bpv2s.dll
%s\bpv2t.dll
:ClientMan
%p\clientman\
%s\disable.dll
%s\disable1.dll
%s\msccof.exe
%s\mscdka.dll
%s\mscpbo.exe
%s\msdaim.dll
%s\msdlgk.dll
%s\mseclk.dll
%s\msedah.dll
%s\mseffm.dll
%s\msenfh.dll
%s\msfaol.dll
%s\msgdmf.exe
%s\msibkd.dll
%s\msjfbl.dll
%s\mskceo.dll
%s\mskehb.dll
%s\mskhhe.dll
%s\mskpkc.dll
%s\mslefh.dll
%s\msmc.exe
%s\msmdld.DLL
%s\msmm.exe
%s\msncjk.dll
%s\msnkmi.dll
%s\msobfl.dll
%s\msongn.exe
:ClipGenie
%p\clipgenie\
:ClockSync
%p\clocksync\
:Coder Dialer
%w\coder\
:Colej_uk Design Toolbar
%p\colej_uk design toolbar\
:ConfigSys
%w\configsys\
%w\smss.exe
:Conscorr
%w\conscorr.exe
:CoolWebSearch
%s\1.00.07.dll
%s\adddx.dll
%s\addgp32.exe
%s\addwh32.exe
%s\apica.exe
%s\apioe.exe
%s\apivy.exe
%s\appio.exe
%s\appis32.exe
%s\appjc32.exe
%s\appoe32.exe
%s\astctl32.dll
%s\astctl32.ocx
%s\atlhy.exe
%s\atlkt32.exe
%s\atlpv32.exe
%s\autosearch.dll
%s\avpcc.dll
%s\bootconf.exe
%s\bpln.dll
%s\coolwebsearch-info.dll
%s\crby32.exe
%s\crcz.exe
%s\criticalupdater.exe
%s\crko.exe
%s\crsw32.exe
%s\crxa.exe
%s\ctfmon32.exe
%s\ctrlpan.dll
%s\d3fm.exe
%s\d3gj.exe
%s\d3ul32.exe
%s\delj.dll
%s\dnse.dll
%s\dnserr.dll
%s\dnsrelay.dll
%s\dreplace.dll
%s\dxm8vb.dll
%s\excel10.dll
%s\famcff.dll
%s\gegnba.dll
%s\gejafa.dll
%s\gln.dll
%s\googlems.dll
%s\hlmk.dll
%s\iefeatsl.dll
%s\iefi.exe
%s\iefy.exe
%s\iehost34.exe
%s\ietoolbar.dll
%s\ieug32.exe
%s\iewe32.exe
%s\ipgs.exe
%s\iphj32.exe
%s\ippy.exe
%s\ipst32.exe
%s\jehmbyxrubdb.dll
%s\kha.dll
%s\kncjmlb.dll
%s\mfcgt32.exe
%s\mfcqc32.exe
%s\mfcuo.exe
%s\mgs_32.dll
%s\mid.dll
%s\msconfd.dll
%s\mshelper.dll
%s\msiesh.dll
%s\msph32.exe
%s\mssearch.dll
%s\msspi.dll
%s\mssz32.dll
%s\msupdate.exe
%s\msxmlpp.dll
%s\mtwirl32.dll
%s\mupdate.exe
%s\navext.dll
%s\netjh32.exe
%s\ntdx.exe
%s\oifhhio.dll
%s\oipa.dll
%s\olehelp.exe
%s\opc.dll
%s\pnkeb.dll
%s\sdkdh.exe
%s\sdkhb32.exe
%s\sdkly.exe
%s\searchaddon.dll
%s\services\
%s\sqlbgb.dll
%s\submithook.dll
%s\sys_ext.dll
%s\toolband.dll
%s\wcadw.dll
%s\webinfo.dll
%s\wer1306.dll
%s\winga.exe
%s\winlink.dll
%s\winlo.exe
%s\winns32.exe
%s\winproc32.exe
%s\winres.dll
%s\winyw32.exe
%s\word10.dll
%s\xplugin.dll
%s\xxxvideo.hta
%w\addkc32.exe
%w\apiac.exe
%w\apifb.exe
%w\apigj.exe
%w\apijn32.exe
%w\apivt.exe
%w\appsh.exe
%w\appwn32.exe
%w\atlfs32.exe
%w\atlrl32.dll
%w\avpcc.dll
%w\bipw.exe
%w\crvl.exe
%w\ctrlpan.dll
%w\d3cq.exe
%w\d3fd32.exe
%w\d3fl32.exe
%w\d3nr32.exe
%w\d3ue.exe
%w\d3zg.exe
%w\default.css
%w\dpe.dll
%w\fonts\msoffice.hta
%w\help\helpcvs.exe
%w\help_dcc.dll
%w\help_ecc.dll
%w\ieoo\
%w\iexplorer.exe
%w\image.dll
%w\ipog.dll
%w\ipyx32.exe
%w\kk8pwxm634.exe
%w\mfcbm32.dll
%w\mfckb.exe
%w\mfcui32.exe
%w\msconfd.dll
%w\msew\
%w\msnc32.exe
%w\mszv32.exe
%w\my.css
%w\navext.dll
%w\ntwg.exe
%w\ntwn.exe
%w\ntyk32.exe
%w\ntyo32.exe
%w\olehelp.exe
%w\qttasks.exe
%w\sdkev.exe
%w\sdkrr32.exe
%w\sistem.exe
%w\sys.reg
%w\sysbj\
%w\sysea.exe
%w\sysjq.exe
%w\syskr.exe
%w\syslr.exe
%w\syspi\
%w\winfj\
%w\winmc.exe
%w\winnj32.exe
:CommonName
%p\commonname\
:Coulomb Dialer
%s\comload.dll
:CouponAge
%s\calsp.dll
:CouponDeals
%s\cdlsp.dll
%s\cdsync.dll
:CPush
%c\cpush\
:CrocoPop
%s\crocopop32.exe
:CustomToolbar
%s\customtoolbar.dll
:Cydoor
%s\adcache\
%s\cd_clint.exe
%s\cd_gif.dll
%s\cd_htm.dll
%s\cd_load.exe
%s\cd_swf.dll
%w\roodyc\
:DateManager
%p\date manager\
:DateRegon
%p\dateregon\
:DealHelper
%p\dealhelper.com inc\
%p\dealhelper\
%s\dun.exe
%s\hookpopup.dll
%s\newmsrdk2.zip
%w\dealhlpr.dll
%w\dhbrowser.exe
%w\dhbrwsr.exe
%w\dhdom.bin
%w\dhdom1.bin
%w\dhdomp.bin
%w\dhdomp1.bin
%w\dhkw.bin
%w\dhkw1.bin
%w\dhp.dll
%w\dhp2.dll
%w\dhsigned.ocx
%w\dhsvr.exe
%w\dhun.exe
%w\dhupdt.exe
%w\dsearch.bin
%w\dsearch1.bin
:Dealio Toolbar
%p\dealio\
:DealsOnline
%s\dolsp.dll
:Delf-HA Trojan
%s\rundnm.exe
:DeltaBar
%s\deltaclick.dll
:Diabolo
%s\diabolo.exe
:DialerOffline
%s\dialeroffline.dll
:DlDer
%w\dlder.exe
%w\explorer\
:Data Doctor KeyLogger
%p\keylog\
%s\urncb.dll
%s\urncbc.dll
:DownloadReceiver
%c\eacceleration\
:DownloadWare
%p\downloadware engine\
%p\downloadware\
%p\kfh\
%p\medch\
%p\mlh\
%p\movienetworks\
%p\popcorn.net\
%p\real-tens\
:DreamPopper
%s\dreampopper.dll
:DriveCleaner
%c\drivecleaner free\
%p\drivecleaner 2006 free\
%p\drivecleaner free\
:E2Give
%p\data19\
%p\e2g\
%p\e2give\
%r\e2g\
%s\askearth17.exe
%s\ei.exe
%s\filgmo.exe
%s\iebhos.dll
%s\iniwin32.dll
%s\prutpct.exe
%s\prutsct.exe
%s\pruttct.exe
%s\ptech.exe
%s\skytown.exe
%w\pi1.exe
:EasyDates
%p\comsoft\
:EasyWWW
%s\easywww.exe
%s\easywww2.exe
%s\easywww3.exe
%w\easywww.exe
%w\easywww2.exe
%w\easywww3.exe
%w\ewupdater.exe
%w\iewww.exe
%w\iewwwint.exe
%w\redirect5.exe
:Ebates Moe Money Maker
%p\ebates_moemoneymaker\
%p\ebatesmoemoneymaker\
%p\webrebates\
%p\websearch\
:eBlaster
%s\nvrcr32.dll
%s\rmashlex.dll
:EliteBar
%s\bkmsf32.dat
%w\elitebar\
%w\elitesidebar\
%w\elitetoolbar\
%w\etb\
:Employee Watcher
%r\windowsupdate\
:Emcodec
%p\emedia codec\
%p\media-codec\
:Eros Dialer
%s\eros.exe
:eStart
%s\estartlinkrotater.exe
%s\goupdate.exe
%s\links.dll
%w\goupdate.exe
:eXact Search Bar
%p\exact\
:Expext
%s\expext.dll
:ExploreAnywhere
%p\exploreanywhere\
:ExPup
%s\expup.exe
:eZula
%p\ezula\
%p\web offer\
%s\ezpopstub.exe
%s\ezstub.exe
%w\ezinstall.exe
%w\woinstall.exe
:Ezurl
%p\ezurl\
%s\_epnt.sys
%s\keymap.dll
:f0r0r
%s\f0r0r\
:Family Cyber Alert
%s\fcyberalert\
:Family Keylogger
%s\ctf\
:FastSeeker
%p\fastseeker\
%s\fastseekertoolbar.dll
%w\fastseekersetup.ocx
%w\fastseekersetupv2.ocx
:FavoriteMan
%s\aess2.dll
%s\arb1tal.dll
%s\atpartners.dll
%s\casldr.dll
%s\dlh0st.dll
%s\emesx.dll
%s\f1.dll
%s\favboot.dll
%s\favman.dll
%s\favorite.dll
%s\fone.dll
%s\gold2.dll
%s\gr02.dll
%s\im64.dll
%s\in10b6s.dll
%s\lstb4drc.dll
%s\lstb4drc.exe
%s\lwz.dll
%s\mbr32.dll
%s\mmview_101.dll
%s\mpz300.dll
%s\n3tpa1p.dll
%s\ofrg.dll
%s\otw0i.dll
%s\pavb1u2.exe
%s\pdfzzy.dll
%s\ss.dll
%s\ss32.dll
%s\sysldr.dll
%s\td1.dll
%s\trk.dll
%s\zz.dll
:FindWhateverNow
%p\fwn toolbar\
%s\fwntoolbar.dll
:FileSubmit
%p\filesubmit\
:FlashTrack
%p\fen\
%p\fla\
%p\flcp\
%p\fln\
%p\flt\
%p\ftapp\
%p\ftk\
%p\reg2\
%p\xml\
%p\xmod\
%s\flcp.dll
%s\flt.dll
%s\ftapp.dll
:FreeScratchAndWin
%p\fsw\
%s\idleui.dll
%s\support.exe
:Frsk
%w\frsk.exe
%w\savestartdate.exe
:GlobalDialer
%p\globaldialer\
:GMSoft Dialer
%p\dialers\
%p\gmsoft\
%p\gsoft\
%p\paymentone\
%p\primesoft\
%p\pvm\
%p\scom\
%p\vcom\
:Ghost Keylogger
%p\sync manager demo\
%s\msxver64.sqr
:Globe7
%p\globe7\
:GoHip
%p\browserenh\
%s\ie.dll
:GreatSearchResults
%p\gsr\
:Haxdoor Backdoor
%s\avload32.dll
%s\avpe32.dll
%s\avpi32.dll
%s\avpp32.dll
%s\avpx32.dll
%s\avpx32.sys
%s\avpx64.sys
%s\axdebugl.dll
%s\axxt32.dll
%s\bmtdhh.dll
%s\boot32.sys
%s\bt848rom.dll
%s\c3.dll
%s\c3.sys
%s\c4.sys
%s\cdscsix3.dll
%s\cert32.dll
%s\cm.dll
%s\cz.dll
%s\ddirectz.dll
%s\debugg.dll
%s\directpt.dll
%s\directut.dll
%s\docent0.dll
%s\docent2.dll
%s\draw32.dll
%s\drct16.dll
%s\dvb03a.dll
%s\dvb03a.sys
%s\dvb06a.sys
%s\dvd4free.dll
%s\dxtpdx.dll
%s\eetvpn.dll
%s\eetvpn.sys
%s\eexvpn.sys
%s\emldvc.dll
%s\extfpu.dll
%s\extxerox.dll
%s\flashdrvr.dll
%s\fuxx32.dll
%s\gatexkey.dll
%s\gdiwxp.dll
%s\gdwxp3.dll
%s\hm.sys
%s\hpprintx.dll
%s\hz.dll
%s\ideusr50.dll
%s\ies4dll.dll
%s\iesdl4l.dll
%s\jsdapi.exe
%s\klo5.sys
%s\lanh32.dll
%s\lanmui.dll
%s\ljjhh.dll
%s\logon16x.dll
%s\lsd_f3.dll
%s\mcfcc4.dll
%s\mcfg7a.dll
%s\mdfpro.dll
%s\memlow.sys
%s\mmx17g.dll
%s\mmx432.dll
%s\mmx4xt.dll
%s\mmxeroxk.dll
%s\mmxf32.dll
%s\mmxf64.sys
%s\msplg7.dll
%s\nclabydll.dll
%s\nkgfs.sys
%s\nkunpack.dll
%s\nuclabdll.dll
%s\obbn13t.dll
%s\openglss.dll
%s\pdx.dll
%s\pptp16.dll
%s\pptp24.sys
%s\pptp32.dll
%s\ppts16.dll
%s\printpnp.dll
%s\prw76sks.sys
%s\prwsks.dll
%s\psksds.dll
%s\qo.dll
%s\qo.sys
%s\qy.sys
%s\qz.dll
%s\qz.sys
%s\rdrvr2.dll
%s\regp32.dll
%s\rsdapi.dll
%s\satau320.dll
%s\satdll.dll
%s\satmmc.dll
%s\sdcard98.dll
%s\sdmapi.sys
%s\se500mdm.dll
%s\se633mxx.dll
%s\semd32.dll
%s\sertgs.dll
%s\sks2drvr.sys
%s\sksdll.dll
%s\sksdrvr2.sys
%s\skyx16.dll
%s\smtapi.sys
%s\snda32.dll
%s\sndu32.dll
%s\svjvpn.sys
%s\svkvpn.dll
%s\svkvpn.sys
%s\tcpg4t.dll
%s\tcpgdc.dll
%s\tcpr32.dll
%s\tcpwrk.dll
%s\twpkad.dll
%s\twpr32.dll
%s\vdmt16.sys
%s\vdnt32.sys
%s\vistax.dll
%s\vtd_16.exe
%s\w32_ss.exe
%s\wd.sys
%s\winf44.dll
%s\winlow.sys
%s\winm32.dll
%s\wndtx1.dll
%s\wxtwdx.dll
%s\wz.dll
%s\xcdmfree.dll
%s\xdpptp.sys
%s\xdudtt.dll
%s\xmm13g.dll
%s\xmsk32.dll
%s\xmsk64.sys
%s\xopptp.dll
%s\xopptp.sys
%s\xptp16.dll
%s\xptptt.dll
%s\ycsrgb.sys
%s\ycsvga.sys
%s\ycsvgd.sys
%s\ydsvgd.dll
%s\ydsvgd.sys
%s\yvbb01.dll
%s\yvpp01.dll
%s\yvpp01.sys
%s\yvpp02.sys
%s\yvprgb.dll
%s\yvsvga.dll
%s\yvsvga.sys
%s\zopenssl.dll
:Holystic
%s\preload.ocx
:Home Keylogger
%p\homekeylogger\
:HotBar
%p\hbinst\
%p\hbtools\
%p\hotbar\
:Httper
%p\httper\
%p\system soap pro\
%s\httper.dll
:HuntBar
%c\btlink\
%c\msiets\
%p\search toolbar\
%s\btiein.dll
%s\msiein.dll
%s\msielink.dll
%s\wtoolsb.dll
:IEAccess
%s\dhtmlaccess.dll
%s\eghtmldialer.dll
%s\ieaccess2.dll
:IEDriver
%s\iedriver\
:IEFeatures
%s\iefeatures.exe
%s\iefeaturesversion.exe
%s\internetfeatures.exe
:IEHook
%s\iehook.dll
%w\iehook.dll
:IEHost
%s\iehost.exe
:IEMonit
%s\iemonit.dll
:IEPlugin
%c\wqzq\
%s\atmtd.dll
%s\atmtd.dll._
%w\dinst.exe
%w\dlgb.exe
%w\dsr.dll
%w\dsr.exe
%w\extract.exe
%w\id.exe
%w\invitessk.exe
%w\offerssk.exe
%w\pxckdla.exe
%w\pxckdlauninstall.exe
%w\rgrt.exe
%w\snbho.exe
%w\ssk.exe
%w\systb.dll
%w\systb.exe
%w\ts.exe
%w\wcby\
%w\wdskctl.exe
%w\winobject.dll
%w\winserv.exe
%w\wqzq\
%w\wupdt.exe
:IETray
%s\iemsg.dll
:IGetNet
%s\bho.dll
%s\bho001.dll
%s\install_all.dll
%s\rsp.dll
%s\rsp001.dll
%s\update_bho.dll
%s\update_com.dll
%s\update_hosts.dll
%s\update_removeold.dll
%s\update_rsp.DLL
%s\winstart.exe
%s\winstart001.exe
:ILookup
%s\abeb.dll
%s\absnro.dll
%s\belop.dll
%s\bmeb.dll
%s\bundler_mpb_sb.exe
%s\chgrgs.dll
%s\drbr.dll
%s\gws.dll
%s\ineb.dll
%s\sbus.dll
%s\waeb.dll
%s\windec32.dll
%s\winenc32.dll
%s\winsrm32.dll
%w\ilookup\
:INetSpeak
%p\internet explorer\boombar.dll
%s\iexplorr11.dll
%s\iexplorr22.dll
%s\iexplorr23.dll
%s\iexplorr24.dll
%s\iexplorr25.dll
%s\iexplorr26.dll
%s\iexplorr27.dll
%s\iexplorr29.dll
%s\windowsie.dll
:InstaFinderK
%p\instafink\
:Install Provider
%p\install provider\
:Instant Access Dialer
%p\instant access\
%s\egdhtml_1023.dll
%s\egdhtml_1024.dll
%s\egdhtml_1025.dll
%s\egdhtml_1026.dll
%s\egdhtml_1027.dll
%s\egdial.dll
%s\ia.dll
%s\mseggrpid.dll
%w\exedialer.exe
:Instant Buzz
%p\instant buzz\
:Invisible Secrets Toolbar
%p\invisible secrets toolbar\
:Ipwins
%p\ipwindows\
:IRCBot
%s\wgareg.exe
%s\wgavm.exe
:iSearch Toolbar
%s\toolbar.dll
:ISTbar
%p\istbar\
%p\lstsvc\
%s\aupdate.exe
%s\aupdate_uninstall.exe
%s\mscache.dll
%w\istsvc.exe
%w\mscache.dll
%w\mscache.exe
:Jeired
%s\jeired.dll
:Jraun
%s\keyactivex.ocx
%s\keyhost.exe
%s\version.exe
:Kebede Worm
%s\gcasctrl.exe
%s\updtscheduler.exe
:KeenValue
%c\keenvalue\
%c\updater\
%c\updmgr\
%p\incredifind\
%p\perfectnav\
%p\powersearch\
:KGB Keylogger
%p\kgb keylogger\
:KillAV Trojan
%s\iexplore.exe
:Kiswin
%p\ebayshop\
:Kuaiso Toolbar
%p\kuaiso toolsbar\
:LoadEWXD
%s\msxml4r.exe
:Luder Worm
%s\duel.exe
%w\xwrm.exe
:Magicads
%s\madise.dll
:MagicControl
%s\msegcompid.dll
%s\msklive.dll
%w\mc\
%w\mslagent\
%w\navpmc\
%w\wincomp\
%w\winmgts\
%w\wintrim\
:MakeMeSearch
%s\adv.dll
%s\dll.dll
%s\mtc.dll
%s\nas.dll
%s\tbc.dll
%s\tubby.dll
%s\vtlbar1.dll
:Malpayo Backdoor
%s\sys.exe
:MapiSvc
%s\mapisvc32.exe
:MDDialer
%p\md\
:Media Gateway
%p\media gateway\
:Media Motor
%w\a64sddd.exe
%w\imgurla.exe
%w\mm20.ocx
%w\mm21.ocx
%w\mm63.ocx
%w\mmups.exe
%w\unstall.exe
:MediaLoads
%p\medialoads\
%p\medialoads enhanced\
%p\network essentials\
%p\support software\
:MemoryWatcher
%p\memorywatcher\
:Meridian
%s\myaccess.dll
:Mirar Toolbar
%s\nn_bar.dll
%s\nn_bar21.dll
%s\nn_bar22.dll
%s\nn_bar31.dll
%s\winats.dll
%s\windmy.dll
%s\winnb40.dll
%s\winnb41.dll
%s\winnb42.dll
%s\winnb51.dll
%s\winnb52.dll
%s\winnb56.dll
%s\winnb57.dll
%s\winnb58.dll
%s\winnb60.dll
:Mostrar Dialer
%s\msa64chk.dll
%s\msapasrc.dll
:MPGCom
%w\iempg.dll
%w\iempg2.dll
%w\mpgcom.dll
%w\msnarrator.exe
:MrHop
%w\mrhop.dll
:Mydoom Worm
%s\avpr.exe
%s\microsystem.exe
%s\osalogbe.exe
%s\patch31345.exe
%w\patch31345.exe
:Mytob Worm
%r\hellmsn.exe
%r\winssystem.exe
%s\0.exe
%s\1hellbot.exe
%s\666.exe
%s\abs.exe
%s\ccsrs.exe
%s\coolbot.exe
%s\dcomuser.exe
%s\ds.exe
%s\evil.exe
%s\fixupdattr.exe
%s\gothica.exe
%s\hbmail.exe
%s\hostdrvxp.exe
%s\iexplorer.exe
%s\internet.exe
%s\itunegui.exe
%s\jusched32.exe
%s\lcd32.exe
%s\lien van de kelder.exe
%s\lien Van de kelderrr.exe
%s\lien vande kelder.exe
%s\lien vd kelder.exe
%s\lientjeuh.exe
%s\lienvandekelder.exe
%s\lienvdk.exe
%s\logic.exe
%s\logitechwls.exe
%s\mailinfo.exe
%s\mcscn.exe
%s\memloader.exe
%s\microupdate.exe
%s\mouse.exe
%s\msdev32.exe
%s\msgmr.exe
%s\msmgrxp.exe
%s\msnl.exe
%s\msplus32.exe
%s\mssck.exe
%s\mswins.exe
%s\mtrnqs.exe
%s\netcog.exe
%s\phantom.exe
%s\picx.exe
%s\plugnplay32.exe
%s\protection.exe
%s\remote.exe
%s\rundll.exe
%s\scalpe91.exe
%s\scrigz.exe
%s\scvhost32.exe
%s\sd.exe
%s\service5.exe
%s\shell.exe
%s\skybot.exe
%s\sp2fx.exe
%s\sp2winfix.exe
%s\stagmr.exe
%s\svshost.exe
%s\sword.exe
%s\sysconf.exe
%s\tagmr.exe
%s\taskgamr.exe
%s\taskgmr.exe
%s\taskgmr32.exe
%s\timemanager.exe
%s\twunk_65.exe
%s\w1nt5k.exe
%s\w32ntupdt.exe
%s\wdns33.exe
%s\wfdgmr.exe
%s\wfdmgr.exe
%s\wid32.exe
%s\win24.exe
%s\win32.exe
%s\windasz-updote.exe
%s\windowsfirewall.exe
%s\windowz.exe
%s\winds.exe
%s\wingmt32.exe
%s\winhlpapi.exe
%s\wininfo.exe
%s\winnt.exe
%s\winstart.pif
%s\winsvc32.exe
%s\winsys.exe
%s\winsys32.exe
%s\winsyscfg.exe
%s\wintasker.exe
%s\winvnc.exe
%s\wpwmgrs.exe
%s\xpfirewall.exe
%w\phantom.exe
%w\rundil.exe
%w\rundil32.exe
:MyWebSearch
%p\mywebsearch\
:NavExcel
%p\navexcel\
%p\navexcel search toolbar\
:nCase
%p\ncase\
:Need2Find
%p\need2find\
:NetMedia
%w\netmedia.exe
:Netsky Worm
%w\avbgle.exe
%w\avguard.exe
%w\avpguard.exe
%w\avprotect.exe
%w\avprotect9x.exe
%w\comp.cpl
%w\diskmonitor.exe
%w\easyav.exe
%w\firewallsvr.exe
%w\fooding.exe
%w\fvprotect.exe
%w\jammer2nd.exe
%w\kasperskyaveng.exe
%w\maja.exe
%w\msnmsgrs.exe
%w\pandaavengine.exe
%w\services.exe
%w\symav.exe
%w\sysmonxp.exe
%w\userconfig9x.dll
%w\visualguard.exe
%w\winlogon.exe
%w\winlogon.scr
%w\wserver.exe
:NewAds
%p\adsponsor\
%p\exolon\
%p\psupport\
:NewDotNet
%p\newdotnet\
:NSIS Media
%c\nsis\
:Nugache Worm
%s\mstc.exe
:OfferAgent
%w\switpa.exe
%w\switpb.exe
:Openwares
%p\arcade!\
%p\ddr\
%p\startup mechanic\
%s\auole4.dll
%s\slpube03.dll
%s\vlcx052.dll
:Optserve
%s\lp.dll
%s\lp.exe
%s\optserve.dll
%s\optserve.exe
:PC MightyMax
%p\pc mightymax\
:RaxSearch
%p\rax search helper\
%w\infodll.dll
:Rbot Worm
%s\msclt.exe
%s\speeder.exe
%w\lansas.exe
:RegiFast
%p\regifast\
:RelevantKnowledge
%p\relevantknowledge\
%s\intmon.exe
%s\mrkscr.exe
%s\rk.exe
%s\rkinstaller.exe
%s\rlvknlg.exe
%s\shnlog.exe
:Roogoo
%s\msplus.dll
%s\msplus1.dll
%s\msplus2.dll
%s\msplus3.dll
%s\msplus4.dll
:RXToolBar
%p\rxtoolbar\
:Sasser Worm
%w\lsasss.exe
%w\napatch.exe
%w\avserve2.exe
%w\avserve3.exe
%w\skynetave.exe
:SaveNow
%p\ezthemes_whenusavenow_installer\
%p\save\
%p\savenow\
:Scaggy
%w\cfg32.exe
%w\cfg32o.dll
%w\cfg32r.dll
%w\cfg32s.dll
:ScreenView
%p\screenview\
%w\svrmgr.exe
:SearchBarCash
%s\msqsb.dll
%s\seqsb.dll
:SearchCentrix
%p\dynamic toolbar\
%s\barbho.dll
%s\gsim.dll
%s\ifhelper.dll
%s\ifsomatic.dll
%s\mgeekremove.exe
%s\mygeek.dll
%s\pqhelper.dll
%s\reg2.exe
%s\s4helper.dll
%s\seantb.dll
%s\somatic.dll
%s\webalize.dll
%s\wzhelper.dll
%w\adrsb.exe
%w\gsim.dll
%w\waladhpr.exe
:SearchEx
%p\valintines day card\
%s\hmepge.dll
%s\homepage.dll
%s\hotlink.dll
%s\iebrw.dll
:SearchLocate
%p\searchlocate\
:SearchNet
%p\searchnet\
%s\servehost.exe
:SearchSquire
%s\searchsquire.dll
%s\searchsquire2.dll
%s\searchsquire3.dll
%s\searchsquire33.dll
%s\searchupdate31.exe
%s\searchupdate33.exe
:Seekmo
%p\seekmo\
:ShopAtHomeSelect
%p\selectrebates\
:ShopperReports
%p\shopperreports\
:SideFind
%p\sidefind\
:SnoopStick
%s\mslspcg.exe
%s\smdnn05.dll
%w\csssupd.exe
%w\cssswd.exe
%w\sscrg.exe
%w\ssdgt.exe
%w\ssls.exe
%w\ssmsgr.exe
:Sober Worm
%w\connectionstatus\
%w\winsecurity\
:Softomate
%p\ietoolbar\
%p\softomate\
:Sogou
%c\sogou pxp\
%p\p4p\
%s\comploader.dll
%s\socul.dll
%s\sodahk.dll
%s\unsocul.exe
:Spam Blocker Utility
%p\spamblockerutility\
:SpediaBar
%r\spedia\
:SpyBlast
%p\spyblast\
:SpyDawn
%p\spydawn\
%s\higehsg.dll
%s\xkrdk.dll
:SpyOnThis
%p\spyonthis\
:Spytech
%p\spytech software\
:Spyware Stormer
%p\spyware stormer\
:SpywareStrike
%p\spywarestrike\
%s\replmap.dll
%s\wiatwain.dll
:Starware
%p\starware\
:StealthWatcher
%p\stealthwatcher200\
%p\swagent\
:Stration Worm
%s\actidmoc.exe
%s\admeiolo.dll
%s\avifipxr.dll
%s\brwconf.exe
%s\brwmgr32.dll
%s\brwperf.exe
%s\brwprf32.dll
%s\brwstat.dll
%s\camodpnm.exe
%s\chkmfdep.exe
%s\comrkbdd.exe
%s\confbrw.dll
%s\davctool.dll
%s\davctool.exe
%s\ddemdmco.dll
%s\deskmcd3.dll
%s\dpugmswe.dll
%s\dsseds32.dll
%s\dsseds32.exe
%s\dnsrxpob.exe
%s\e1.dll
%s\fileserv.dll
%s\fltlauto.exe
%s\hhselz32.dll
%s\i4n27vl.exe
%s\iaspdpus.dll
%s\icmpdx3j.dll
%s\imesrdch.exe
%s\ipxrmfc4.dll
%s\ipxwshel.exe
%s\ir32racp.exe
%s\iuennwcf.dll
%s\jgdwadsn.dll
%s\jgdwadsn.exe
%s\jgsdrpcn.dll
%s\jgsdrpcn.exe
%s\kbdfwshe.exe
%s\kbdpkbdr.exe
%s\lmrtatkc.dll
%s\mcd3mscm.dll
%s\mgmtmtxc.exe
%s\mqadscp3.exe
%s\mqoacdmo.dll
%s\msafiasn.dll
%s\msexcred.exe
%s\mslsicwd.dll
%s\msnsxole.dll
%s\msnsxole.exe
%s\msstersv.dll
%s\oebdfc.dll
%s\qdvtscf.dll
%s\rcbdwmpd.dll
%s\rdpwmsjt.exe
%s\scp3jgaw.dll
%s\secumsje.exe
%s\shfoxpob.exe
%s\slbrmqtr.exe
%s\snmpmssw.exe
%s\trafracp.dll
%s\vnetsmme.dll
%s\vsxmpgpc.dll
%s\w3sskbda.dll
%s\winftsap.dll
%s\winftsap.exe
%s\wshnseri.exe
%s\wshtlprh.dll
%w\ccsserv.exe
%w\cserv32.exe
%w\msupdtwiz.exe
%w\reggserv.exe
%w\serrv.exe
%s\slbipsch.dll
%s\slbipsch.exe
%w\sserrvv.exe
%w\t2serv.dll
%w\t2serv.exe
%s\v4pbpt51.dll
%s\vb5dmspo.dll
:SuperBar
%p\superbar\
:SurfAccuracy
%p\surfaccuracy\
:SurfSideKick
%p\surfsidekick\
%p\surfsidekick 2\
%p\surfsidekick 3\
:Sys Detective+
%p\sys detective+\
%s\sd16win.dll
:SysKeylog
%r\archivos de programa\
%r\temp_kl\
:TargetAd
%p\netmeting\
:Tibs/Nuwar Worm
%s\alsys.exe
%s\game1.exe
%s\game2.exe
%s\game3.exe
%s\google.png.exe
%s\messenger.lib.exe
%s\nordsys.exe
%s\ppl.exe
%s\se.exe
%s\wincom32.sys
%s\zlbw.dll
:Timeserv Worm
%s\timesrv.exe
:Toolbar888
%p\toolbar888\
:TopMoxie
%p\topmoxie\
:TrialTime
%s\adchkr.exe
%s\hook1.dll
%s\hook2.dll
%s\ladchkr.exe
:TrustIn
%p\trustin bar\
%p\trustin contextual\
%p\trustin popups\
%p\trustin search\
%s\lcch.dat
%s\lut.dat
%s\tconini.dat
%s\ticads.exe
%s\ticont.dll
%s\tipp.dat
%s\tippcls.dat
%s\tips.exe
%s\tisa.cnf
%s\tisa.dll
%w\ads.js
:TotalSpy
%p\ts trial\
:Uplink
%s\dad.bat
%s\gdu.dll
%s\myad.dll
%s\rvreg.exe
%s\uninmyad.exe
:VirtuMonde
%s\cidrules.dll
%s\lspak.dll
%s\rulesak.dll
%w\windowsupd1.exe
%w\windowsupd2.exe
%w\windowsupd4.exe
:VMN Toolbar
%p\vmntoolbar\
:Vomba
%p\vomba\
:VVSN
%p\vvsn\
:VX2
%p\autoupdate\
%p\hpdll\
%s\6fo4svc.dll
%s\host.dll
%s\localnrd.dll
%s\msnavc32.exe
%s\msview.dll
%s\spwgoc.exe
%s\sysmonnt.exe
%s\tps108.dll
%s\vwix32.exe
%s\vx2.dll
%s\winntcreate.exe
%w\cleanhistories.dll
%w\iehelper.dll
%w\isrvs\
%w\kernellos.dll
%w\psapi.dll
%w\vx2.dll
:Web Buying
%p\web buying\
:WebHancer
%p\webhancer\
%p\whinstall\
:WebRebates
%p\web_cpr\
%p\web_rebates\
:Websnitch
%p\websnitch v3.0\
:WhenU
%c\ucontrol\
%c\whenu\
%p\vvsdl\
%p\whenu\
%p\whenusearch\
:WinComm
%p\win comm\
:Windows AdTools
%p\windows adtools\
:Windows ControlAd
%p\windows adcontrol\
:WinFavorites
%p\winfavorites\
%s\a.exe
%s\bridge.dll
:WinFixer
%c\winfixer 2006\
%c\winsoftware\
%p\winfixer 2005\
%p\winfixer_2006\
%s\df_kme.exe
%s\dfe1.exe
:WinMuschi
%w\winmuschi.exe
:Winpup
%s\pup.exe
%s\winpup.exe
%s\winpup32.exe
:WinSB
%s\winsb.dll
:Winshow
%s\winshow.dll
:WinTools
%c\wintools\
:Winupie
%s\axconfig.dll
%w\winupie.exe
:Wualess Trojan
%s\wuauclt.dll
:XCP Sony Rootkit
%w\cdproxyserv.exe
:XLocator
%s\winlocator.dll
%s\winlocatorhelper.dll
%w\updatewinlocator.exe
:XPCSpy
%p\xpcspy\
%p\xsoftware\
%s\rx.exe
%s\sysdll32.dll
%s\systemout.exe
%s\wintft.dll
:YourSiteBar
%p\yoursitebar\
:Zafi.D Worm
%s\norton update.exe
:Zango
%p\zango games\
%p\zango programs\
%p\zango\
%p\zangoclient\
:ZeroPopUpBar
%p\zeropopupbar\
%s\zeropopupbar.dll
%s\zp.dll
:Zlob Trojan
%p\mmediacodec\
%s\4ccc3cea.exe
%s\dcomcfg.exe
%s\dfrgsrv.exe
%s\ishost.exe
%s\ismon.exe
%s\isnotify.exe
%s\issearch.exe
%s\mscornet.exe
%s\msmsgs.exe
%s\mssearchnet.exe
%s\nvctrl.exe
%s\regperf.exe
| Aidez Assiste – autorisez quelques publicités et cliquez-les |
