[MàJ] Virus - Vaccination

La vie du site, boîte à idées, feedback

Modérateur: Modérateurs et Modératrices

[MàJ] Virus - Vaccination

Messagede pierre » 03 Fév 2008, 12:22

Virus - Vaccination

Vaccination : Injection dans le système à protéger d'une petite partie du virus de manière à immuniser le système.

Est-ce que cette technique est applicable aux virus ?

.../...

http://assiste.com.free.fr/p/virus/viru ... ation.html
Image
__________________
Pierre (aka Terdef)
Appel à donation - Le site a besoin de votre aide

Comment je me fais avoir/infecter ? - Protéger navigateur, navigation et vie privée - Bloquer publicité et surveillance sur le Web
Accélérer Windows - Accélérer Internet - Décontamination - Installer Malwarebytes - Forums d'entraide

Il ne sera répondu à aucune demande de dépannage posée en MP (Messagerie Privée). Les demandes doivent être publiques et les réponses doivent profiter au public.
Image
Avatar de l’utilisateur
pierre
 
Messages: 29665
Inscription: 20 Mai 2002, 23:01
Localisation: Ici et maintenant

Messagede nickW » 03 Fév 2008, 19:45

Bonsoir,

Assiste.com a écrit:Dans la pratique, cette technique ne s'applique que très mal aux purs virus et n'a donc jamais été déployée.


Objection, votre Honneur! :wink:

Le programme Malware Immunizer se propose de le faire.

La base de données (non mise à jour depuis le 17/08/2007) contient une liste de 1.600 fichiers & dossiers (ce qui signifie qu'il va y avoir création de 1.600 nouveaux fichiers et dossiers [contenant un fichier Readme.txt] sur le PC).


What is malware?
Definition: Malicious software, developed for the purpose of harming computers; examples include computer viruses, worms, trojans, and spyware.

Malware Immunizer is a very simple tool that only create files and folders on your hard disk drive! So how does it prevent the installation of malware?
Actually when you execute a executable file or installer, it may unload or create files on your hard disk drive. Let said a virus want to create a file named virus.exe on C: (C:\virus.exe), however if a folder named virus.exe already exists on C: (C:\virus.exe), the malicious file will not be written or overwrite the folder. Malware Immunizer make use of this behavior to prevent installation of malware by creating folders of known malware filename with path used by the malware. Note that it mostly only prevent installation of the core files that will be run every time the system boot up, meaning that when a malware is executed it may create other malicious files that must be cleaned using antivirus program. Likewise files will be used to prevent the creation of malicious folders which can contain harmful files.



Ci-dessous, le lien vers ce programme miraculeux ... qui frôle l'arnaque!
http://faltronsoft.org/index.php?option=com_content&task=view&id=19&Itemid=20


Salut,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede pierre » 04 Fév 2008, 02:20

Oui,

Il y a celui-là et un autre dont j'ai oublié le nom et pour lequel j'avais échangé des mots aigres avec son développeur.

Comme dit dans le texte, il s'agit de créer des marqueurs indélébiles et de les protéger afin de faire croire au parasite qu'il est déjà installé ou de l'empêcher de s'installer. C'est le principe des "dummy" files.

Cela a très peu d'envergure et cible des trucs qui n'existent plus.

Par exemple, Malware Immunizer écrit et protège les marqueurs d'environ 250 parasites et quelques crapwares mais on trouve dedans des trucs qui n'existent plus du tout (les sociétés ont déposé le bilan ou ont totalement cessé cette activité depuis des années) comme Claria, Gator, Aureate/Radiate (n'existe plus depuis 2002 !), CoolWebSearch, Cydoor etc. ...

Si l'on compare la liste des fichiers leurrés pour BargainBuddy par Malware Immunizer (44) à ma liste de fichiers de ce parasite (ma description à http://assiste.com.free.fr/p/parasites/ ... buddy.html avec 231 fichiers et 7 répertoires) on voit que ce produit est "léger" et mal informé.

Tiens... Relire cette plainte contre BargainBuddy (je la met en ligne)
http://assiste.com.free.fr/m/plaintes/p ... nbuddy.pdf

Bref... Il n'y a pas de vaccination contre les virus (sauf, peut-être, à éradiquer ce cancer de la Terre appelé Homo sapiens).

:wink:


Les marqueurs de vaccination ("signatures") de Malware Immunizer

;0.40
;16 August 2007
;This is the malware definition file for Malware Immunizer
;DO NOT delete this file! DO NOT modify this file unless you know what you are doing
;If you wish to add your own definition you may do so
;The symbol ":" (without quotes) should be used to define the name of the malware file
;After that just add the path with file/folder name below
;Predefined pathes - %w for Windows directory
; %s for System directory
; %p for Program Files directory
; %c for Common Files directory
; %r for the root directory
;DO NOT use the real path! you must substitute the Windows directory with %w and so on

:Unknown
;For item with path & name that belongs to 2 or more malware or it is unknown
%s\regsvc32.exe
%s\server.exe
%s\svhost.exe
%s\svchost32.exe
%s\winsvc.exe
%s\winupd.exe
%w\csrss.exe
%w\explore.exe
%w\rundll16.exe
%w\svchost.exe

:Potential Destructive
;For items that remove the registry entries or files without asking the user which can cause damages and does not provide working undo function prior to removal. Also for items that make the system inoperable. These can be legitimate application
%p\beclean\
%p\fix my registry\
;Registry Power Cleaner
%s\winctl3.ocx
%s\winctl4.dll
%s\winutil4.dll
%p\winferno\

:Rogue Anti-Malware & Software
;100 Percent Anti-Spyware
%p\scorpio software\
;1 Click Spy Clean
%p\secure pc solutions\
;#1 Spyware Killer
%p\#1spywarekillerv2.1\
;1stAntiVirus
%p\1stantivirus\
;Ad Armor
%p\ad armor\
;Ads Alert
%p\pcprivacysoftware.com\
;ADS Adware Remover
%p\ads adware remover\
;Adware Agent
%p\adware agent\
;ADWare Bazooka
%p\adwarebazooka\
;Adware Finder
%p\adfindertoolbar\
%p\adwarefinder\
;AdwarePatrol
%p\adware patrol\
;Adware Punisher
%p\adwarepunisher\
;Adware Remover
%p\adware remover\
;Adware Remover Gold
%p\adwareremovergold.com\
;Adware Sheriff
%p\adwaresheriff\
;AdwareSpy
%p\adwarespy\
;AdWare SpyWare Removal
%p\adware spyWare removal\
;AdwareX Eliminator
%p\adwareX eliminator\
;Agent Spyware
%p\softwaredoctor\
;AlertSpy
%p\alertspy\
%s\fk.dll
;AntiSpyware Soldier
%p\antispyware soldier\
;AntiSpyZone
%p\antispyzone 5.0\
;AntiVermins
%p\antivermins\
;Antivirus Protection
%p\antivirus protection\
%s\filekiller.dll
;Antivirus Solution
%p\antivirus solution\
;AntivirusGolden
%p\antiviralgolden\
%p\antivirusgoldenpro\
;AVSystemCare
%p\avsystemcare\
;BPS Spyware Remover
%p\bps remover\
%p\bulletproofsoft.com\
;BraveSentry
%p\bravesentry\
;CleanX
%p\cleanx2007\
;CodeClean
%p\codeclean2007\
;ContraVirus
%p\contravirus\
;CurePCSolution
%p\curepcsolution\
;Doctor Adware
%p\doctor adware\
%p\doctor adware pro\
;Easy Erase Spyware Remover
%p\easy erase spyware remover\
;ETD Security Scanner
%p\etd security scanner\
;ExpertAntivirus
%p\expertantivirus\
;Flobo Spyware Clean
%p\flobo spyware clean\
;Froggie Scan
%p\froggie scan demo\
;GoodBye Spy
%p\goodbye spy\
;GuardBar
%p\guardbar\
;HitVirus
%p\hitvirus\
;IC Spyware Scanner
%p\allume systems\
;Kazaap Adware and Spyware Remover
%p\kazaap\
;Kill And Clean
%p\killandclean\
;KillSpy
%p\killspy.net\
;MalwareAlarm
%p\malwarealarm\
%w\xpupdate.exe
;Malware Sweeper
%p\malwaresweeper.com\
;Malware Stopper
%p\malwarestopper\
;MalwareWipe
%p\malwarewipe.com\
%p\malwarewipers\
;MyNetProtector
%p\mynetprotector\
;MySpyProtector
%p\myspyprotector\
;Neospace Internet Security
%p\neospace\
;PAL Spyware Remover
%p\pal spyrem\
;PC Health Plan
%p\pc health plan\
;PerfectCleaner
%p\perfectcleaner\
;Pestbot
%p\pestbot\
;PestCapture
%p\pestcapture\
;PestTrap
%p\pesttrap\
;Privacy Champion
%p\privacy champion\
;Privacy Crusader
%p\privacy crusader demo\
;Privacy Defender
%p\btppdv2.2\
%p\pcsecurityshield\
%p\prvdef4.0\
;PSGuard
%p\psguard\
;PurityScan
%p\purityscan\
%s\ndrv.dll
%s\ndrv.exe
%s\winservn.exe
%s\winservs.exe
%s\wnscpit.exe
%s\wnsintsv.exe
%s\wnsinttr.exe
%s\wnsapisv.exe
%s\wnsapisu.exe
%s\wnscpcc.exe
%s\wintsvsu.exe
;RazeSpyware
%p\razespyware\
;RegFreeze
%p\regfreeze\
;Remedy AntiSpy
%p\remedyantispy\
;Safe & Clean
%p\unspypc\
;Scan & Repair Utilities
%p\scan & repair utilities 2007\
;ScanSpyware
%p\scanspyware v3.8.0.4\
;SecureMYpc
%p\securemypc\
;Security iGuard
%p\security iguard\
;SpyFalcon
%p\spyfalcon\
%s\dxmpp.dll
%s\ginuerep.dll
%s\twain32.dll
;SpySheriff
%p\spysheriff\
%r\winstall.exe
;Spyware Remover
%p\spyware remover\

:123Search
%s\msiebho.dll
%s\msietk1020.dll

:180search Assistant
%p\180search assistant\
%p\180searchassistant\
%w\fejgl.exe
%w\ihsn.exe

:2020search
%p\srng\
%s\2020search.dll
%s\2020search2.dll
%w\2020install.exe
%w\2020search.dll
%w\2020search2.dll
%w\mssvr.exe

:2ndThought
%p\stc\
%s\2ndsrch.dll
%s\stcloader.exe

:2Search
%p\2search\
%p\the guard\
%s\007guard.exe
%s\2searchinstaller.exe
%s\feeds\

:7FaSSt
%p\fs\
%s\7search.dll

:ABetterInternet
%c\betterinternet\
%p\abetterinternet\
%p\netturbotrial\
%s\bdle4012.exe
%s\bik.exe
%s\ezxiiyv.exe
%s\farmmext.exe
%s\imgiant.dll
%s\laziqn.exe
%s\ln_reco.exe
%s\nnmzoq.exe
%s\polau2c.exe
%s\randreco.exe
%s\stmtreco.exe
%s\susp_reco.exe
%s\wbtvsffd.exe
%s\xxvyaj.exe
%w\abiuninst.htm
%w\banner.dll
%w\bi.dll
%w\biprep.exe
%w\btgrab.dll
%w\buddy.exe
%w\ceres.dll
%w\dlmax.dll
%w\druninst.exe
%w\ejgekgpq.ini
%w\farmmext.exe
%w\imgiant.dll
%w\imguninst.exe
%w\morphacl.dll
%w\mxtarget.dll
%w\pynix.dll
%w\speer2.dll
%w\speeryox.dll
%w\voiceip.dll
%w\zserv.dll

:Accoona Toolbar
%p\accoona\

:ACEBar
%p\acetoolbar\
%p\internet explorer\atlapp.sys

:AdPartner
%s\aplsp.dll

:AdStatus
%p\adstatus service\

:Altnet
%p\altnet\

:Apropos
%p\aproposclient\
%p\aprps\
%p\cxtpls\
%p\sysal\
%s\atmon.exe
%s\intfaxui.exe

:ArcadeRockstar
%p\arcaderockstar\

:Assasin Backdoor
%s\dhcp32\
%s\ide\
%s\win type\
%w\ms spool32.dat
%w\ms spool32.exe
%w\pool32.exe

:Aureate/Radiate
%p\mediaring talk\
%s\adimage.dll
%s\advert.dll
%s\advertcontrolxcontrol.ocx
%s\amcis.dll
%s\amcis2.dll
%s\amcis3.dll
%s\anadsc.ocx
%s\anadscb.ocx
%s\htmdeng.exe
%s\ipcclient.dll
%s\ipclient.dll
%s\msipcsv.exe
%s\tfde.dll

:Aurora
%s\drpmon.dll
%s\poller.exe
%w\aurora.exe
%w\aurorahandler.dll
%w\bolger.dll
%w\nail.exe
%w\svcproc.exe

:AutoSearch
%s\msinfosys.dll
%s\safesearch.dll

:AutoStartup
%s\ast.exe
%w\ac.aut
%w\ast.exe
%w\ib.exe
%w\unast.exe

:BackWeb
%p\backweb\
%s\dlgli.exe

:Bagle Worm
%r\ntldr.exe
%s\_dll.exe
%s\anti_troj.exe
%s\bawindo.exe
%s\bawindo.exeopen
%s\bawindo.exeopenopen
%s\doriot.exe
%s\drvddll.exe
%s\drvddll.exeopen
%s\drvddll.exeopenopen
%s\exefld\
%s\hldrrr.exe
%s\loader_name.exe
%s\loader_name.exeopen
%s\loader_name.exeopenopen
%s\re_file.exe
%s\sys_xp.exe
%s\sys_xp.exeopen
%s\sys_xp.exeopenopen
%s\win32lib.exe
%s\windirect.exe
%s\windll.exe
%s\windll.exeopen
%s\windll.exeopenopen
%s\wingo.exe
%s\wingo.exeopen
%s\wingo.exeopenopen
%s\winhost.exe
%s\wintems.exe
%s\winxp.exe
%s\winxp.exeopen
%s\winxp.exeopenopen
%s\winxp.exeopenopenopen
%s\winxp.exeopenopenopenopen

:BargainBuddy
%p\bargain buddy\
%p\bullseye network\
%p\cardcrazy\
%p\cashback\
%p\funcade\
%p\navisearch\
%s\angelex.exe
%s\bbchk.exe
%s\exclean.exe
%s\exdl.exe
%s\exdl0.exe
%s\exdl1.exe
%s\exdl2.exe
%s\exdl3.exe
%s\exul.exe
%s\exul1.exe
%s\exul3.exe
%s\instsrv.exe
%s\javex80.vxd
%s\javexulm.vxd
%s\mqexdlm.srg
%s\msbe.dll
%s\mscb.dll
%s\msexreg.exe
%s\msxct.exe
%s\netut80ex.vxd
%s\nvms.dll
%s\vx0.nls
%s\vx0x.nls
%s\vx1.nls
%s\vx1x.nls
%s\vx2.nls
%s\vx2x.nls
%s\vx3.nls
%s\vx3x.nls
%w\ahcb.exe
%w\bargain4.exe
%w\bbchk.exe
%w\exclean.exe
%w\exdl.exe
%w\exul.exe
%w\msxct.exe
%w\zeta.exe

:BDE
%p\bde\
%r\bde\
%s\bdedata2.dll
%s\bdedownloader.dll
%s\bdefdi.dll
%s\bdeinsta2.dll
%s\bdeinstall.exe
%s\bdesecureinstall.cab
%s\bdesecureinstall.exe
%s\bdeverify.dll
%w\bde\

:Best Offers
%p\tbonbin\

:BlazeFind
%p\windowssa\
%s\2_0_1browserhelper2.dll
%s\3_0_1browserhelper3.dll
%s\5_0_1browserhelper5.dll
%s\iesearchbar.dll
%s\unstsa2.exe

:BonziBuddy
%p\bonzibuddy\

:BookedSpace
%s\acd.dll
%s\anaamon.dll
%s\bs2.dll
%s\bs3.dll
%s\bsx5.dll
%s\bxsx5.dll
%s\bxxs5.dll
%s\oo4.dll
%s\rem00001.dll
%w\bs2.dll
%w\bs3.dll
%w\bsx32\
%w\bsx5.dll
%w\bxxs5.dll
%w\cfg32p.dll
%w\oo4.dll

:BroadcastPC
%p\bcpc\
%p\bpc_search\
%p\bpt\
%p\brp\
%p\btv\
%p\rvp\
%p\tvs\

:BrowserAid
%p\browser pal\
%p\letssearch\
%s\broweraidtoolbar.dll
%s\highlighthelper.dll
%s\inetp60.dll
%s\msiefr40.dll
%s\quicklaunchie.dll
%s\rsstoolbar.dll
%s\rundll16.dll
%s\stlbad123.dll
%s\stlbdist.dll
%s\stlbupdt.dll
%w\rundll16.dll
%w\uptodate.exe

:Buchon Worm
%r\csrss.exe

:BuddyLinks
%c\psd tools\
%p\buddylinks.net\

:BZub Trojan
%s\ipv6mons.dll

:Claria
%c\cmeii\
%c\gmt\
%p\gator.com\

:ClearSearch
%p\clearsearch\
%p\cntrc\
%p\csbb\
%p\lycos\
%s\csie.dll
%s\ie_clrsch.dll
%s\ietie.dll

:ClickTheButton
%s\ctbhooks.dll
%w\ctb3_shared\

:ClickToSearch
%s\bpv1a.dll
%s\bpv2s.dll
%s\bpv2t.dll

:ClientMan
%p\clientman\
%s\disable.dll
%s\disable1.dll
%s\msccof.exe
%s\mscdka.dll
%s\mscpbo.exe
%s\msdaim.dll
%s\msdlgk.dll
%s\mseclk.dll
%s\msedah.dll
%s\mseffm.dll
%s\msenfh.dll
%s\msfaol.dll
%s\msgdmf.exe
%s\msibkd.dll
%s\msjfbl.dll
%s\mskceo.dll
%s\mskehb.dll
%s\mskhhe.dll
%s\mskpkc.dll
%s\mslefh.dll
%s\msmc.exe
%s\msmdld.DLL
%s\msmm.exe
%s\msncjk.dll
%s\msnkmi.dll
%s\msobfl.dll
%s\msongn.exe

:ClipGenie
%p\clipgenie\

:ClockSync
%p\clocksync\

:Coder Dialer
%w\coder\

:Colej_uk Design Toolbar
%p\colej_uk design toolbar\

:ConfigSys
%w\configsys\
%w\smss.exe

:Conscorr
%w\conscorr.exe

:CoolWebSearch
%s\1.00.07.dll
%s\adddx.dll
%s\addgp32.exe
%s\addwh32.exe
%s\apica.exe
%s\apioe.exe
%s\apivy.exe
%s\appio.exe
%s\appis32.exe
%s\appjc32.exe
%s\appoe32.exe
%s\astctl32.dll
%s\astctl32.ocx
%s\atlhy.exe
%s\atlkt32.exe
%s\atlpv32.exe
%s\autosearch.dll
%s\avpcc.dll
%s\bootconf.exe
%s\bpln.dll
%s\coolwebsearch-info.dll
%s\crby32.exe
%s\crcz.exe
%s\criticalupdater.exe
%s\crko.exe
%s\crsw32.exe
%s\crxa.exe
%s\ctfmon32.exe
%s\ctrlpan.dll
%s\d3fm.exe
%s\d3gj.exe
%s\d3ul32.exe
%s\delj.dll
%s\dnse.dll
%s\dnserr.dll
%s\dnsrelay.dll
%s\dreplace.dll
%s\dxm8vb.dll
%s\excel10.dll
%s\famcff.dll
%s\gegnba.dll
%s\gejafa.dll
%s\gln.dll
%s\googlems.dll
%s\hlmk.dll
%s\iefeatsl.dll
%s\iefi.exe
%s\iefy.exe
%s\iehost34.exe
%s\ietoolbar.dll
%s\ieug32.exe
%s\iewe32.exe
%s\ipgs.exe
%s\iphj32.exe
%s\ippy.exe
%s\ipst32.exe
%s\jehmbyxrubdb.dll
%s\kha.dll
%s\kncjmlb.dll
%s\mfcgt32.exe
%s\mfcqc32.exe
%s\mfcuo.exe
%s\mgs_32.dll
%s\mid.dll
%s\msconfd.dll
%s\mshelper.dll
%s\msiesh.dll
%s\msph32.exe
%s\mssearch.dll
%s\msspi.dll
%s\mssz32.dll
%s\msupdate.exe
%s\msxmlpp.dll
%s\mtwirl32.dll
%s\mupdate.exe
%s\navext.dll
%s\netjh32.exe
%s\ntdx.exe
%s\oifhhio.dll
%s\oipa.dll
%s\olehelp.exe
%s\opc.dll
%s\pnkeb.dll
%s\sdkdh.exe
%s\sdkhb32.exe
%s\sdkly.exe
%s\searchaddon.dll
%s\services\
%s\sqlbgb.dll
%s\submithook.dll
%s\sys_ext.dll
%s\toolband.dll
%s\wcadw.dll
%s\webinfo.dll
%s\wer1306.dll
%s\winga.exe
%s\winlink.dll
%s\winlo.exe
%s\winns32.exe
%s\winproc32.exe
%s\winres.dll
%s\winyw32.exe
%s\word10.dll
%s\xplugin.dll
%s\xxxvideo.hta
%w\addkc32.exe
%w\apiac.exe
%w\apifb.exe
%w\apigj.exe
%w\apijn32.exe
%w\apivt.exe
%w\appsh.exe
%w\appwn32.exe
%w\atlfs32.exe
%w\atlrl32.dll
%w\avpcc.dll
%w\bipw.exe
%w\crvl.exe
%w\ctrlpan.dll
%w\d3cq.exe
%w\d3fd32.exe
%w\d3fl32.exe
%w\d3nr32.exe
%w\d3ue.exe
%w\d3zg.exe
%w\default.css
%w\dpe.dll
%w\fonts\msoffice.hta
%w\help\helpcvs.exe
%w\help_dcc.dll
%w\help_ecc.dll
%w\ieoo\
%w\iexplorer.exe
%w\image.dll
%w\ipog.dll
%w\ipyx32.exe
%w\kk8pwxm634.exe
%w\mfcbm32.dll
%w\mfckb.exe
%w\mfcui32.exe
%w\msconfd.dll
%w\msew\
%w\msnc32.exe
%w\mszv32.exe
%w\my.css
%w\navext.dll
%w\ntwg.exe
%w\ntwn.exe
%w\ntyk32.exe
%w\ntyo32.exe
%w\olehelp.exe
%w\qttasks.exe
%w\sdkev.exe
%w\sdkrr32.exe
%w\sistem.exe
%w\sys.reg
%w\sysbj\
%w\sysea.exe
%w\sysjq.exe
%w\syskr.exe
%w\syslr.exe
%w\syspi\
%w\winfj\
%w\winmc.exe
%w\winnj32.exe

:CommonName
%p\commonname\

:Coulomb Dialer
%s\comload.dll

:CouponAge
%s\calsp.dll

:CouponDeals
%s\cdlsp.dll
%s\cdsync.dll

:CPush
%c\cpush\

:CrocoPop
%s\crocopop32.exe

:CustomToolbar
%s\customtoolbar.dll

:Cydoor
%s\adcache\
%s\cd_clint.exe
%s\cd_gif.dll
%s\cd_htm.dll
%s\cd_load.exe
%s\cd_swf.dll
%w\roodyc\

:DateManager
%p\date manager\

:DateRegon
%p\dateregon\

:DealHelper
%p\dealhelper.com inc\
%p\dealhelper\
%s\dun.exe
%s\hookpopup.dll
%s\newmsrdk2.zip
%w\dealhlpr.dll
%w\dhbrowser.exe
%w\dhbrwsr.exe
%w\dhdom.bin
%w\dhdom1.bin
%w\dhdomp.bin
%w\dhdomp1.bin
%w\dhkw.bin
%w\dhkw1.bin
%w\dhp.dll
%w\dhp2.dll
%w\dhsigned.ocx
%w\dhsvr.exe
%w\dhun.exe
%w\dhupdt.exe
%w\dsearch.bin
%w\dsearch1.bin

:Dealio Toolbar
%p\dealio\

:DealsOnline
%s\dolsp.dll

:Delf-HA Trojan
%s\rundnm.exe

:DeltaBar
%s\deltaclick.dll

:Diabolo
%s\diabolo.exe

:DialerOffline
%s\dialeroffline.dll

:DlDer
%w\dlder.exe
%w\explorer\

:Data Doctor KeyLogger
%p\keylog\
%s\urncb.dll
%s\urncbc.dll

:DownloadReceiver
%c\eacceleration\

:DownloadWare
%p\downloadware engine\
%p\downloadware\
%p\kfh\
%p\medch\
%p\mlh\
%p\movienetworks\
%p\popcorn.net\
%p\real-tens\

:DreamPopper
%s\dreampopper.dll

:DriveCleaner
%c\drivecleaner free\
%p\drivecleaner 2006 free\
%p\drivecleaner free\

:E2Give
%p\data19\
%p\e2g\
%p\e2give\
%r\e2g\
%s\askearth17.exe
%s\ei.exe
%s\filgmo.exe
%s\iebhos.dll
%s\iniwin32.dll
%s\prutpct.exe
%s\prutsct.exe
%s\pruttct.exe
%s\ptech.exe
%s\skytown.exe
%w\pi1.exe

:EasyDates
%p\comsoft\

:EasyWWW
%s\easywww.exe
%s\easywww2.exe
%s\easywww3.exe
%w\easywww.exe
%w\easywww2.exe
%w\easywww3.exe
%w\ewupdater.exe
%w\iewww.exe
%w\iewwwint.exe
%w\redirect5.exe

:Ebates Moe Money Maker
%p\ebates_moemoneymaker\
%p\ebatesmoemoneymaker\
%p\webrebates\
%p\websearch\

:eBlaster
%s\nvrcr32.dll
%s\rmashlex.dll

:EliteBar
%s\bkmsf32.dat
%w\elitebar\
%w\elitesidebar\
%w\elitetoolbar\
%w\etb\

:Employee Watcher
%r\windowsupdate\

:Emcodec
%p\emedia codec\
%p\media-codec\

:Eros Dialer
%s\eros.exe

:eStart
%s\estartlinkrotater.exe
%s\goupdate.exe
%s\links.dll
%w\goupdate.exe

:eXact Search Bar
%p\exact\

:Expext
%s\expext.dll

:ExploreAnywhere
%p\exploreanywhere\

:ExPup
%s\expup.exe

:eZula
%p\ezula\
%p\web offer\
%s\ezpopstub.exe
%s\ezstub.exe
%w\ezinstall.exe
%w\woinstall.exe

:Ezurl
%p\ezurl\
%s\_epnt.sys
%s\keymap.dll

:f0r0r
%s\f0r0r\

:Family Cyber Alert
%s\fcyberalert\

:Family Keylogger
%s\ctf\

:FastSeeker
%p\fastseeker\
%s\fastseekertoolbar.dll
%w\fastseekersetup.ocx
%w\fastseekersetupv2.ocx

:FavoriteMan
%s\aess2.dll
%s\arb1tal.dll
%s\atpartners.dll
%s\casldr.dll
%s\dlh0st.dll
%s\emesx.dll
%s\f1.dll
%s\favboot.dll
%s\favman.dll
%s\favorite.dll
%s\fone.dll
%s\gold2.dll
%s\gr02.dll
%s\im64.dll
%s\in10b6s.dll
%s\lstb4drc.dll
%s\lstb4drc.exe
%s\lwz.dll
%s\mbr32.dll
%s\mmview_101.dll
%s\mpz300.dll
%s\n3tpa1p.dll
%s\ofrg.dll
%s\otw0i.dll
%s\pavb1u2.exe
%s\pdfzzy.dll
%s\ss.dll
%s\ss32.dll
%s\sysldr.dll
%s\td1.dll
%s\trk.dll
%s\zz.dll

:FindWhateverNow
%p\fwn toolbar\
%s\fwntoolbar.dll

:FileSubmit
%p\filesubmit\

:FlashTrack
%p\fen\
%p\fla\
%p\flcp\
%p\fln\
%p\flt\
%p\ftapp\
%p\ftk\
%p\reg2\
%p\xml\
%p\xmod\
%s\flcp.dll
%s\flt.dll
%s\ftapp.dll

:FreeScratchAndWin
%p\fsw\
%s\idleui.dll
%s\support.exe

:Frsk
%w\frsk.exe
%w\savestartdate.exe

:GlobalDialer
%p\globaldialer\

:GMSoft Dialer
%p\dialers\
%p\gmsoft\
%p\gsoft\
%p\paymentone\
%p\primesoft\
%p\pvm\
%p\scom\
%p\vcom\

:Ghost Keylogger
%p\sync manager demo\
%s\msxver64.sqr

:Globe7
%p\globe7\

:GoHip
%p\browserenh\
%s\ie.dll

:GreatSearchResults
%p\gsr\

:Haxdoor Backdoor
%s\avload32.dll
%s\avpe32.dll
%s\avpi32.dll
%s\avpp32.dll
%s\avpx32.dll
%s\avpx32.sys
%s\avpx64.sys
%s\axdebugl.dll
%s\axxt32.dll
%s\bmtdhh.dll
%s\boot32.sys
%s\bt848rom.dll
%s\c3.dll
%s\c3.sys
%s\c4.sys
%s\cdscsix3.dll
%s\cert32.dll
%s\cm.dll
%s\cz.dll
%s\ddirectz.dll
%s\debugg.dll
%s\directpt.dll
%s\directut.dll
%s\docent0.dll
%s\docent2.dll
%s\draw32.dll
%s\drct16.dll
%s\dvb03a.dll
%s\dvb03a.sys
%s\dvb06a.sys
%s\dvd4free.dll
%s\dxtpdx.dll
%s\eetvpn.dll
%s\eetvpn.sys
%s\eexvpn.sys
%s\emldvc.dll
%s\extfpu.dll
%s\extxerox.dll
%s\flashdrvr.dll
%s\fuxx32.dll
%s\gatexkey.dll
%s\gdiwxp.dll
%s\gdwxp3.dll
%s\hm.sys
%s\hpprintx.dll
%s\hz.dll
%s\ideusr50.dll
%s\ies4dll.dll
%s\iesdl4l.dll
%s\jsdapi.exe
%s\klo5.sys
%s\lanh32.dll
%s\lanmui.dll
%s\ljjhh.dll
%s\logon16x.dll
%s\lsd_f3.dll
%s\mcfcc4.dll
%s\mcfg7a.dll
%s\mdfpro.dll
%s\memlow.sys
%s\mmx17g.dll
%s\mmx432.dll
%s\mmx4xt.dll
%s\mmxeroxk.dll
%s\mmxf32.dll
%s\mmxf64.sys
%s\msplg7.dll
%s\nclabydll.dll
%s\nkgfs.sys
%s\nkunpack.dll
%s\nuclabdll.dll
%s\obbn13t.dll
%s\openglss.dll
%s\pdx.dll
%s\pptp16.dll
%s\pptp24.sys
%s\pptp32.dll
%s\ppts16.dll
%s\printpnp.dll
%s\prw76sks.sys
%s\prwsks.dll
%s\psksds.dll
%s\qo.dll
%s\qo.sys
%s\qy.sys
%s\qz.dll
%s\qz.sys
%s\rdrvr2.dll
%s\regp32.dll
%s\rsdapi.dll
%s\satau320.dll
%s\satdll.dll
%s\satmmc.dll
%s\sdcard98.dll
%s\sdmapi.sys
%s\se500mdm.dll
%s\se633mxx.dll
%s\semd32.dll
%s\sertgs.dll
%s\sks2drvr.sys
%s\sksdll.dll
%s\sksdrvr2.sys
%s\skyx16.dll
%s\smtapi.sys
%s\snda32.dll
%s\sndu32.dll
%s\svjvpn.sys
%s\svkvpn.dll
%s\svkvpn.sys
%s\tcpg4t.dll
%s\tcpgdc.dll
%s\tcpr32.dll
%s\tcpwrk.dll
%s\twpkad.dll
%s\twpr32.dll
%s\vdmt16.sys
%s\vdnt32.sys
%s\vistax.dll
%s\vtd_16.exe
%s\w32_ss.exe
%s\wd.sys
%s\winf44.dll
%s\winlow.sys
%s\winm32.dll
%s\wndtx1.dll
%s\wxtwdx.dll
%s\wz.dll
%s\xcdmfree.dll
%s\xdpptp.sys
%s\xdudtt.dll
%s\xmm13g.dll
%s\xmsk32.dll
%s\xmsk64.sys
%s\xopptp.dll
%s\xopptp.sys
%s\xptp16.dll
%s\xptptt.dll
%s\ycsrgb.sys
%s\ycsvga.sys
%s\ycsvgd.sys
%s\ydsvgd.dll
%s\ydsvgd.sys
%s\yvbb01.dll
%s\yvpp01.dll
%s\yvpp01.sys
%s\yvpp02.sys
%s\yvprgb.dll
%s\yvsvga.dll
%s\yvsvga.sys
%s\zopenssl.dll

:Holystic
%s\preload.ocx

:Home Keylogger
%p\homekeylogger\

:HotBar
%p\hbinst\
%p\hbtools\
%p\hotbar\

:Httper
%p\httper\
%p\system soap pro\
%s\httper.dll

:HuntBar
%c\btlink\
%c\msiets\
%p\search toolbar\
%s\btiein.dll
%s\msiein.dll
%s\msielink.dll
%s\wtoolsb.dll

:IEAccess
%s\dhtmlaccess.dll
%s\eghtmldialer.dll
%s\ieaccess2.dll

:IEDriver
%s\iedriver\

:IEFeatures
%s\iefeatures.exe
%s\iefeaturesversion.exe
%s\internetfeatures.exe

:IEHook
%s\iehook.dll
%w\iehook.dll

:IEHost
%s\iehost.exe

:IEMonit
%s\iemonit.dll

:IEPlugin
%c\wqzq\
%s\atmtd.dll
%s\atmtd.dll._
%w\dinst.exe
%w\dlgb.exe
%w\dsr.dll
%w\dsr.exe
%w\extract.exe
%w\id.exe
%w\invitessk.exe
%w\offerssk.exe
%w\pxckdla.exe
%w\pxckdlauninstall.exe
%w\rgrt.exe
%w\snbho.exe
%w\ssk.exe
%w\systb.dll
%w\systb.exe
%w\ts.exe
%w\wcby\
%w\wdskctl.exe
%w\winobject.dll
%w\winserv.exe
%w\wqzq\
%w\wupdt.exe

:IETray
%s\iemsg.dll

:IGetNet
%s\bho.dll
%s\bho001.dll
%s\install_all.dll
%s\rsp.dll
%s\rsp001.dll
%s\update_bho.dll
%s\update_com.dll
%s\update_hosts.dll
%s\update_removeold.dll
%s\update_rsp.DLL
%s\winstart.exe
%s\winstart001.exe

:ILookup
%s\abeb.dll
%s\absnro.dll
%s\belop.dll
%s\bmeb.dll
%s\bundler_mpb_sb.exe
%s\chgrgs.dll
%s\drbr.dll
%s\gws.dll
%s\ineb.dll
%s\sbus.dll
%s\waeb.dll
%s\windec32.dll
%s\winenc32.dll
%s\winsrm32.dll
%w\ilookup\

:INetSpeak
%p\internet explorer\boombar.dll
%s\iexplorr11.dll
%s\iexplorr22.dll
%s\iexplorr23.dll
%s\iexplorr24.dll
%s\iexplorr25.dll
%s\iexplorr26.dll
%s\iexplorr27.dll
%s\iexplorr29.dll
%s\windowsie.dll

:InstaFinderK
%p\instafink\

:Install Provider
%p\install provider\

:Instant Access Dialer
%p\instant access\
%s\egdhtml_1023.dll
%s\egdhtml_1024.dll
%s\egdhtml_1025.dll
%s\egdhtml_1026.dll
%s\egdhtml_1027.dll
%s\egdial.dll
%s\ia.dll
%s\mseggrpid.dll
%w\exedialer.exe

:Instant Buzz
%p\instant buzz\

:Invisible Secrets Toolbar
%p\invisible secrets toolbar\

:Ipwins
%p\ipwindows\

:IRCBot
%s\wgareg.exe
%s\wgavm.exe

:iSearch Toolbar
%s\toolbar.dll

:ISTbar
%p\istbar\
%p\lstsvc\
%s\aupdate.exe
%s\aupdate_uninstall.exe
%s\mscache.dll
%w\istsvc.exe
%w\mscache.dll
%w\mscache.exe

:Jeired
%s\jeired.dll

:Jraun
%s\keyactivex.ocx
%s\keyhost.exe
%s\version.exe

:Kebede Worm
%s\gcasctrl.exe
%s\updtscheduler.exe

:KeenValue
%c\keenvalue\
%c\updater\
%c\updmgr\
%p\incredifind\
%p\perfectnav\
%p\powersearch\

:KGB Keylogger
%p\kgb keylogger\

:KillAV Trojan
%s\iexplore.exe

:Kiswin
%p\ebayshop\

:Kuaiso Toolbar
%p\kuaiso toolsbar\

:LoadEWXD
%s\msxml4r.exe

:Luder Worm
%s\duel.exe
%w\xwrm.exe

:Magicads
%s\madise.dll

:MagicControl
%s\msegcompid.dll
%s\msklive.dll
%w\mc\
%w\mslagent\
%w\navpmc\
%w\wincomp\
%w\winmgts\
%w\wintrim\

:MakeMeSearch
%s\adv.dll
%s\dll.dll
%s\mtc.dll
%s\nas.dll
%s\tbc.dll
%s\tubby.dll
%s\vtlbar1.dll

:Malpayo Backdoor
%s\sys.exe

:MapiSvc
%s\mapisvc32.exe

:MDDialer
%p\md\

:Media Gateway
%p\media gateway\

:Media Motor
%w\a64sddd.exe
%w\imgurla.exe
%w\mm20.ocx
%w\mm21.ocx
%w\mm63.ocx
%w\mmups.exe
%w\unstall.exe

:MediaLoads
%p\medialoads\
%p\medialoads enhanced\
%p\network essentials\
%p\support software\

:MemoryWatcher
%p\memorywatcher\

:Meridian
%s\myaccess.dll

:Mirar Toolbar
%s\nn_bar.dll
%s\nn_bar21.dll
%s\nn_bar22.dll
%s\nn_bar31.dll
%s\winats.dll
%s\windmy.dll
%s\winnb40.dll
%s\winnb41.dll
%s\winnb42.dll
%s\winnb51.dll
%s\winnb52.dll
%s\winnb56.dll
%s\winnb57.dll
%s\winnb58.dll
%s\winnb60.dll

:Mostrar Dialer
%s\msa64chk.dll
%s\msapasrc.dll

:MPGCom
%w\iempg.dll
%w\iempg2.dll
%w\mpgcom.dll
%w\msnarrator.exe

:MrHop
%w\mrhop.dll

:Mydoom Worm
%s\avpr.exe
%s\microsystem.exe
%s\osalogbe.exe
%s\patch31345.exe
%w\patch31345.exe

:Mytob Worm
%r\hellmsn.exe
%r\winssystem.exe
%s\0.exe
%s\1hellbot.exe
%s\666.exe
%s\abs.exe
%s\ccsrs.exe
%s\coolbot.exe
%s\dcomuser.exe
%s\ds.exe
%s\evil.exe
%s\fixupdattr.exe
%s\gothica.exe
%s\hbmail.exe
%s\hostdrvxp.exe
%s\iexplorer.exe
%s\internet.exe
%s\itunegui.exe
%s\jusched32.exe
%s\lcd32.exe
%s\lien van de kelder.exe
%s\lien Van de kelderrr.exe
%s\lien vande kelder.exe
%s\lien vd kelder.exe
%s\lientjeuh.exe
%s\lienvandekelder.exe
%s\lienvdk.exe
%s\logic.exe
%s\logitechwls.exe
%s\mailinfo.exe
%s\mcscn.exe
%s\memloader.exe
%s\microupdate.exe
%s\mouse.exe
%s\msdev32.exe
%s\msgmr.exe
%s\msmgrxp.exe
%s\msnl.exe
%s\msplus32.exe
%s\mssck.exe
%s\mswins.exe
%s\mtrnqs.exe
%s\netcog.exe
%s\phantom.exe
%s\picx.exe
%s\plugnplay32.exe
%s\protection.exe
%s\remote.exe
%s\rundll.exe
%s\scalpe91.exe
%s\scrigz.exe
%s\scvhost32.exe
%s\sd.exe
%s\service5.exe
%s\shell.exe
%s\skybot.exe
%s\sp2fx.exe
%s\sp2winfix.exe
%s\stagmr.exe
%s\svshost.exe
%s\sword.exe
%s\sysconf.exe
%s\tagmr.exe
%s\taskgamr.exe
%s\taskgmr.exe
%s\taskgmr32.exe
%s\timemanager.exe
%s\twunk_65.exe
%s\w1nt5k.exe
%s\w32ntupdt.exe
%s\wdns33.exe
%s\wfdgmr.exe
%s\wfdmgr.exe
%s\wid32.exe
%s\win24.exe
%s\win32.exe
%s\windasz-updote.exe
%s\windowsfirewall.exe
%s\windowz.exe
%s\winds.exe
%s\wingmt32.exe
%s\winhlpapi.exe
%s\wininfo.exe
%s\winnt.exe
%s\winstart.pif
%s\winsvc32.exe
%s\winsys.exe
%s\winsys32.exe
%s\winsyscfg.exe
%s\wintasker.exe
%s\winvnc.exe
%s\wpwmgrs.exe
%s\xpfirewall.exe
%w\phantom.exe
%w\rundil.exe
%w\rundil32.exe

:MyWebSearch
%p\mywebsearch\

:NavExcel
%p\navexcel\
%p\navexcel search toolbar\

:nCase
%p\ncase\

:Need2Find
%p\need2find\

:NetMedia
%w\netmedia.exe

:Netsky Worm
%w\avbgle.exe
%w\avguard.exe
%w\avpguard.exe
%w\avprotect.exe
%w\avprotect9x.exe
%w\comp.cpl
%w\diskmonitor.exe
%w\easyav.exe
%w\firewallsvr.exe
%w\fooding.exe
%w\fvprotect.exe
%w\jammer2nd.exe
%w\kasperskyaveng.exe
%w\maja.exe
%w\msnmsgrs.exe
%w\pandaavengine.exe
%w\services.exe
%w\symav.exe
%w\sysmonxp.exe
%w\userconfig9x.dll
%w\visualguard.exe
%w\winlogon.exe
%w\winlogon.scr
%w\wserver.exe

:NewAds
%p\adsponsor\
%p\exolon\
%p\psupport\

:NewDotNet
%p\newdotnet\

:NSIS Media
%c\nsis\

:Nugache Worm
%s\mstc.exe

:OfferAgent
%w\switpa.exe
%w\switpb.exe

:Openwares
%p\arcade!\
%p\ddr\
%p\startup mechanic\
%s\auole4.dll
%s\slpube03.dll
%s\vlcx052.dll

:Optserve
%s\lp.dll
%s\lp.exe
%s\optserve.dll
%s\optserve.exe

:PC MightyMax
%p\pc mightymax\

:RaxSearch
%p\rax search helper\
%w\infodll.dll

:Rbot Worm
%s\msclt.exe
%s\speeder.exe
%w\lansas.exe

:RegiFast
%p\regifast\

:RelevantKnowledge
%p\relevantknowledge\
%s\intmon.exe
%s\mrkscr.exe
%s\rk.exe
%s\rkinstaller.exe
%s\rlvknlg.exe
%s\shnlog.exe

:Roogoo
%s\msplus.dll
%s\msplus1.dll
%s\msplus2.dll
%s\msplus3.dll
%s\msplus4.dll

:RXToolBar
%p\rxtoolbar\

:Sasser Worm
%w\lsasss.exe
%w\napatch.exe
%w\avserve2.exe
%w\avserve3.exe
%w\skynetave.exe

:SaveNow
%p\ezthemes_whenusavenow_installer\
%p\save\
%p\savenow\

:Scaggy
%w\cfg32.exe
%w\cfg32o.dll
%w\cfg32r.dll
%w\cfg32s.dll

:ScreenView
%p\screenview\
%w\svrmgr.exe

:SearchBarCash
%s\msqsb.dll
%s\seqsb.dll

:SearchCentrix
%p\dynamic toolbar\
%s\barbho.dll
%s\gsim.dll
%s\ifhelper.dll
%s\ifsomatic.dll
%s\mgeekremove.exe
%s\mygeek.dll
%s\pqhelper.dll
%s\reg2.exe
%s\s4helper.dll
%s\seantb.dll
%s\somatic.dll
%s\webalize.dll
%s\wzhelper.dll
%w\adrsb.exe
%w\gsim.dll
%w\waladhpr.exe

:SearchEx
%p\valintines day card\
%s\hmepge.dll
%s\homepage.dll
%s\hotlink.dll
%s\iebrw.dll

:SearchLocate
%p\searchlocate\

:SearchNet
%p\searchnet\
%s\servehost.exe

:SearchSquire
%s\searchsquire.dll
%s\searchsquire2.dll
%s\searchsquire3.dll
%s\searchsquire33.dll
%s\searchupdate31.exe
%s\searchupdate33.exe

:Seekmo
%p\seekmo\

:ShopAtHomeSelect
%p\selectrebates\

:ShopperReports
%p\shopperreports\

:SideFind
%p\sidefind\

:SnoopStick
%s\mslspcg.exe
%s\smdnn05.dll
%w\csssupd.exe
%w\cssswd.exe
%w\sscrg.exe
%w\ssdgt.exe
%w\ssls.exe
%w\ssmsgr.exe

:Sober Worm
%w\connectionstatus\
%w\winsecurity\

:Softomate
%p\ietoolbar\
%p\softomate\

:Sogou
%c\sogou pxp\
%p\p4p\
%s\comploader.dll
%s\socul.dll
%s\sodahk.dll
%s\unsocul.exe

:Spam Blocker Utility
%p\spamblockerutility\

:SpediaBar
%r\spedia\

:SpyBlast
%p\spyblast\

:SpyDawn
%p\spydawn\
%s\higehsg.dll
%s\xkrdk.dll

:SpyOnThis
%p\spyonthis\

:Spytech
%p\spytech software\

:Spyware Stormer
%p\spyware stormer\

:SpywareStrike
%p\spywarestrike\
%s\replmap.dll
%s\wiatwain.dll

:Starware
%p\starware\

:StealthWatcher
%p\stealthwatcher200\
%p\swagent\

:Stration Worm
%s\actidmoc.exe
%s\admeiolo.dll
%s\avifipxr.dll
%s\brwconf.exe
%s\brwmgr32.dll
%s\brwperf.exe
%s\brwprf32.dll
%s\brwstat.dll
%s\camodpnm.exe
%s\chkmfdep.exe
%s\comrkbdd.exe
%s\confbrw.dll
%s\davctool.dll
%s\davctool.exe
%s\ddemdmco.dll
%s\deskmcd3.dll
%s\dpugmswe.dll
%s\dsseds32.dll
%s\dsseds32.exe
%s\dnsrxpob.exe
%s\e1.dll
%s\fileserv.dll
%s\fltlauto.exe
%s\hhselz32.dll
%s\i4n27vl.exe
%s\iaspdpus.dll
%s\icmpdx3j.dll
%s\imesrdch.exe
%s\ipxrmfc4.dll
%s\ipxwshel.exe
%s\ir32racp.exe
%s\iuennwcf.dll
%s\jgdwadsn.dll
%s\jgdwadsn.exe
%s\jgsdrpcn.dll
%s\jgsdrpcn.exe
%s\kbdfwshe.exe
%s\kbdpkbdr.exe
%s\lmrtatkc.dll
%s\mcd3mscm.dll
%s\mgmtmtxc.exe
%s\mqadscp3.exe
%s\mqoacdmo.dll
%s\msafiasn.dll
%s\msexcred.exe
%s\mslsicwd.dll
%s\msnsxole.dll
%s\msnsxole.exe
%s\msstersv.dll
%s\oebdfc.dll
%s\qdvtscf.dll
%s\rcbdwmpd.dll
%s\rdpwmsjt.exe
%s\scp3jgaw.dll
%s\secumsje.exe
%s\shfoxpob.exe
%s\slbrmqtr.exe
%s\snmpmssw.exe
%s\trafracp.dll
%s\vnetsmme.dll
%s\vsxmpgpc.dll
%s\w3sskbda.dll
%s\winftsap.dll
%s\winftsap.exe
%s\wshnseri.exe
%s\wshtlprh.dll
%w\ccsserv.exe
%w\cserv32.exe
%w\msupdtwiz.exe
%w\reggserv.exe
%w\serrv.exe
%s\slbipsch.dll
%s\slbipsch.exe
%w\sserrvv.exe
%w\t2serv.dll
%w\t2serv.exe
%s\v4pbpt51.dll
%s\vb5dmspo.dll

:SuperBar
%p\superbar\

:SurfAccuracy
%p\surfaccuracy\

:SurfSideKick
%p\surfsidekick\
%p\surfsidekick 2\
%p\surfsidekick 3\

:Sys Detective+
%p\sys detective+\
%s\sd16win.dll

:SysKeylog
%r\archivos de programa\
%r\temp_kl\

:TargetAd
%p\netmeting\

:Tibs/Nuwar Worm
%s\alsys.exe
%s\game1.exe
%s\game2.exe
%s\game3.exe
%s\google.png.exe
%s\messenger.lib.exe
%s\nordsys.exe
%s\ppl.exe
%s\se.exe
%s\wincom32.sys
%s\zlbw.dll

:Timeserv Worm
%s\timesrv.exe

:Toolbar888
%p\toolbar888\

:TopMoxie
%p\topmoxie\

:TrialTime
%s\adchkr.exe
%s\hook1.dll
%s\hook2.dll
%s\ladchkr.exe

:TrustIn
%p\trustin bar\
%p\trustin contextual\
%p\trustin popups\
%p\trustin search\
%s\lcch.dat
%s\lut.dat
%s\tconini.dat
%s\ticads.exe
%s\ticont.dll
%s\tipp.dat
%s\tippcls.dat
%s\tips.exe
%s\tisa.cnf
%s\tisa.dll
%w\ads.js

:TotalSpy
%p\ts trial\

:Uplink
%s\dad.bat
%s\gdu.dll
%s\myad.dll
%s\rvreg.exe
%s\uninmyad.exe

:VirtuMonde
%s\cidrules.dll
%s\lspak.dll
%s\rulesak.dll
%w\windowsupd1.exe
%w\windowsupd2.exe
%w\windowsupd4.exe

:VMN Toolbar
%p\vmntoolbar\

:Vomba
%p\vomba\

:VVSN
%p\vvsn\

:VX2
%p\autoupdate\
%p\hpdll\
%s\6fo4svc.dll
%s\host.dll
%s\localnrd.dll
%s\msnavc32.exe
%s\msview.dll
%s\spwgoc.exe
%s\sysmonnt.exe
%s\tps108.dll
%s\vwix32.exe
%s\vx2.dll
%s\winntcreate.exe
%w\cleanhistories.dll
%w\iehelper.dll
%w\isrvs\
%w\kernellos.dll
%w\psapi.dll
%w\vx2.dll

:Web Buying
%p\web buying\

:WebHancer
%p\webhancer\
%p\whinstall\

:WebRebates
%p\web_cpr\
%p\web_rebates\

:Websnitch
%p\websnitch v3.0\

:WhenU
%c\ucontrol\
%c\whenu\
%p\vvsdl\
%p\whenu\
%p\whenusearch\

:WinComm
%p\win comm\

:Windows AdTools
%p\windows adtools\

:Windows ControlAd
%p\windows adcontrol\

:WinFavorites
%p\winfavorites\
%s\a.exe
%s\bridge.dll

:WinFixer
%c\winfixer 2006\
%c\winsoftware\
%p\winfixer 2005\
%p\winfixer_2006\
%s\df_kme.exe
%s\dfe1.exe

:WinMuschi
%w\winmuschi.exe

:Winpup
%s\pup.exe
%s\winpup.exe
%s\winpup32.exe

:WinSB
%s\winsb.dll

:Winshow
%s\winshow.dll

:WinTools
%c\wintools\

:Winupie
%s\axconfig.dll
%w\winupie.exe

:Wualess Trojan
%s\wuauclt.dll

:XCP Sony Rootkit
%w\cdproxyserv.exe

:XLocator
%s\winlocator.dll
%s\winlocatorhelper.dll
%w\updatewinlocator.exe

:XPCSpy
%p\xpcspy\
%p\xsoftware\
%s\rx.exe
%s\sysdll32.dll
%s\systemout.exe
%s\wintft.dll

:YourSiteBar
%p\yoursitebar\

:Zafi.D Worm
%s\norton update.exe

:Zango
%p\zango games\
%p\zango programs\
%p\zango\
%p\zangoclient\

:ZeroPopUpBar
%p\zeropopupbar\
%s\zeropopupbar.dll
%s\zp.dll

:Zlob Trojan
%p\mmediacodec\
%s\4ccc3cea.exe
%s\dcomcfg.exe
%s\dfrgsrv.exe
%s\ishost.exe
%s\ismon.exe
%s\isnotify.exe
%s\issearch.exe
%s\mscornet.exe
%s\msmsgs.exe
%s\mssearchnet.exe
%s\nvctrl.exe
%s\regperf.exe

:Zotob Worm
%s\botzor.exe
%s\csm.exe
%s\fuck.exe
%s\per.exe
%s\pnp.exe
%s\servises.exe
%s\update.exe
%s\winksl.exe
%s\winrvl.exe
%s\wintbp.exe
%s\wintbpx.exe
%s\winwsl.exe
%w\hpsv.exe
%w\pnpasn32.exe

:zSearch
%p\zsearch\
Image
__________________
Pierre (aka Terdef)
Appel à donation - Le site a besoin de votre aide

Comment je me fais avoir/infecter ? - Protéger navigateur, navigation et vie privée - Bloquer publicité et surveillance sur le Web
Accélérer Windows - Accélérer Internet - Décontamination - Installer Malwarebytes - Forums d'entraide

Il ne sera répondu à aucune demande de dépannage posée en MP (Messagerie Privée). Les demandes doivent être publiques et les réponses doivent profiter au public.
Image
Avatar de l’utilisateur
pierre
 
Messages: 29665
Inscription: 20 Mai 2002, 23:01
Localisation: Ici et maintenant

Messagede pierre » 04 Fév 2008, 14:35

Ca me revient !
Je crois que c'est celui-là, l'autre qui fait un peu de vaccination (write-protect de répertoires...)
http://assiste.com.free.fr/p/logitheque ... ector.html
Image
__________________
Pierre (aka Terdef)
Appel à donation - Le site a besoin de votre aide

Comment je me fais avoir/infecter ? - Protéger navigateur, navigation et vie privée - Bloquer publicité et surveillance sur le Web
Accélérer Windows - Accélérer Internet - Décontamination - Installer Malwarebytes - Forums d'entraide

Il ne sera répondu à aucune demande de dépannage posée en MP (Messagerie Privée). Les demandes doivent être publiques et les réponses doivent profiter au public.
Image
Avatar de l’utilisateur
pierre
 
Messages: 29665
Inscription: 20 Mai 2002, 23:01
Localisation: Ici et maintenant

Messagede nickW » 05 Fév 2008, 01:26

Bonsoir,

Il me semble inutile d'afficher la liste des fichiers/dossiers créés par MI! :wink:

Salut,
nickW - Image
30/07/2012: Plus de désinfection de PC jusqu'à nouvel ordre.
Pas de demande d'analyse de log en MP (Message Privé)
Mes configs
Avatar de l’utilisateur
nickW
Modérateur
 
Messages: 21698
Inscription: 20 Mai 2004, 17:41
Localisation: Dordogne/Île de France

Messagede pierre » 05 Fév 2008, 05:47

Re,
Marqueurs indélébiles

Je crois que nous devrions utiliser un mot de Titeuf

Marqueurs indédébiles

:wink:
Image
__________________
Pierre (aka Terdef)
Appel à donation - Le site a besoin de votre aide

Comment je me fais avoir/infecter ? - Protéger navigateur, navigation et vie privée - Bloquer publicité et surveillance sur le Web
Accélérer Windows - Accélérer Internet - Décontamination - Installer Malwarebytes - Forums d'entraide

Il ne sera répondu à aucune demande de dépannage posée en MP (Messagerie Privée). Les demandes doivent être publiques et les réponses doivent profiter au public.
Image
Avatar de l’utilisateur
pierre
 
Messages: 29665
Inscription: 20 Mai 2002, 23:01
Localisation: Ici et maintenant


Retourner vers Mises à jour du site

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 2 invités