<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<BadExes>
	<BadExe Name="A-trojan" Exe="a.exe" Description="Remote Access. Alters Win.ini."/>
	<BadExe Name="A-trojan" Exe="a_s.exe" Description="Remote Access. Alters Win.ini."/>
	<BadExe Name="Acid Shivers" Exe="acid setup.exe" Description="Remote Access."/>
	<BadExe Name="Acid Battery" Exe="acid.exe" Description="Remote Access / FTP server"/>
	<BadExe Name="AcidkoR" Exe="acidkor.exe" Description="Remote Access. A very basic RAT."/>
	<BadExe Name="Acid Shivers" Exe="acidshivers.exe" Description="Remote Access."/>
	<BadExe Name="A-trojan" Exe="a-client2.exe" Description="Remote Access. Alters Win.ini."/>
	<BadExe Name="WORM_OPASERV.T" Exe="activeds.exe" Description="This destructive, memory-resident worm, a member of the OPASERV family of worms, propagates via shared network drives."/>
	<BadExe Name="W32.Poscal.Worm" Exe="activex.exe" Description="W32.Poscal.Worm is a worm that attempts to spread itself across KaZaA file-sharing networks. It also attempts to use Microsoft Outlook to send itself to all contacts in the Outlook Address Book."/>
	<BadExe Name="Audiodoor" Exe="ad12_cli.exe" Description="Eavesdropper."/>
	<BadExe Name="Audiodoor" Exe="ad12_srv.exe" Description="Eavesdropper."/>
	<BadExe Name="Trojan.Popdis" Exe="addcls.exe" Description="Trojan.Popdis is a Trojan horse that modifies the registry keys and overwrites the Hosts file. The file, Addcls.exe (detected as Downloader.Trojan), downloads Trojan.Popdis."/>
	<BadExe Name="Admin Tool" Exe="admintool.exe" Description="Steals passwords / ICQ trojan"/>
	<BadExe Name="IRC/Flood.ba" Exe="adobes.exe" Description="This is an Internet Relay Chat BOT/DDoS tool. It is dropped by a self-extracting archive which includes a copy of the mIRC client within itself. This allows users who do not run mIRC to become used in a DDoS attack."/>
	<BadExe Name="Y3K RAT" Exe="advapi32.exe" Description="Remote Access / ICQ trojan / IP sniffer / AIM trojan / MSN trojan. Includes an ICQ IP sniffer and may send a notification to the hacker´s UIN.
"/>
	<BadExe Name="AOL Buddy" Exe="aim reminder.exe" Description="This is an AOL Trojan virus that works as an AOL password stealer."/>
	<BadExe Name="Masters Paradise" Exe="angel.exe" Description="Remote Access"/>
	<BadExe Name="Hybris" Exe="anoafpan.exe" Description="Worm / Virus / Mail trojan. The worm patches Wsock32.dll. Hybris spreads to every address in Outlook."/>
	<BadExe Name="IE Toolbar" Exe="ante browse trust.exe" Description="IE toolbar hijacking you to www.Lop.com."/>
	<BadExe Name="MTX" Exe="anti_cih.exe" Description="Remote Access / Worm / Virus / Trojan dropper / Mail trojan / Downloading trojan."/>
	<BadExe Name="WebEx" Exe="antidote[1.2].exe" Description="Remote Access / FTP Server"/>
	<BadExe Name="WebEx" Exe="antidote[1.3].exe" Description="Remote Access / FTP Server"/>
	<BadExe Name="PWSteal.Antigen" Exe="antigen.exe" Description="Steals passwords"/>
	<BadExe Name="Hackers Paradise" Exe="antinuke.exe" Description="Remote Access / Steals passwords"/>
	<BadExe Name="Apulia4" Exe="apuliaiv.exe" Description="Worm / Mail trojan. If the victim´s copy of WinZip is not registred, the worm tries to do it. Apulia 4 uses all addresses in Outlook and sends a mail with the subject &quot;Crack for ICQ&quot;. 
"/>
	<BadExe Name="Logger" Exe="archiver.exe" Description="Keylogger"/>
	<BadExe Name="Nirvana" Exe="ariel.exe" Description="Remote Access"/>
	<BadExe Name="AdRoar" Exe="arupdate.exe" Description="Adware. AdRoar is a Browser Helper Object that is used to display pop-up advertisements."/>
	<BadExe Name="BLA trojan" Exe="asian trojan.exe" Description="Remote Access / Steals passwords. The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software."/>
	<BadExe Name="Moscow Email trojan" Exe="asmphoto1.exe" Description="Mail trojan / Autodialer / ICQ trojan / Steals passwords 
 It deletes the two system files Regedit.exe and Msconfig.exe."/>
	<BadExe Name="Moscow Email trojan" Exe="asmphoto2.exe" Description="Mail trojan / Autodialer / ICQ trojan / Steals passwords 
 It deletes the two system files Regedit.exe and Msconfig.exe."/>
	<BadExe Name="W32.ASpam.Trojan.B" Exe="aspam.exe" Description="This Trojan is disguised as an antispam tool from Microsoft. Upon executing the Trojan, the user is presented with a dialog box."/>
	<BadExe Name="W32.Kotira" Exe="atira.exe" Description="W32.Kotira is a virus that overwrites executable files."/>
	<BadExe Name="Atomic2" Exe="atomic2.exe" Description="Steals passwords. It steals dailup passwords and hides them in Rasxnfo.dll, which is encrypted. It sends the file through a SMTP server to the following mail addresses: addr2@server.com , addr3@server.com, majlisb@yahoo.com. 
"/>
	<BadExe Name="W32.Beagle.B@mm" Exe="au.exe" Description="W32.Beagle.B@mm is a mass-mailing worm that opens a backdoor on TCP port 8866. The worm uses its own SMTP engine for email propagation. It can also send to the attacker the port on which the backdoor listens, as well as a randomized ID number."/>
	<BadExe Name="W32.Mexer.D.Worm" Exe="autoexec.bat.exe" Description="W32.Mexer.D.Worm is a worm that attempts to spread across file-sharing networks such as KaZaA and iMesh. It also attempts to download an executable from a hard-coded Web link."/>
	<BadExe Name="Masters Paradise" Exe="autopoll.exe" Description="Remote Access"/>
	<BadExe Name="" Exe="av.exe" Description=""/>
	<BadExe Name="" Exe="avguard.exe" Description=""/>
	<BadExe Name="" Exe="avp_updates.exe" Description=""/>
	<BadExe Name="" Exe="avpmonitor.exe" Description=""/>
	<BadExe Name="" Exe="avprotect.exe" Description=""/>
	<BadExe Name="" Exe="avserve.exe" Description=""/>
	<BadExe Name="" Exe="avserve2.exe" Description=""/>
	<BadExe Name="" Exe="avupdate.exe" Description=""/>
	<BadExe Name="GirlFriend" Exe="awindll.exe" Description="Steals passwords"/>
	<BadExe Name="Host Control" Exe="axdist.exe" Description="Remote Access / Destructive trojan / Virus dropper. It copies itself to c:\recycled to avoid detection by some antivirus programs."/>
	<BadExe Name="W32.NewApt.Worm " Exe="baby.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="Backage" Exe="backage 3.2 se.exe" Description="Remote Access. Alters Win.ini and System.ini. A servereditor makes it possible for an intruder to change the port used and the UIN to notify upon a new succesful installation."/>
	<BadExe Name="Backage" Exe="backageclient.exe" Description="Remote Access. Alters Win.ini and System.ini. A servereditor makes it possible for an intruder to change the port used and the UIN to notify upon a new succesful installation."/>
	<BadExe Name="Backage" Exe="backageserver.exe" Description="Remote Access. Alters Win.ini and System.ini. A servereditor makes it possible for an intruder to change the port used and the UIN to notify upon a new succesful installation."/>
	<BadExe Name="Backage" Exe="backageserver2.exe" Description="Remote Access. Alters Win.ini and System.ini. A servereditor makes it possible for an intruder to change the port used and the UIN to notify upon a new succesful installation."/>
	<BadExe Name="" Exe="backdoor.exe" Description=""/>
	<BadExe Name="" Exe="backwebserv.exe" Description=""/>
	<BadExe Name="" Exe="bad.exe" Description=""/>
	<BadExe Name="" Exe="bad_day.exe" Description=""/>
	<BadExe Name="W32.Badass.24576" Exe="badass.exe" Description="W32.Badass.24576 is a worm that usually comes as BADASS.EXE program attachment in an email. The size of this attached program file is 24,576 bytes. The worm displays an insulting message box with un-click-able NO button. In the background, it uses Microsoft Outlook to send a copy of itself to people in the MS Outlook address book."/>
	<BadExe Name="Barok" Exe="barok.exe" Description="Steals passwords"/>
	<BadExe Name="W32.Beagle.A@mm " Exe="bbeagle.exe" Description="W32.Beagle.A@mm is a mass-mailing worm that accesses remote Web sites and sends email to any addresses it finds using its own SMTP engine."/>
	<BadExe Name="W32.Mumu.B.Worm" Exe="bboy.exe" Description="W32.Mumu.B.Worm is a worm that spreads through network shares. The main worm component is a file named Mumu.exe. The worm will create various files on the infected system, including both legitimate utilities and malicious files."/>
	<BadExe Name="Mosucker" Exe="bcyuh.exe" Description="Remote Access. May alter System.ini and/or Win.ini."/>
	<BadExe Name="Yet Another Trojan - YAT" Exe="bedienks 2.exe" Description="Remote Access"/>
	<BadExe Name="Beigllbe" Exe="beigllbe.exe" Description=""/>
	<BadExe Name="" Exe="beil.exe" Description=""/>
	<BadExe Name="" Exe="belt.exe" Description=""/>
	<BadExe Name="InCommand" Exe="betaclientc.exe" Description="Remote Access / FTP server / ICQ trojan"/>
	<BadExe Name="Blood Fest Evolution" Exe="bf evolution.exe" Description="Remote Access / AOL trojan"/>
	<BadExe Name="Big Gluck" Exe="bg10.exe" Description="Steals passwords / Remote Access. Steals all cached passwords.
"/>
	<BadExe Name="Mosucker" Exe="bhfqx.exe" Description="Remote Access. May alter System.ini and/or Win.ini. 
"/>
	<BadExe Name="Plage 2000" Exe="billgt.exe" Description="Worm / File virus. Alters Win.ini. &quot;Between midnight and 2.00am on Wednesdays the worm attempts to display an animated graphic of Adolf Hitler shooting himself in the head.&quot;"/>
	<BadExe Name="Pie Bill Gates" Exe="billpie.exe" Description="Remote Access / Trojan dropper. Disguised as a game. Installs NetBus server 1.53 while you play. 
"/>
	<BadExe Name="Snid" Exe="binder.exe" Description="Remote Access"/>
	<BadExe Name="Email Password Sender - EPS, EPS II" Exe="bintouue.exe" Description="Steals passwords / ICQ trojan. Displays a Firework and simultanlously starts in the backround. Sends the passwords encrypted via e-mail."/>
	<BadExe Name="BioNet" Exe="bionet.exe" Description="Remote Access / Keylogger / Steals passwords / ICQ trojan / AOL trojan / DoS tool."/>
	<BadExe Name="BLA trojan" Exe="bla(client).exe" Description="Remote Access / Steals passwords. The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software."/>
	<BadExe Name="BLA trojan" Exe="bla501trojan.exe" Description="Remote Access / Steals passwords. The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software."/>
	<BadExe Name="BLA trojan" Exe="blaaaaa.exe" Description="Remote Access / Steals passwords. The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software."/>
	<BadExe Name="BLA trojan" Exe="blaclient.exe" Description="Remote Access / Steals passwords. The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software."/>
	<BadExe Name="BLA trojan" Exe="blaclient2.exe" Description="Remote Access / Steals passwords. The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software."/>
	<BadExe Name="" Exe="blade.exe" Description=""/>
	<BadExe Name="Blakharaz" Exe="blakharaz.exe" Description="Remote Access"/>
	<BadExe Name="Blakharaz" Exe="blakharazclient.exe" Description="Remote Access"/>
	<BadExe Name="Blakharaz" Exe="blakharazserver.exe" Description="Remote Access"/>
	<BadExe Name="" Exe="blazer5.exe" Description=""/>
	<BadExe Name="Bleem Station" Exe="bleem!.exe" Description="Destructive trojan. Bleem carries the PlayStation logo as its icon. The trojan inside Bleem overwrites files on the PC."/>
	<BadExe Name="" Exe="blonde.exe" Description=""/>
	<BadExe Name="" Exe="bmb2.exe" Description=""/>
	<BadExe Name="" Exe="bmclient.exe" Description=""/>
	<BadExe Name="" Exe="bmgpad.exe" Description=""/>
	<BadExe Name="Back Orifice 2000" Exe="bo2k.exe" Description="Remote Access. Runs as a hidden service. Uses encryption."/>
	<BadExe Name="Back Orifice 2000" Exe="bo2k_1_0_full.exe" Description="Remote Access. Runs as a hidden service. Uses encryption."/>
	<BadExe Name="Back Orifice 2000" Exe="bo2k_1_0_intl.exe" Description="Remote Access. Runs as a hidden service. Uses encryption."/>
	<BadExe Name="Back Orifice 2000" Exe="bo2kcfg.exe" Description="Remote Access. Runs as a hidden service. Uses encryption."/>
	<BadExe Name="Back Orifice 2000" Exe="bo2kgui.exe" Description="Remote Access. Runs as a hidden service. Uses encryption."/>
	<BadExe Name="BoBo" Exe="bobo.exe" Description="Remote Access"/>
	<BadExe Name="" Exe="boclient.exe" Description=""/>
	<BadExe Name="" Exe="boconfig.exe" Description=""/>
	<BadExe Name="" Exe="bogui.exe" Description=""/>
	<BadExe Name="" Exe="bootexec.exe" Description=""/>
	<BadExe Name="" Exe="boserve.exe" Description=""/>
	<BadExe Name="" Exe="boss.exe" Description=""/>
	<BadExe Name="" Exe="brains~1.exe" Description=""/>
	<BadExe Name="" Exe="brainspy .exe" Description=""/>
	<BadExe Name="" Exe="brainspy.exe" Description=""/>
	<BadExe Name="" Exe="brmado.exe" Description=""/>
	<BadExe Name="" Exe="btr50setup.exe" Description=""/>
	<BadExe Name="" Exe="btrcfg.exe" Description=""/>
	<BadExe Name="" Exe="bubbel.exe" Description=""/>
	<BadExe Name="" Exe="buddylist.exe" Description=""/>
	<BadExe Name="" Exe="bug.exe" Description=""/>
	<BadExe Name="" Exe="bugs.exe" Description=""/>
	<BadExe Name="" Exe="bug´s.exe" Description=""/>
	<BadExe Name="" Exe="builder.exe" Description=""/>
	<BadExe Name="" Exe="bwskfa.exe" Description=""/>
	<BadExe Name="" Exe="cabchk32.exe" Description=""/>
	<BadExe Name="Cafeini" Exe="cafe08pl.exe" Description="Remote Access. It kills more than 20 antivirus programs in memory and also four dedicated antitrojan softwares. The trojan can redirect ports and connect to several servers at the same time. It can also be used as a port scanner. Cafeini can also take another program´s place in the Registry. The server will automatically be updated using HTTP."/>
	<BadExe Name="Cafeini" Exe="cafeclnt.exe" Description="Remote Access. It kills more than 20 antivirus programs in memory and also four dedicated antitrojan softwares. The trojan can redirect ports and connect to several servers at the same time. It can also be used as a port scanner. Cafeini can also take another program´s place in the Registry. The server will automatically be updated using HTTP."/>
	<BadExe Name="Cafeini" Exe="cafeini.exe" Description="Remote Access. It kills more than 20 antivirus programs in memory and also four dedicated antitrojan softwares. The trojan can redirect ports and connect to several servers at the same time. It can also be used as a port scanner. Cafeini can also take another program´s place in the Registry. The server will automatically be updated using HTTP."/>
	<BadExe Name="Cafeini" Exe="cafeiniclient.exe" Description="Remote Access. It kills more than 20 antivirus programs in memory and also four dedicated antitrojan softwares. The trojan can redirect ports and connect to several servers at the same time. It can also be used as a port scanner. Cafeini can also take another program´s place in the Registry. The server will automatically be updated using HTTP."/>
	<BadExe Name="Cafeini" Exe="cafeiniconfig.exe" Description="Remote Access. It kills more than 20 antivirus programs in memory and also four dedicated antitrojan softwares. The trojan can redirect ports and connect to several servers at the same time. It can also be used as a port scanner. Cafeini can also take another program´s place in the Registry. The server will automatically be updated using HTTP."/>
	<BadExe Name="Cafeini" Exe="cafeiniserver.exe" Description="Remote Access. It kills more than 20 antivirus programs in memory and also four dedicated antitrojan softwares. The trojan can redirect ports and connect to several servers at the same time. It can also be used as a port scanner. Cafeini can also take another program´s place in the Registry. The server will automatically be updated using HTTP."/>
	<BadExe Name="" Exe="californ.exe" Description=""/>
	<BadExe Name="" Exe="card.exe" Description=""/>
	<BadExe Name="" Exe="casper.exe" Description=""/>
	<BadExe Name="" Exe="cavapsvc.exe" Description=""/>
	<BadExe Name="" Exe="caznovas.exe" Description=""/>
	<BadExe Name="" Exe="cc invader.exe" Description=""/>
	<BadExe Name="" Exe="cc invader2.exe" Description=""/>
	<BadExe Name="" Exe="ccapp32.exe" Description=""/>
	<BadExe Name="" Exe="ccc.exe" Description=""/>
	<BadExe Name="" Exe="cdeztks.exe" Description=""/>
	<BadExe Name="Hermes" Exe="cenik.exe" Description="Worm / Mail trojan"/>
	<BadExe Name="" Exe="cfg95.exe" Description=""/>
	<BadExe Name="" Exe="cfgwiz32.exe" Description=""/>
	<BadExe Name="" Exe="cgtask.exe" Description=""/>
	<BadExe Name="" Exe="chainsaw.exe" Description=""/>
	<BadExe Name="" Exe="chart.vbs" Description=""/>
	<BadExe Name="W32.HLLP.Shodi.B" Exe="cheatle.exe" Description="W32.HLLP.Shodi.B is a virus that prepends itself to the files that have a .exe extension."/>
	<BadExe Name="W32.NewApt.Worm" Exe="cheeseburst.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="Chupacabra" Exe="chupacabra.exe" Description="Remote Access / Destructive trojan. Alters Win.ini. 
"/>
	<BadExe Name="Hermes" Exe="cih.exe" Description="Worm / Mail trojan"/>
	<BadExe Name="" Exe="cihost.exe" Description=""/>
	<BadExe Name="" Exe="clhost.exe" Description=""/>
	<BadExe Name="Hermes" Exe="click_me!.exe" Description="Worm / Mail trojan"/>
	<BadExe Name="" Exe="clie.exe" Description=""/>
	<BadExe Name="" Exe="client _1_3.exe" Description=""/>
	<BadExe Name="" Exe="client(beta).exe" Description=""/>
	<BadExe Name="" Exe="client_12_pw.exe" Description=""/>
	<BadExe Name="" Exe="cliente.exe" Description=""/>
	<BadExe Name="" Exe="clienttrinno.exe" Description=""/>
	<BadExe Name="" Exe="cmctl32.exe" Description=""/>
	<BadExe Name="" Exe="comaclient.exe" Description=""/>
	<BadExe Name="" Exe="command.exe" Description=""/>
	<BadExe Name="" Exe="command32.exe.vbs" Description=""/>
	<BadExe Name="" Exe="compiled.exe" Description=""/>
	<BadExe Name="" Exe="compiler.exe" Description=""/>
	<BadExe Name="" Exe="comserv.exe" Description=""/>
	<BadExe Name="" Exe="confgldr.exe" Description=""/>
	<BadExe Name="" Exe="configuration.exe" Description=""/>
	<BadExe Name="" Exe="configurator.exe" Description=""/>
	<BadExe Name="" Exe="conftroj.exe" Description=""/>
	<BadExe Name="" Exe="connection.exe" Description=""/>
	<BadExe Name="W32.NewApt.Worm" Exe="cooler1.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="W32.NewApt.Worm" Exe="cooler3.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="W32.NewApt.Worm" Exe="copier.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="" Exe="cowclient.exe" Description=""/>
	<BadExe Name="" Exe="cowserver.exe" Description=""/>
	<BadExe Name="CrazzyNet" Exe="crazzynet375.exe" Description="Remote Access / Steals passwords. Alters Win.ini and System.ini. Comes with a NetScanner to help finding infected PCs."/>
	<BadExe Name="CrazzyNet" Exe="crazzynet50.exe" Description="Remote Access / Steals passwords. Alters Win.ini and System.ini. Comes with a NetScanner to help finding infected PCs."/>
	<BadExe Name="" Exe="creadisk.exe" Description=""/>
	<BadExe Name="" Exe="cryptuue.exe" Description=""/>
	<BadExe Name="" Exe="cserver.exe" Description=""/>
	<BadExe Name="" Exe="csmctrl32.exe" Description=""/>
	<BadExe Name="" Exe="csrrs.exe" Description=""/>
	<BadExe Name="" Exe="cssrs.exe" Description=""/>
	<BadExe Name="" Exe="csystime.exe" Description=""/>
	<BadExe Name="" Exe="ctels.exe" Description=""/>
	<BadExe Name="W32.NewApt.Worm" Exe="cupid2.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="" Exe="cure.exe" Description=""/>
	<BadExe Name="" Exe="cydoor.exe" Description=""/>
	<BadExe Name="" Exe="cvhost.exe" Description=""/>
	<BadExe Name="" Exe="dadruq.exe" Description=""/>
	<BadExe Name="" Exe="darkftp.exe" Description=""/>
	<BadExe Name="" Exe="darkftp1.0b.exe" Description=""/>
	<BadExe Name="Dark Shadow" Exe="darkshadow.trojan.exe" Description="Remote Access. The trojan is encrypted."/>
	<BadExe Name="" Exe="dat92003.exe" Description=""/>
	<BadExe Name="" Exe="data2.exe" Description=""/>
	<BadExe Name="" Exe="datcheck.exe" Description=""/>
	<BadExe Name="" Exe="datkiller.exe" Description=""/>
	<BadExe Name="Trojan.WebMoney.Wmpatch" Exe="dbole.exe" Description="Steals informations from WebMoney users."/>
	<BadExe Name="" Exe="dcemgr.exe" Description=""/>
	<BadExe Name="" Exe="dconfig.exe" Description=""/>
	<BadExe Name="" Exe="dcv.exe" Description=""/>
	<BadExe Name="" Exe="ddc152.exe" Description=""/>
	<BadExe Name="" Exe="ddc153.exe" Description=""/>
	<BadExe Name="" Exe="ddcg152.exe" Description=""/>
	<BadExe Name="" Exe="ddcg153.exe" Description=""/>
	<BadExe Name="" Exe="ddcw.exe" Description=""/>
	<BadExe Name="" Exe="ddick.exe" Description=""/>
	<BadExe Name="" Exe="dds152.exe" Description=""/>
	<BadExe Name="" Exe="ddsetup.exe" Description=""/>
	<BadExe Name="" Exe="ddsfind.exe" Description=""/>
	<BadExe Name="" Exe="death.exe" Description=""/>
	<BadExe Name="" Exe="debugg.dll" Description=""/>
	<BadExe Name="" Exe="decode.exe" Description=""/>
	<BadExe Name="" Exe="decryptor.exe" Description=""/>
	<BadExe Name="" Exe="decryptuue.exe" Description=""/>
	<BadExe Name="" Exe="deep throat mib.exe" Description=""/>
	<BadExe Name="" Exe="deepbo.exe" Description=""/>
	<BadExe Name="" Exe="defrags.exe" Description=""/>
	<BadExe Name="" Exe="deltaserver.exe" Description=""/>
	<BadExe Name="" Exe="derspaher.exe" Description=""/>
	<BadExe Name="" Exe="desintall.exe" Description=""/>
	<BadExe Name="" Exe="deskmanager.exe" Description=""/>
	<BadExe Name="" Exe="dfjcwd.exe" Description=""/>
	<BadExe Name="" Exe="dgainaiai.exe" Description=""/>
	<BadExe Name="" Exe="dhacker.exe" Description=""/>
	<BadExe Name="" Exe="dialupsc.exe" Description=""/>
	<BadExe Name="" Exe="diihost.exe" Description=""/>
	<BadExe Name="" Exe="dilbertdance.jpg.exe" Description=""/>
	<BadExe Name="" Exe="dinheiro.exe" Description=""/>
	<BadExe Name="" Exe="directs.exe" Description=""/>
	<BadExe Name="" Exe="directx.exe" Description=""/>
	<BadExe Name="" Exe="dkbdll.exe" Description=""/>
	<BadExe Name="" Exe="dkftp14c.exe" Description=""/>
	<BadExe Name="" Exe="dkftp165cfg.exe" Description=""/>
	<BadExe Name="" Exe="dkftpcfg.exe" Description=""/>
	<BadExe Name="" Exe="dll.exe" Description=""/>
	<BadExe Name="BoBo" Exe="dllclient.exe" Description="Remote Access"/>
	<BadExe Name="" Exe="dllfiles.exe" Description=""/>
	<BadExe Name="" Exe="dllrun.exe" Description=""/>
	<BadExe Name="" Exe="dlls32.exe" Description=""/>
	<BadExe Name="" Exe="dluca.exe" Description=""/>
	<BadExe Name="" Exe="dm_mgr.exe" Description=""/>
	<BadExe Name="" Exe="dnetc.exe" Description=""/>
	<BadExe Name="" Exe="dnsmaster.exe" Description=""/>
	<BadExe Name="" Exe="doly.exe" Description=""/>
	<BadExe Name="" Exe="doly1.2.exe" Description=""/>
	<BadExe Name="" Exe="doly135.exe" Description=""/>
	<BadExe Name="" Exe="doly15.exe" Description=""/>
	<BadExe Name="" Exe="doly16.exe" Description=""/>
	<BadExe Name="" Exe="dolytrojan.exe" Description=""/>
	<BadExe Name="" Exe="dos32.exe" Description=""/>
	<BadExe Name="" Exe="dosrun32.exe" Description=""/>
	<BadExe Name="" Exe="download_plugin.exe" Description=""/>
	<BadExe Name="" Exe="dp.exe" Description=""/>
	<BadExe Name="" Exe="drat setup util.exe" Description=""/>
	<BadExe Name="" Exe="drat.exe" Description=""/>
	<BadExe Name="" Exe="dratfile_gui.exe" Description=""/>
	<BadExe Name="" Exe="dream.exe" Description=""/>
	<BadExe Name="" Exe="drvctrl95.exe" Description=""/>
	<BadExe Name="" Exe="drvddll.exe" Description=""/>
	<BadExe Name="" Exe="drvsys.exe" Description=""/>
	<BadExe Name="" Exe="ds3.exe" Description=""/>
	<BadExe Name="" Exe="ds3english.exe" Description=""/>
	<BadExe Name="" Exe="ds3german.exe" Description=""/>
	<BadExe Name="" Exe="ds3-mini.exe" Description=""/>
	<BadExe Name="" Exe="dtv3 client.exe" Description=""/>
	<BadExe Name="" Exe="dtv3.1 client.exe" Description=""/>
	<BadExe Name="" Exe="duncntrl.exe" Description=""/>
	<BadExe Name="" Exe="dupview.exe" Description=""/>
	<BadExe Name="" Exe="dvvjphay.exe" Description=""/>
	<BadExe Name="Hybris" Exe="dwarf4you.exe" Description="Worm / Virus / Mail trojan. The worm patches Wsock32.dll. Hybris spreads to every address in Outlook."/>
	<BadExe Name="" Exe="dxupdate.exe" Description=""/>
	<BadExe Name="" Exe="eastav.exe" Description=""/>
	<BadExe Name="" Exe="easyav.exe" Description=""/>
	<BadExe Name="" Exe="edit-keylogger.exe" Description=""/>
	<BadExe Name="A-trojan" Exe="editora2.exe" Description="Remote Access. Alters Win.ini."/>
	<BadExe Name="" Exe="editserver.exe" Description=""/>
	<BadExe Name="" Exe="editsrv1.exe" Description=""/>
	<BadExe Name="" Exe="editsvr.exe" Description=""/>
	<BadExe Name="" Exe="edtsrv.exe" Description=""/>
	<BadExe Name="" Exe="emmanuel.exe" Description=""/>
	<BadExe Name="" Exe="encrypt.exe" Description=""/>
	<BadExe Name="Hermes" Exe="energy.exe" Description="Worm / Mail trojan"/>
	<BadExe Name="" Exe="enterprise.exe" Description=""/>
	<BadExe Name="" Exe="epp32.exe" Description=""/>
	<BadExe Name="" Exe="eps.exe" Description=""/>
	<BadExe Name="" Exe="eps16.exe" Description=""/>
	<BadExe Name="" Exe="eps161.exe" Description=""/>
	<BadExe Name="Worm.ExploreZip.C" Exe="error!.exe" Description="Worm.ExploreZip.C is a variant of Worm.ExploreZip."/>
	<BadExe Name="" Exe="error32_client.exe" Description=""/>
	<BadExe Name="" Exe="error32_server.exe" Description=""/>
	<BadExe Name="" Exe="eschlp.exe" Description=""/>
	<BadExe Name="" Exe="exec.exe" Description=""/>
	<BadExe Name="" Exe="exesmasher.exe" Description=""/>
	<BadExe Name="" Exe="expiorer.exe" Description=""/>
	<BadExe Name="" Exe="expl32.exe" Description=""/>
	<BadExe Name="" Exe="explor.exe" Description=""/>
	<BadExe Name="" Exe="explore.exe" Description=""/>
	<BadExe Name="" Exe="explorer.scr" Description=""/>
	<BadExe Name="" Exe="explupd.exe" Description=""/>
	<BadExe Name="" Exe="fakeftp_gen.exe" Description=""/>
	<BadExe Name="" Exe="faxmgr.exe" Description=""/>
	<BadExe Name="W32.NewApt.Worm" Exe="fborfw.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="Hybris" Exe="fidgfnik.exe" Description="Worm / Virus / Mail trojan. The worm patches Wsock32.dll. Hybris spreads to every address in Outlook."/>
	<BadExe Name="AcidkoR" Exe="file64.exe" Description="Remote Access. A very basic RAT."/>
	<BadExe Name="" Exe="filed.exe" Description=""/>
	<BadExe Name="AcidkoR" Exe="filegui.exe" Description="Remote Access. A very basic RAT."/>
	<BadExe Name="" Exe="filename.exe" Description=""/>
	<BadExe Name="" Exe="firewallsvr.exe" Description=""/>
	<BadExe Name="" Exe="fix.exe" Description=""/>
	<BadExe Name="" Exe="fix2001.exe" Description=""/>
	<BadExe Name="" Exe="fix210x.exe" Description=""/>
	<BadExe Name="" Exe="fntldr.exe" Description=""/>
	<BadExe Name="" Exe="fooding.exe" Description=""/>
	<BadExe Name="" Exe="forcedentry11b.exe" Description=""/>
	<BadExe Name="" Exe="freak trojan 2k.exe" Description=""/>
	<BadExe Name="" Exe="freeze.exe" Description=""/>
	<BadExe Name="" Exe="frenzy.exe" Description=""/>
	<BadExe Name="" Exe="fs-backup.exe" Description=""/>
	<BadExe Name="" Exe="fsg.exe" Description=""/>
	<BadExe Name="" Exe="fsg-ag.exe" Description=""/>
	<BadExe Name="Hermes" Exe="ftip.exe" Description="Worm / Mail trojan"/>
	<BadExe Name="" Exe="ftp99cmp.exe" Description=""/>
	<BadExe Name="" Exe="ftpserver.exe" Description=""/>
	<BadExe Name="" Exe="fun.exe" Description=""/>
	<BadExe Name="" Exe="fvegpyyl.exe" Description=""/>
	<BadExe Name="" Exe="fvprotect.exe" Description=""/>
	<BadExe Name="" Exe="fxp.exe" Description=""/>
	<BadExe Name="" Exe="g_client.exe" Description=""/>
	<BadExe Name="" Exe="g_server.exe" Description=""/>
	<BadExe Name="" Exe="gadget.exe" Description=""/>
	<BadExe Name="" Exe="gain_trickler_3202.exe" Description=""/>
	<BadExe Name="" Exe="game.exe" Description=""/>
	<BadExe Name="" Exe="gator.exe" Description=""/>
	<BadExe Name="" Exe="gc.exe" Description=""/>
	<BadExe Name="" Exe="gcfg.exe" Description=""/>
	<BadExe Name="" Exe="gcinet.exe" Description=""/>
	<BadExe Name="" Exe="gcinetnt.exe" Description=""/>
	<BadExe Name="" Exe="gdi32.exe" Description=""/>
	<BadExe Name="" Exe="genvirus.exe" Description=""/>
	<BadExe Name="" Exe="gesfm32.exe" Description=""/>
	<BadExe Name="GirlFriend" Exe="gf.exe" Description="Steals passwords"/>
	<BadExe Name="GirlFriend" Exe="gf10beta.exe" Description="Steals passwords"/>
	<BadExe Name="" Exe="ghostdog.exe" Description=""/>
	<BadExe Name="W32.HLLP.Shodi.B" Exe="gigabyte.exe" Description="W32.HLLP.Shodi.B is a virus that prepends itself to the files that have a .exe extension."/>
	<BadExe Name="Gip" Exe="gip110doc.exe" Description="Remote Access / Steals passwords / ICQ trojan. Alters System.ini."/>
	<BadExe Name="Gip" Exe="gip110exe.exe" Description="Remote Access / Steals passwords / ICQ trojan. Alters System.ini."/>
	<BadExe Name="Gip" Exe="gip110jpg.exe" Description="Remote Access / Steals passwords / ICQ trojan. Alters System.ini."/>
	<BadExe Name="Gip" Exe="gip110zip.exe" Description="Remote Access / Steals passwords / ICQ trojan. Alters System.ini."/>
	<BadExe Name="Gip" Exe="gip111exe.exe" Description="Remote Access / Steals passwords / ICQ trojan. Alters System.ini."/>
	<BadExe Name="Gip" Exe="gip111jpg.exe" Description="Remote Access / Steals passwords / ICQ trojan. Alters System.ini."/>
	<BadExe Name="Gip" Exe="gip112doc.exe" Description="Remote Access / Steals passwords / ICQ trojan. Alters System.ini."/>
	<BadExe Name="Gip" Exe="gip112jpg.exe" Description="Remote Access / Steals passwords / ICQ trojan. Alters System.ini."/>
	<BadExe Name="Gip" Exe="gip113doc.exe" Description="Remote Access / Steals passwords / ICQ trojan. Alters System.ini."/>
	<BadExe Name="Gip" Exe="gip113jpg.exe" Description="Remote Access / Steals passwords / ICQ trojan. Alters System.ini."/>
	<BadExe Name="Gip" Exe="gipsvr107a.exe" Description="Remote Access / Steals passwords / ICQ trojan. Alters System.ini."/>
	<BadExe Name="Gip" Exe="gipsvr108.exe" Description="Remote Access / Steals passwords / ICQ trojan. Alters System.ini."/>
	<BadExe Name="Gip" Exe="gipsvr111.exe" Description="Remote Access / Steals passwords / ICQ trojan. Alters System.ini."/>
	<BadExe Name="Gip" Exe="gipwizard.exe" Description="Remote Access / Steals passwords / ICQ trojan. Alters System.ini."/>
	<BadExe Name="" Exe="girls.exe" Description=""/>
	<BadExe Name="" Exe="glide16.exe" Description=""/>
	<BadExe Name="" Exe="gmlku.exe" Description=""/>
	<BadExe Name="" Exe="gmt.exe" Description=""/>
	<BadExe Name="" Exe="goal.exe" Description=""/>
	<BadExe Name="W32.NewApt.Worm" Exe="goal1.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="" Exe="gog.exe" Description=""/>
	<BadExe Name="" Exe="gr.exe" Description=""/>
	<BadExe Name="" Exe="gravedad.exe" Description=""/>
	<BadExe Name="" Exe="grcfram.exe" Description=""/>
	<BadExe Name="" Exe="grreg.exe" Description=""/>
	<BadExe Name="" Exe="guiconf.exe" Description=""/>
	<BadExe Name="W32.NewApt.Worm" Exe="g-zilla.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="" Exe="h_client.exe" Description=""/>
	<BadExe Name="" Exe="h_server.exe" Description=""/>
	<BadExe Name="" Exe="hackstate trojan.exe" Description=""/>
	<BadExe Name="Hack´a´Tack" Exe="hack´a´tack.exe" Description="Remote Access / Hidden IP-Scanner. The trojan is able to decrypt cached passwords."/>
	<BadExe Name="" Exe="hallo.exe" Description=""/>
	<BadExe Name="Plage 2000" Exe="hamster.exe" Description="Worm / File virus. Alters Win.ini. &quot;Between midnight and 2.00am on Wednesdays the worm attempts to display an animated graphic of Adolf Hitler shooting himself in the head.&quot;"/>
	<BadExe Name="Happy99.Worm " Exe="happy99.exe" Description="When executed, the infected program opens a window entitled &quot;Happy New Year 1999 !!&quot; and shows a fireworks display to disguise its installation. This worm sends itself to other users when the infected computer is online."/>
	<BadExe Name="" Exe="hbinst.exe" Description=""/>
	<BadExe Name="" Exe="hcheck.exe" Description=""/>
	<BadExe Name="" Exe="hconf.exe" Description=""/>
	<BadExe Name="" Exe="hello.exe" Description=""/>
	<BadExe Name="" Exe="hellz little spy 1.2.exe" Description=""/>
	<BadExe Name="" Exe="hemany.exe" Description=""/>
	<BadExe Name="" Exe="hex2script.exe" Description=""/>
	<BadExe Name="" Exe="hgzserver.exe" Description=""/>
	<BadExe Name="" Exe="hit it.exe" Description=""/>
	<BadExe Name="" Exe="hkconf.exe" Description=""/>
	<BadExe Name="" Exe="hkey.exe" Description=""/>
	<BadExe Name="" Exe="hkeylog.exe" Description=""/>
	<BadExe Name="" Exe="hls15.exe" Description=""/>
	<BadExe Name="" Exe="hoconf.exe" Description=""/>
	<BadExe Name="W32.NewApt.Worm" Exe="hog.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="" Exe="hooconf.exe" Description=""/>
	<BadExe Name="" Exe="hooker.exe" Description=""/>
	<BadExe Name="" Exe="hool.exe" Description=""/>
	<BadExe Name="Host Control" Exe="host control 20.exe" Description="Remote Access / Destructive trojan / Virus dropper. It copies itself to c:\recycled to avoid detection by some antivirus programs."/>
	<BadExe Name="Host Control" Exe="host control 25.exe" Description="Remote Access / Destructive trojan / Virus dropper. It copies itself to c:\recycled to avoid detection by some antivirus programs."/>
	<BadExe Name="Host Control" Exe="host control client 2.7.exe" Description="Remote Access / Destructive trojan / Virus dropper. It copies itself to c:\recycled to avoid detection by some antivirus programs."/>
	<BadExe Name="Host Control" Exe="host control client 26b.exe" Description="Remote Access / Destructive trojan / Virus dropper. It copies itself to c:\recycled to avoid detection by some antivirus programs."/>
	<BadExe Name="Host Control" Exe="host control professional.exe" Description="Remote Access / Destructive trojan / Virus dropper. It copies itself to c:\recycled to avoid detection by some antivirus programs."/>
	<BadExe Name="Host Control" Exe="host control.exe" Description="Remote Access / Destructive trojan / Virus dropper. It copies itself to c:\recycled to avoid detection by some antivirus programs."/>
	<BadExe Name="Dial/HotKiss-A" Exe="hot_kiss.exe" Description="Dial/HotKiss-A is a premium rate porn dialer. Dial/HotKiss-A copies itself to the Windows folder with the filename Hot_Kiss.exe and creates shortcuts on the Desktop and in the Start Menu."/>
	<BadExe Name="" Exe="http.exe" Description=""/>
	<BadExe Name="Plage 2000" Exe="humor.exe" Description="Worm / File virus. Alters Win.ini. &quot;Between midnight and 2.00am on Wednesdays the worm attempts to display an animated graphic of Adolf Hitler shooting himself in the head.&quot;"/>
	<BadExe Name="" Exe="hvlrat client.exe" Description=""/>
	<BadExe Name="" Exe="hxdef.exe" Description=""/>
	<BadExe Name="ICKiller" Exe="ickill.exe" Description="DoS tool / ICQ trojan / Steals passwords (?). Can be used to flood a chanel with thousands of messages."/>
	<BadExe Name="ICKiller" Exe="ickiller.exe" Description="DoS tool / ICQ trojan / Steals passwords (?). Can be used to flood a chanel with thousands of messages."/>
	<BadExe Name="" Exe="ickrack.exe" Description=""/>
	<BadExe Name="Moscow Email trojan" Exe="icon_1.exe" Description="Mail trojan / Autodialer / ICQ trojan / Steals passwords. It deletes the two system files Regedit.exe and Msconfig.exe."/>
	<BadExe Name="Moscow Email trojan" Exe="icon_2.exe" Description="Mail trojan / Autodialer / ICQ trojan / Steals passwords. It deletes the two system files Regedit.exe and Msconfig.exe."/>
	<BadExe Name="WinCrash" Exe="icqfuckerextensions.exe" Description="Remote Access / Steals passwords"/>
	<BadExe Name="ICKiller" Exe="icqhijaak.exe" Description="DoS tool / ICQ trojan / Steals passwords (?). Can be used to flood a chanel with thousands of messages."/>
	<BadExe Name="" Exe="icqnuke.exe" Description=""/>
	<BadExe Name="" Exe="icqupdate.exe" Description=""/>
	<BadExe Name="" Exe="icsniffq.exe" Description=""/>
	<BadExe Name="" Exe="id8525.exe" Description=""/>
	<BadExe Name="" Exe="ie_ex.exe" Description=""/>
	<BadExe Name="" Exe="ie_pack.exe" Description=""/>
	<BadExe Name="" Exe="ie0199.exe" Description=""/>
	<BadExe Name="" Exe="ie080898.exe" Description=""/>
	<BadExe Name="" Exe="iecookie.exe" Description=""/>
	<BadExe Name="" Exe="iedriver.exe" Description=""/>
	<BadExe Name="" Exe="iestub32.exe" Description=""/>
	<BadExe Name="Moscow Email trojan" Exe="iexpand.exe" Description="Mail trojan / Autodialer / ICQ trojan / Steals passwords. It deletes the two system files Regedit.exe and Msconfig.exe."/>
	<BadExe Name="" Exe="iexpiore.exe" Description=""/>
	<BadExe Name="" Exe="iexplore32.exe" Description=""/>
	<BadExe Name="" Exe="iexplorer.exe" Description=""/>
	<BadExe Name="" Exe="iexplorer0.exe" Description=""/>
	<BadExe Name="" Exe="ik.exe" Description=""/>
	<BadExe Name="" Exe="ik97v12s.exe" Description=""/>
	<BadExe Name="" Exe="illusion client.exe" Description=""/>
	<BadExe Name="" Exe="inet20.exe" Description=""/>
	<BadExe Name="" Exe="inet20n.exe" Description=""/>
	<BadExe Name="" Exe="inetb00st.exe" Description=""/>
	<BadExe Name="Plage 2000" Exe="inetd.exe" Description="Worm / File virus. Alters Win.ini. &quot;Between midnight and 2.00am on Wednesdays the worm attempts to display an animated graphic of Adolf Hitler shooting himself in the head.&quot;"/>
	<BadExe Name="" Exe="inetman.exe" Description=""/>
	<BadExe Name="" Exe="infect1.exe" Description=""/>
	<BadExe Name="" Exe="infect2.exe" Description=""/>
	<BadExe Name="" Exe="info32.exe" Description=""/>
	<BadExe Name="" Exe="inikill.exe" Description=""/>
	<BadExe Name="" Exe="inikiller.exe" Description=""/>
	<BadExe Name="" Exe="insane network.exe" Description=""/>
	<BadExe Name="" Exe="insane network4.exe" Description=""/>
	<BadExe Name="" Exe="inst321.exe" Description=""/>
	<BadExe Name="" Exe="instalar.exe" Description=""/>
	<BadExe Name="" Exe="install2.exe" Description=""/>
	<BadExe Name="" Exe="instliex.exe" Description=""/>
	<BadExe Name="" Exe="intcp32.exe" Description=""/>
	<BadExe Name="" Exe="interactive.exe" Description=""/>
	<BadExe Name="" Exe="internetfeatures.exe" Description=""/>
	<BadExe Name="" Exe="intrenat.exe" Description=""/>
	<BadExe Name="" Exe="intruder.exe" Description=""/>
	<BadExe Name="" Exe="intruseclient.exe" Description=""/>
	<BadExe Name="" Exe="intruseserver.exe" Description=""/>
	<BadExe Name="" Exe="invasor.exe" Description=""/>
	<BadExe Name="" Exe="ipager.exe" Description=""/>
	<BadExe Name="W32.NewApt.Worm" Exe="irnglant.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="" Exe="irun4.exe" Description=""/>
	<BadExe Name="" Exe="irwftp.exe" Description=""/>
	<BadExe Name="" Exe="isass.exe" Description=""/>
	<BadExe Name="" Exe="isdel.exe" Description=""/>
	<BadExe Name="" Exe="iservc.exe" Description=""/>
	<BadExe Name="" Exe="istsvc.exe" Description=""/>
	<BadExe Name="" Exe="its.exe" Description=""/>
	<BadExe Name="" Exe="jacksim.exe" Description=""/>
	<BadExe Name="" Exe="jade.exe" Description=""/>
	<BadExe Name="" Exe="jammer2nd.exe" Description=""/>
	<BadExe Name="" Exe="jammerkillah.exe" Description=""/>
	<BadExe Name="Plage 2000" Exe="joke.exe" Description="Worm / File virus. Alters Win.ini. &quot;Between midnight and 2.00am on Wednesdays the worm attempts to display an animated graphic of Adolf Hitler shooting himself in the head.&quot;"/>
	<BadExe Name="" Exe="jushed32.exe" Description=""/>
	<BadExe Name="" Exe="k2logas.exe" Description=""/>
	<BadExe Name="" Exe="k2ps.exe" Description=""/>
	<BadExe Name="" Exe="k2ps_full.exe" Description=""/>
	<BadExe Name="" Exe="k2ps_setup.exe" Description=""/>
	<BadExe Name="" Exe="k2psl.exe" Description=""/>
	<BadExe Name="" Exe="k2tl_setup.exe" Description=""/>
	<BadExe Name="" Exe="k2vl.exe" Description=""/>
	<BadExe Name="" Exe="kak.hta" Description=""/>
	<BadExe Name="" Exe="kaspersky.exe" Description=""/>
	<BadExe Name="" Exe="kazza.exe" Description=""/>
	<BadExe Name="" Exe="kernal32.exe" Description=""/>
	<BadExe Name="" Exe="kerne1.exe" Description=""/>
	<BadExe Name="" Exe="kernel.32.exe" Description=""/>
	<BadExe Name="" Exe="kernel.exe" Description=""/>
	<BadExe Name="" Exe="kernel16.exe" Description=""/>
	<BadExe Name="" Exe="kernel32.exe" Description=""/>
	<BadExe Name="" Exe="keylogger.exe" Description=""/>
	<BadExe Name="" Exe="kgzgjkpcw.exe" Description=""/>
	<BadExe Name="" Exe="khesp.exe" Description=""/>
	<BadExe Name="" Exe="killbush.exe" Description=""/>
	<BadExe Name="" Exe="killonce.exe" Description=""/>
	<BadExe Name="" Exe="killserv.exe" Description=""/>
	<BadExe Name="" Exe="knjtuhh.exe" Description=""/>
	<BadExe Name="" Exe="konfig.exe" Description=""/>
	<BadExe Name="" Exe="krn132.exe" Description=""/>
	<BadExe Name="" Exe="kuang.exe" Description=""/>
	<BadExe Name="" Exe="l32x.exe" Description=""/>
	<BadExe Name="" Exe="lannsvc.exe" Description=""/>
	<BadExe Name="" Exe="latinus.exe" Description=""/>
	<BadExe Name="" Exe="lcoder.exe" Description=""/>
	<BadExe Name="" Exe="lcv_sys.exe" Description=""/>
	<BadExe Name="" Exe="libupdate.exe" Description=""/>
	<BadExe Name="" Exe="loa.exe" Description=""/>
	<BadExe Name="" Exe="load32.exe" Description=""/>
	<BadExe Name="" Exe="locater.exe" Description=""/>
	<BadExe Name="" Exe="logcfg.exe" Description=""/>
	<BadExe Name="" Exe="logged client.exe" Description=""/>
	<BadExe Name="" Exe="logged.exe" Description=""/>
	<BadExe Name="" Exe="logger.exe" Description=""/>
	<BadExe Name="" Exe="lorraine.exe" Description=""/>
	<BadExe Name="" Exe="lovers.exe" Description=""/>
	<BadExe Name="" Exe="lsas.exe" Description=""/>
	<BadExe Name="" Exe="lsasss.exe" Description=""/>
	<BadExe Name="Hermes" Exe="lunetic!.exe" Description="Worm / Mail trojan"/>
	<BadExe Name="" Exe="m2.exe" Description=""/>
	<BadExe Name="" Exe="m2_dll.exe" Description=""/>
	<BadExe Name="" Exe="m2_jpg.exe" Description=""/>
	<BadExe Name="" Exe="m2_rundll16.exe" Description=""/>
	<BadExe Name="" Exe="m2_selfaxtractor.exe" Description=""/>
	<BadExe Name="Plage 2000" Exe="mages.exe" Description="Worm / File virus. Alters Win.ini. &quot;Between midnight and 2.00am on Wednesdays the worm attempts to display an animated graphic of Adolf Hitler shooting himself in the head.&quot;"/>
	<BadExe Name="" Exe="magic.exe" Description=""/>
	<BadExe Name="" Exe="mailshtirlitz.exe" Description=""/>
	<BadExe Name="" Exe="mainserver.exe" Description=""/>
	<BadExe Name="" Exe="makeskinz.exe" Description=""/>
	<BadExe Name="" Exe="manual.exe" Description=""/>
	<BadExe Name="" Exe="marco!.scr" Description=""/>
	<BadExe Name="" Exe="master.exe" Description=""/>
	<BadExe Name="" Exe="masterserver.exe" Description=""/>
	<BadExe Name="" Exe="matcher.exe" Description=""/>
	<BadExe Name="" Exe="matersparadiswvb9,9.exe" Description=""/>
	<BadExe Name="" Exe="mbt.exe" Description=""/>
	<BadExe Name="A-trojan" Exe="mdihole.exe" Description="Remote Access. Alters Win.ini."/>
	<BadExe Name="" Exe="melt.exe" Description=""/>
	<BadExe Name="" Exe="memore.exe" Description=""/>
	<BadExe Name="" Exe="memory.exe" Description=""/>
	<BadExe Name="" Exe="mexplore.exe" Description=""/>
	<BadExe Name="" Exe="mgadeskdll.exe" Description=""/>
	<BadExe Name="" Exe="mgsrv32.exe" Description=""/>
	<BadExe Name="" Exe="mh.exe" Description=""/>
	<BadExe Name="" Exe="microsoft internet office.exe" Description=""/>
	<BadExe Name="Plage 2000" Exe="midsong.exe" Description="Worm / File virus. Alters Win.ini. &quot;Between midnight and 2.00am on Wednesdays the worm attempts to display an animated graphic of Adolf Hitler shooting himself in the head.&quot;"/>
	<BadExe Name="" Exe="millenium.exe" Description=""/>
	<BadExe Name="" Exe="mine.exe" Description=""/>
	<BadExe Name="" Exe="mirc32.exe" Description=""/>
	<BadExe Name="" Exe="mircplus.exe" Description=""/>
	<BadExe Name="" Exe="mome.exe" Description=""/>
	<BadExe Name="" Exe="monica.exe" Description=""/>
	<BadExe Name="" Exe="moonpie.exe" Description=""/>
	<BadExe Name="" Exe="mosucker.exe" Description=""/>
	<BadExe Name="" Exe="mosucker2.0.exe" Description=""/>
	<BadExe Name="" Exe="mp98b.exe" Description=""/>
	<BadExe Name="" Exe="mpisvc.exe" Description=""/>
	<BadExe Name="BLA trojan" Exe="mprdll.exe" Description="Remote Access / Steals passwords. The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software."/>
	<BadExe Name="" Exe="mprexe16.com" Description=""/>
	<BadExe Name="" Exe="ms16prn.exe" Description=""/>
	<BadExe Name="" Exe="ms216.exe" Description=""/>
	<BadExe Name="" Exe="msbin32.exe" Description=""/>
	<BadExe Name="" Exe="msblast.exe" Description=""/>
	<BadExe Name="" Exe="msccn32.exe" Description=""/>
	<BadExe Name="" Exe="mschost.exe" Description=""/>
	<BadExe Name="" Exe="mschv32.exe" Description=""/>
	<BadExe Name="" Exe="msclient.exe" Description=""/>
	<BadExe Name="" Exe="mscnt.exe" Description=""/>
	<BadExe Name="" Exe="msconfig32.exe" Description=""/>
	<BadExe Name="" Exe="mscstat.exe" Description=""/>
	<BadExe Name="" Exe="msctvr.exe" Description=""/>
	<BadExe Name="" Exe="mscvb32.exe" Description=""/>
	<BadExe Name="" Exe="msdos98.exe" Description=""/>
	<BadExe Name="" Exe="msdspr.exe" Description=""/>
	<BadExe Name="" Exe="msgbs1.vxd" Description=""/>
	<BadExe Name="" Exe="msgran.exe" Description=""/>
	<BadExe Name="" Exe="msgsrv16" Description=""/>
	<BadExe Name="" Exe="msgsrv16.exe" Description=""/>
	<BadExe Name="" Exe="msgsrv36.exe" Description=""/>
	<BadExe Name="" Exe="msgsvr16.exe" Description=""/>
	<BadExe Name="" Exe="msgsvr36.exe" Description=""/>
	<BadExe Name="AcidkoR" Exe="msgsvr64.exe" Description="Remote Access. A very basic RAT."/>
	<BadExe Name="" Exe="msi211.exe" Description=""/>
	<BadExe Name="" Exe="msi216.exe" Description=""/>
	<BadExe Name="" Exe="msie50h.exe" Description=""/>
	<BadExe Name="" Exe="msiesh.dll" Description=""/>
	<BadExe Name="" Exe="msiexec16.exe" Description=""/>
	<BadExe Name="" Exe="msinfo.exe" Description=""/>
	<BadExe Name="" Exe="msinit.exe" Description=""/>
	<BadExe Name="" Exe="msjet32.exe" Description=""/>
	<BadExe Name="" Exe="mskernel16.exe" Description=""/>
	<BadExe Name="" Exe="msmachine.exe" Description=""/>
	<BadExe Name="" Exe="msmdm.exe" Description=""/>
	<BadExe Name="" Exe="msnetcfg.exe" Description=""/>
	<BadExe Name="" Exe="msnmessengerupdate.exe" Description=""/>
	<BadExe Name="" Exe="msnservice.exe" Description=""/>
	<BadExe Name="" Exe="msreg.exe" Description=""/>
	<BadExe Name="" Exe="msrege.exe" Description=""/>
	<BadExe Name="" Exe="msregscn.exe" Description=""/>
	<BadExe Name="" Exe="msrexe.exe" Description=""/>
	<BadExe Name="" Exe="msscra.exe" Description=""/>
	<BadExe Name="" Exe="mssearch.dll" Description=""/>
	<BadExe Name="" Exe="msset32.exe" Description=""/>
	<BadExe Name="" Exe="msskbtfm.exe" Description=""/>
	<BadExe Name="" Exe="msslut32.exe" Description=""/>
	<BadExe Name="" Exe="mssmgrd.exe" Description=""/>
	<BadExe Name="" Exe="mssystem98.exe" Description=""/>
	<BadExe Name="" Exe="mstaskmon.exe" Description=""/>
	<BadExe Name="" Exe="mstconfig.exe" Description=""/>
	<BadExe Name="" Exe="mstesk.exe" Description=""/>
	<BadExe Name="" Exe="msvbvm60.exe" Description=""/>
	<BadExe Name="" Exe="msvchost.exe" Description=""/>
	<BadExe Name="A-trojan" Exe="msvsrv.exe" Description="Remote Access. Alters Win.ini."/>
	<BadExe Name="" Exe="msvxd.exe" Description=""/>
	<BadExe Name="" Exe="mswin32.drv" Description=""/>
	<BadExe Name="" Exe="mswin32.exe" Description=""/>
	<BadExe Name="" Exe="mswinsck.exe" Description=""/>
	<BadExe Name="" Exe="mswinupd.exe" Description=""/>
	<BadExe Name="" Exe="msxxxx.exe" Description=""/>
	<BadExe Name="" Exe="mtmtask.dl" Description=""/>
	<BadExe Name="" Exe="mtx_.exe" Description=""/>
	<BadExe Name="" Exe="music.exe" Description=""/>
	<BadExe Name="" Exe="mutihaka.exe" Description=""/>
	<BadExe Name="" Exe="mypic5.exe" Description=""/>
	<BadExe Name="" Exe="myromeo.exe" Description=""/>
	<BadExe Name="" Exe="nabv32.exe" Description=""/>
	<BadExe Name="" Exe="naebi.exe" Description=""/>
	<BadExe Name="" Exe="naked.jpg.exe" Description=""/>
	<BadExe Name="" Exe="name.exe" Description=""/>
	<BadExe Name="" Exe="nameofthe.exe" Description=""/>
	<BadExe Name="" Exe="nameoftheserver.exe" Description=""/>
	<BadExe Name="" Exe="navidad.exe" Description=""/>
	<BadExe Name="Hermes" Exe="navidat.exe" Description="Worm / Mail trojan"/>
	<BadExe Name="" Exe="nb20pro.exe" Description=""/>
	<BadExe Name="" Exe="nbconfig.exe" Description=""/>
	<BadExe Name="" Exe="nbpro201.exe" Description=""/>
	<BadExe Name="" Exe="nbsvr.exe" Description=""/>
	<BadExe Name="" Exe="ncharge.exe" Description=""/>
	<BadExe Name="" Exe="ncw.exe" Description=""/>
	<BadExe Name="" Exe="ndc.exe" Description=""/>
	<BadExe Name="" Exe="nds.exe" Description=""/>
	<BadExe Name="" Exe="neob.exe" Description=""/>
	<BadExe Name="" Exe="netb170.exe" Description=""/>
	<BadExe Name="" Exe="netbuie.exe" Description=""/>
	<BadExe Name="" Exe="netbus.exe" Description=""/>
	<BadExe Name="" Exe="netcheck.exe" Description=""/>
	<BadExe Name="" Exe="netcint.exe" Description=""/>
	<BadExe Name="" Exe="netctrlr.exe" Description=""/>
	<BadExe Name="" Exe="netda.exe" Description=""/>
	<BadExe Name="" Exe="netdemon.exe" Description=""/>
	<BadExe Name="" Exe="netip.exe" Description=""/>
	<BadExe Name="" Exe="netminc.exe" Description=""/>
	<BadExe Name="" Exe="netmins.exe" Description=""/>
	<BadExe Name="" Exe="netmonitor.exe" Description=""/>
	<BadExe Name="" Exe="nets131337.exe" Description=""/>
	<BadExe Name="" Exe="netsphere_v130.exe" Description=""/>
	<BadExe Name="" Exe="netsphere129.exe" Description=""/>
	<BadExe Name="" Exe="netsphere132.exe" Description=""/>
	<BadExe Name="" Exe="netsphereclient.exe" Description=""/>
	<BadExe Name="" Exe="netsphereserver.exe" Description=""/>
	<BadExe Name="" Exe="netspy.exe" Description=""/>
	<BadExe Name="" Exe="netsrvr.exe" Description=""/>
	<BadExe Name="" Exe="nettrash.exe" Description=""/>
	<BadExe Name="" Exe="netupdate.exe" Description=""/>
	<BadExe Name="" Exe="netxvld.exe" Description=""/>
	<BadExe Name="" Exe="newclient.exe" Description=""/>
	<BadExe Name="Moscow Email trojan" Exe="newicon1.exe" Description="Mail trojan / Autodialer / ICQ trojan / Steals passwords. It deletes the two system files Regedit.exe and Msconfig.exe."/>
	<BadExe Name="Moscow Email trojan" Exe="newicon2.exe" Description="Mail trojan / Autodialer / ICQ trojan / Steals passwords. It deletes the two system files Regedit.exe and Msconfig.exe."/>
	<BadExe Name="" Exe="nirvanatrojanerclient.exe" Description=""/>
	<BadExe Name="" Exe="nirvanatrojanerserver.exe" Description=""/>
	<BadExe Name="Smorph" Exe="nmiopl.exe" Description="Remote Access / Downloading trojan. 
 
The only &quot;features&quot; of this trojan are: - Read, Write, Run and Delete files on the PC - Get system information - Open and close the CD tray."/>
	<BadExe Name="" Exe="noknok4.exe" Description=""/>
	<BadExe Name="" Exe="noknok5.exe" Description=""/>
	<BadExe Name="" Exe="noknok6.exe" Description=""/>
	<BadExe Name="BLA trojan" Exe="normal trojan.exe" Description="Remote Access / Steals passwords. The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software."/>
	<BadExe Name="" Exe="normalserver.exe" Description=""/>
	<BadExe Name="" Exe="norton.exe" Description=""/>
	<BadExe Name="" Exe="notepadx.exe" Description=""/>
	<BadExe Name="" Exe="notpa.exe" Description=""/>
	<BadExe Name="" Exe="novell_login.exe" Description=""/>
	<BadExe Name="" Exe="nozudyvn.exe" Description=""/>
	<BadExe Name="" Exe="nssx.exe" Description=""/>
	<BadExe Name="" Exe="nstrue.exe" Description=""/>
	<BadExe Name="" Exe="ntdll.exe" Description=""/>
	<BadExe Name="" Exe="odbc.exe" Description=""/>
	<BadExe Name="" Exe="olemon32.exe" Description=""/>
	<BadExe Name="" Exe="oleproc.exe" Description=""/>
	<BadExe Name="" Exe="onz.exe" Description=""/>
	<BadExe Name="" Exe="opwinclient.exe" Description=""/>
	<BadExe Name="" Exe="orcmw.exe" Description=""/>
	<BadExe Name="" Exe="otcxxh.exe" Description=""/>
	<BadExe Name="" Exe="otms.exe" Description=""/>
	<BadExe Name="" Exe="oxiioifr.exe" Description=""/>
	<BadExe Name="" Exe="p2p networking.exe" Description=""/>
	<BadExe Name="W32.Dabber.A/B" Exe="package.exe" Description="W32.Dabber.A is a worm. This worm propagates by exploiting vulnerability in the FTP server component of W32.Sasser.Worm and its variants. This worm based on available exploit code. W32.Dabber.A installs a backdoor on infected hosts listening on port 9898. If the attempt fails, W32.Dabber.A tries to listen on ports 9899 through 9999 in sequence until it finds an open port."/>
	<BadExe Name="W32.NewApt.Worm" Exe="panther.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="" Exe="panthr.exe" Description=""/>
	<BadExe Name="" Exe="paradise.exe" Description=""/>
	<BadExe Name="W32.NewApt.Worm" Exe="party.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="" Exe="passport.exe" Description=""/>
	<BadExe Name="" Exe="patch.exe" Description=""/>
	<BadExe Name="" Exe="patch170.exe" Description=""/>
	<BadExe Name="" Exe="patcher.exe" Description=""/>
	<BadExe Name="" Exe="pazymi.exe" Description=""/>
	<BadExe Name="" Exe="pcidev32.exe" Description=""/>
	<BadExe Name="" Exe="pcinvader.exe" Description=""/>
	<BadExe Name="" Exe="pcinvkiller.exe" Description=""/>
	<BadExe Name="" Exe="pcinvserv.exe" Description=""/>
	<BadExe Name="" Exe="pciserver.exe" Description=""/>
	<BadExe Name="" Exe="pcx.exe" Description=""/>
	<BadExe Name="" Exe="peditinc.exe" Description=""/>
	<BadExe Name="" Exe="pegraft.exe" Description=""/>
	<BadExe Name="" Exe="penis32.exe" Description=""/>
	<BadExe Name="" Exe="phase.exe" Description=""/>
	<BadExe Name="" Exe="phineas.com" Description=""/>
	<BadExe Name="Moscow Email trojan" Exe="photo1.exe" Description="Mail trojan / Autodialer / ICQ trojan / Steals passwords. It deletes the two system files Regedit.exe and Msconfig.exe."/>
	<BadExe Name="Moscow Email trojan" Exe="photo2.exe" Description="Mail trojan / Autodialer / ICQ trojan / Steals passwords. It deletes the two system files Regedit.exe and Msconfig.exe."/>
	<BadExe Name="" Exe="phucker.exe" Description=""/>
	<BadExe Name="" Exe="pics.exe" Description=""/>
	<BadExe Name="" Exe="pics4you.exe" Description=""/>
	<BadExe Name="" Exe="piegates.exe" Description=""/>
	<BadExe Name="" Exe="pingbomb.exe" Description=""/>
	<BadExe Name="W32.NewApt.Worm" Exe="pirate.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="" Exe="pkg6112.exe" Description=""/>
	<BadExe Name="" Exe="pkg6135.exe" Description=""/>
	<BadExe Name="" Exe="pkgxxxx.exe" Description=""/>
	<BadExe Name="" Exe="pkzip25.exe" Description=""/>
	<BadExe Name="" Exe="plyoqmmc.exe" Description=""/>
	<BadExe Name="" Exe="pmss.exe" Description=""/>
	<BadExe Name="" Exe="popsrv184.exe" Description=""/>
	<BadExe Name="" Exe="port 5000.exe" Description=""/>
	<BadExe Name="" Exe="port.exe" Description=""/>
	<BadExe Name="" Exe="portscan.exe" Description=""/>
	<BadExe Name="" Exe="prayer.exe" Description=""/>
	<BadExe Name="" Exe="prayer13.exe" Description=""/>
	<BadExe Name="" Exe="prettyorg.exe" Description=""/>
	<BadExe Name="" Exe="prettypark.exe" Description=""/>
	<BadExe Name="" Exe="pricol.exe" Description=""/>
	<BadExe Name="" Exe="priority.exe" Description=""/>
	<BadExe Name="" Exe="pro_cli.exe" Description=""/>
	<BadExe Name="" Exe="procdll.exe" Description=""/>
	<BadExe Name="" Exe="procmon.exe" Description=""/>
	<BadExe Name="" Exe="progenict.exe" Description=""/>
	<BadExe Name="" Exe="progmon.exe" Description=""/>
	<BadExe Name="" Exe="progr.exe" Description=""/>
	<BadExe Name="" Exe="prosiak.exe" Description=""/>
	<BadExe Name="" Exe="prosiak_trojan.exe" Description=""/>
	<BadExe Name="Plage 2000" Exe="pspgame.exe" Description="Worm / File virus. Alters Win.ini. &quot;Between midnight and 2.00am on Wednesdays the worm attempts to display an animated graphic of Adolf Hitler shooting himself in the head.&quot;"/>
	<BadExe Name="" Exe="pwclient.exe" Description=""/>
	<BadExe Name="" Exe="pwmodify.exe" Description=""/>
	<BadExe Name="" Exe="pwserver.exe" Description=""/>
	<BadExe Name="" Exe="qhxcem.exe" Description=""/>
	<BadExe Name="MTX" Exe="qi_test.exe" Description="Remote Access / Worm / Virus / Trojan dropper / Mail trojan / Downloading trojan."/>
	<BadExe Name="Rasmin" Exe="rasmin.exe" Description="Destructive trojan. Rasmin uses up all the memory and the infected computer crashes regularly."/>
	<BadExe Name="" Exe="rat10.exe" Description=""/>
	<BadExe Name="" Exe="rat11.exe" Description=""/>
	<BadExe Name="" Exe="rat20.exe" Description=""/>
	<BadExe Name="" Exe="rat21.exe" Description=""/>
	<BadExe Name="" Exe="rb32.exe" Description=""/>
	<BadExe Name="" Exe="rch.exe" Description=""/>
	<BadExe Name="" Exe="rchubo.exe" Description=""/>
	<BadExe Name="" Exe="readme.exe" Description=""/>
	<BadExe Name="" Exe="recycle-bin.exe" Description=""/>
	<BadExe Name="A-trojan" Exe="redire32.exe" Description="Remote Access. Alters Win.ini."/>
	<BadExe Name="" Exe="reg33.exe" Description=""/>
	<BadExe Name="" Exe="reg66.exe" Description=""/>
	<BadExe Name="" Exe="reg666.exe" Description=""/>
	<BadExe Name="" Exe="regcheck.exe" Description=""/>
	<BadExe Name="" Exe="regcle32.exe" Description=""/>
	<BadExe Name="" Exe="regclean.exe" Description=""/>
	<BadExe Name="" Exe="registry32.exe" Description=""/>
	<BadExe Name="" Exe="registryreminder.exe" Description=""/>
	<BadExe Name="" Exe="regloadr.exe" Description=""/>
	<BadExe Name="" Exe="regserver.exe" Description=""/>
	<BadExe Name="" Exe="regsvs.exe" Description=""/>
	<BadExe Name="" Exe="release.exe" Description=""/>
	<BadExe Name="" Exe="remote.exe" Description=""/>
	<BadExe Name="" Exe="remotecontrol.exe" Description=""/>
	<BadExe Name="" Exe="reporter.exe" Description=""/>
	<BadExe Name="" Exe="rfkampig.exe" Description=""/>
	<BadExe Name="" Exe="rlid.exe" Description=""/>
	<BadExe Name="BoBo" Exe="rmaapp.exe" Description="Remote Access"/>
	<BadExe Name="" Exe="rpcsrv.exe" Description=""/>
	<BadExe Name="" Exe="rqkukiwc.exe" Description=""/>
	<BadExe Name="" Exe="rsrcload.exe" Description=""/>
	<BadExe Name="" Exe="rsrcnrs.exe" Description=""/>
	<BadExe Name="" Exe="ruler1-3.exe" Description=""/>
	<BadExe Name="" Exe="rundli32.exe" Description=""/>
	<BadExe Name="A-trojan" Exe="rundll16.exe" Description="Remote Access. Alters Win.ini."/>
	<BadExe Name="" Exe="rundll64.exe" Description=""/>
	<BadExe Name="" Exe="rundll95.exe" Description=""/>
	<BadExe Name="" Exe="rundllw.exe" Description=""/>
	<BadExe Name="" Exe="runme.exe" Description=""/>
	<BadExe Name="" Exe="runvxd32.exe" Description=""/>
	<BadExe Name="" Exe="s.exe" Description=""/>
	<BadExe Name="Plage 2000" Exe="s3msong.exe" Description="Worm / File virus. Alters Win.ini. &quot;Between midnight and 2.00am on Wednesdays the worm attempts to display an animated graphic of Adolf Hitler shooting himself in the head.&quot;"/>
	<BadExe Name="W32.NewApt.Worm" Exe="saddam.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="" Exe="sahagent.exe" Description=""/>
	<BadExe Name="BLA trojan" Exe="salope trojan.exe" Description="Remote Access / Steals passwords. The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software."/>
	<BadExe Name="" Exe="sample1.exe" Description=""/>
	<BadExe Name="" Exe="sample2.exe" Description=""/>
	<BadExe Name="" Exe="save.exe" Description=""/>
	<BadExe Name="" Exe="scam32.exe" Description=""/>
	<BadExe Name="" Exe="scandiskc.exe" Description=""/>
	<BadExe Name="" Exe="scandiskvr.exe" Description=""/>
	<BadExe Name="" Exe="scandiskwr.exe" Description=""/>
	<BadExe Name="BLA trojan" Exe="scanirc.exe" Description="Remote Access / Steals passwords. The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software."/>
	<BadExe Name="" Exe="scanregw..exe" Description=""/>
	<BadExe Name="" Exe="scanrev.exe" Description=""/>
	<BadExe Name="" Exe="scchost.exe" Description=""/>
	<BadExe Name="" Exe="scfg.exe" Description=""/>
	<BadExe Name="" Exe="scfg216.exe" Description=""/>
	<BadExe Name="" Exe="schedagnt.exe" Description=""/>
	<BadExe Name="" Exe="schost.exe" Description=""/>
	<BadExe Name="" Exe="scmx32.exe" Description=""/>
	<BadExe Name="" Exe="scrsvr.exe" Description=""/>
	<BadExe Name="" Exe="scvhost.exe" Description=""/>
	<BadExe Name="" Exe="sear1.exe" Description=""/>
	<BadExe Name="Plage 2000" Exe="searchurl.exe" Description="Worm / File virus. Alters Win.ini. &quot;Between midnight and 2.00am on Wednesdays the worm attempts to display an animated graphic of Adolf Hitler shooting himself in the head.&quot;"/>
	<BadExe Name="Total Solar Eclypse" Exe="seclypseserver1.exe" Description="FTP server"/>
	<BadExe Name="Total Solar Eclypse" Exe="seclypseserver2.exe" Description="FTP server"/>
	<BadExe Name="" Exe="secretservice_14.exe" Description=""/>
	<BadExe Name="" Exe="secretservice_client.exe" Description=""/>
	<BadExe Name="" Exe="secretservice_installer.exe" Description=""/>
	<BadExe Name="" Exe="secure2.bat" Description=""/>
	<BadExe Name="" Exe="securpatch.exe" Description=""/>
	<BadExe Name="" Exe="seicho-no-ie.exe" Description=""/>
	<BadExe Name="BLA trojan" Exe="self extract.exe" Description="Remote Access / Steals passwords. The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software."/>
	<BadExe Name="" Exe="serv.exe" Description=""/>
	<BadExe Name="" Exe="server(beta).exe" Description=""/>
	<BadExe Name="" Exe="server_setup.exe" Description=""/>
	<BadExe Name="" Exe="server06041.exe" Description=""/>
	<BadExe Name="" Exe="server1.2.exe" Description=""/>
	<BadExe Name="" Exe="server1.3.exe" Description=""/>
	<BadExe Name="" Exe="server1.4.exe" Description=""/>
	<BadExe Name="" Exe="server1.5.exe" Description=""/>
	<BadExe Name="" Exe="server1.53.exe" Description=""/>
	<BadExe Name="" Exe="server14.exe" Description=""/>
	<BadExe Name="" Exe="serverc.exe" Description=""/>
	<BadExe Name="" Exe="servers.exe" Description=""/>
	<BadExe Name="" Exe="service5.exe" Description=""/>
	<BadExe Name="" Exe="servicess.exe" Description=""/>
	<BadExe Name="" Exe="servidor.exe" Description=""/>
	<BadExe Name="A-trojan" Exe="servidor2.exe" Description="Remote Access. Alters Win.ini."/>
	<BadExe Name="" Exe="sesam102.exe" Description=""/>
	<BadExe Name="" Exe="sesamectrl.exe" Description=""/>
	<BadExe Name="" Exe="sesamesys.exe" Description=""/>
	<BadExe Name="Hermes" Exe="seti@home_twk.exe" Description="Worm / Mail trojan"/>
	<BadExe Name="Hermes" Exe="seti_patch.exe" Description="Worm / Mail trojan"/>
	<BadExe Name="" Exe="setup_.exe" Description=""/>
	<BadExe Name="" Exe="setuptrojan.exe" Description=""/>
	<BadExe Name="" Exe="sex.exe" Description=""/>
	<BadExe Name="" Exe="sexec.exe" Description=""/>
	<BadExe Name="" Exe="sexxxymovie.mpeg.exe" Description=""/>
	<BadExe Name="" Exe="sg.scr" Description=""/>
	<BadExe Name="" Exe="shadow.exe" Description=""/>
	<BadExe Name="" Exe="shadowrem.exe" Description=""/>
	<BadExe Name="" Exe="shareall.exe" Description=""/>
	<BadExe Name="Sheep" Exe="sheep.exe" Description="Remote Access / Trojan dropper. Installs Evil BO. Trojanized version of the small joke program &quot;Sheep.exe&quot; with cute little sheeps running over the desktop. 
"/>
	<BadExe Name="" Exe="shel.exe" Description=""/>
	<BadExe Name="" Exe="shell.exe" Description=""/>
	<BadExe Name="" Exe="shell32.exe" Description=""/>
	<BadExe Name="" Exe="shell32.vbs" Description=""/>
	<BadExe Name="" Exe="shit heep.exe" Description=""/>
	<BadExe Name="" Exe="shlhmp.exe" Description=""/>
	<BadExe Name="" Exe="shockrave.exe" Description=""/>
	<BadExe Name="Trojan.WebMoney.Wmpatch" Exe="sickboy.exe" Description="Steals informations from WebMoney users."/>
	<BadExe Name="" Exe="silencer.exe" Description=""/>
	<BadExe Name="" Exe="silver.exe" Description=""/>
	<BadExe Name="" Exe="sistem.exe" Description=""/>
	<BadExe Name="" Exe="ska.exe" Description=""/>
	<BadExe Name="" Exe="skd.exe" Description=""/>
	<BadExe Name="" Exe="skynetave.exe" Description=""/>
	<BadExe Name="" Exe="slave.exe" Description=""/>
	<BadExe Name="" Exe="slmss.exe" Description=""/>
	<BadExe Name="" Exe="sm tgui.exe" Description=""/>
	<BadExe Name="" Exe="smallserver.exe" Description=""/>
	<BadExe Name="" Exe="smile.exe" Description=""/>
	<BadExe Name="" Exe="smileys.exe" Description=""/>
	<BadExe Name="" Exe="sndloader.exe" Description=""/>
	<BadExe Name="" Exe="sndvol.exe" Description=""/>
	<BadExe Name="" Exe="snipernet 21.exe" Description=""/>
	<BadExe Name="" Exe="snipernet.exe" Description=""/>
	<BadExe Name="" Exe="sochost.exe" Description=""/>
	<BadExe Name="" Exe="sockets.exe" Description=""/>
	<BadExe Name="" Exe="sockets23.exe" Description=""/>
	<BadExe Name="" Exe="softwar.exe" Description=""/>
	<BadExe Name="" Exe="softwarst.exe" Description=""/>
	<BadExe Name="" Exe="soundv.exe" Description=""/>
	<BadExe Name="" Exe="south park.exe" Description=""/>
	<BadExe Name="" Exe="sp.dll" Description=""/>
	<BadExe Name="" Exe="sp_client.exe" Description=""/>
	<BadExe Name="" Exe="spirit1.2.exe" Description=""/>
	<BadExe Name="" Exe="spoler.exe" Description=""/>
	<BadExe Name="" Exe="spoof.exe" Description=""/>
	<BadExe Name="" Exe="spool64.exe" Description=""/>
	<BadExe Name="" Exe="spoolos.exe" Description=""/>
	<BadExe Name="" Exe="spoolsc.exe" Description=""/>
	<BadExe Name="" Exe="spoolserv.exe" Description=""/>
	<BadExe Name="" Exe="spoolsrv.exe" Description=""/>
	<BadExe Name="" Exe="spy.exe" Description=""/>
	<BadExe Name="" Exe="spyserv1.exe" Description=""/>
	<BadExe Name="" Exe="spyserver.exe" Description=""/>
	<BadExe Name="" Exe="srng.exe" Description=""/>
	<BadExe Name="" Exe="srv.exe" Description=""/>
	<BadExe Name="" Exe="srv167.exe" Description=""/>
	<BadExe Name="" Exe="srver.exe" Description=""/>
	<BadExe Name="" Exe="srvreg.exe" Description=""/>
	<BadExe Name="" Exe="ssetup.exe" Description=""/>
	<BadExe Name="" Exe="ssfs.exe" Description=""/>
	<BadExe Name="" Exe="ssfsfull.exe" Description=""/>
	<BadExe Name="" Exe="ssftpsvr.exe" Description=""/>
	<BadExe Name="" Exe="ssiwg.exe" Description=""/>
	<BadExe Name="" Exe="sstrojg.exe" Description=""/>
	<BadExe Name="" Exe="st5unst.exe" Description=""/>
	<BadExe Name="" Exe="stat.exe" Description=""/>
	<BadExe Name="" Exe="status.exe" Description=""/>
	<BadExe Name="" Exe="stcloader.exe" Description=""/>
	<BadExe Name="" Exe="stealthxp.exe" Description=""/>
	<BadExe Name="" Exe="studio54.exe" Description=""/>
	<BadExe Name="Stukach" Exe="stukst.exe" Description="Keylogger / Remote Access"/>
	<BadExe Name="SubSeven" Exe="subseven.exe" Description="Remote Access / ICQ trojan / IRC trojan 
 
Alters System.ini and Win.ini. With more than 100 &quot;features&quot; is one of the more powerful of all Remote Access Trojans(RATs). 
"/>
	<BadExe Name="" Exe="subzero.exe" Description=""/>
	<BadExe Name="" Exe="sucatreg.exe" Description=""/>
	<BadExe Name="" Exe="svchos1.exe" Description=""/>
	<BadExe Name="" Exe="svdhost32.exe" Description=""/>
	<BadExe Name="" Exe="svhost.exe" Description=""/>
	<BadExe Name="" Exe="svhst.exe" Description=""/>
	<BadExe Name="" Exe="swcaller2.exe" Description=""/>
	<BadExe Name="" Exe="swchost.exe" Description=""/>
	<BadExe Name="" Exe="swizard.exe" Description=""/>
	<BadExe Name="" Exe="symav.exe" Description=""/>
	<BadExe Name="" Exe="syphillis.exe" Description=""/>
	<BadExe Name="" Exe="sys.exe" Description=""/>
	<BadExe Name="" Exe="sys_alert.exe" Description=""/>
	<BadExe Name="" Exe="sys01.exe" Description=""/>
	<BadExe Name="" Exe="syscfg32.exe" Description=""/>
	<BadExe Name="" Exe="syscheck.exe" Description=""/>
	<BadExe Name="" Exe="syschk.exe" Description=""/>
	<BadExe Name="" Exe="syscpy.exe" Description=""/>
	<BadExe Name="" Exe="sysdll.exe" Description=""/>
	<BadExe Name="" Exe="sysdrv.exe" Description=""/>
	<BadExe Name="" Exe="sysexplor.exe" Description=""/>
	<BadExe Name="" Exe="sysexplr.exe" Description=""/>
	<BadExe Name="" Exe="syshelp.exe" Description=""/>
	<BadExe Name="" Exe="sysid.exe" Description=""/>
	<BadExe Name="" Exe="sysinfo.exe" Description=""/>
	<BadExe Name="" Exe="sysman32.exe" Description=""/>
	<BadExe Name="" Exe="sysmcm.exe" Description=""/>
	<BadExe Name="" Exe="sysmon.exe" Description=""/>
	<BadExe Name="" Exe="sysmonxp.exe" Description=""/>
	<BadExe Name="" Exe="sysmsg332.exe" Description=""/>
	<BadExe Name="" Exe="sysprot.exe" Description=""/>
	<BadExe Name="" Exe="sysreg.exe" Description=""/>
	<BadExe Name="" Exe="sysrnj.exe" Description=""/>
	<BadExe Name="" Exe="sysset.exe" Description=""/>
	<BadExe Name="" Exe="syst.exe" Description=""/>
	<BadExe Name="" Exe="systask32l.exe" Description=""/>
	<BadExe Name="Worm.ExploreZip.C" Exe="system!.exe" Description="Worm.ExploreZip.C is a variant of Worm.ExploreZip."/>
	<BadExe Name="" Exe="system.exe" Description=""/>
	<BadExe Name="" Exe="system.sys" Description=""/>
	<BadExe Name="" Exe="system32.exe" Description=""/>
	<BadExe Name="" Exe="system32driver32.exe" Description=""/>
	<BadExe Name="" Exe="system32ex.exe" Description=""/>
	<BadExe Name="" Exe="systemconf98i.exe" Description=""/>
	<BadExe Name="" Exe="systemio.exe" Description=""/>
	<BadExe Name="" Exe="systempatch.exe" Description=""/>
	<BadExe Name="" Exe="systemtr.exe" Description=""/>
	<BadExe Name="" Exe="systrey.exe" Description=""/>
	<BadExe Name="" Exe="systrj.exe" Description=""/>
	<BadExe Name="" Exe="syswindow.exe" Description=""/>
	<BadExe Name="" Exe="sysz.exe" Description=""/>
	<BadExe Name="" Exe="szchost.exe" Description=""/>
	<BadExe Name="Plage 2000" Exe="tamagotxi.exe" Description="Worm / File virus. Alters Win.ini. &quot;Between midnight and 2.00am on Wednesdays the worm attempts to display an animated graphic of Adolf Hitler shooting himself in the head.&quot;"/>
	<BadExe Name="" Exe="tapi32.exe" Description=""/>
	<BadExe Name="" Exe="tapiras.exe" Description=""/>
	<BadExe Name="WebEx" Exe="task_bar.exe" Description="Remote Access / FTP Server"/>
	<BadExe Name="WebEx" Exe="task_bar[1.2].exe" Description="Remote Access / FTP Server"/>
	<BadExe Name="WebEx" Exe="task_bar[1.3].exe" Description="Remote Access / FTP Server"/>
	<BadExe Name="" Exe="tasknet.exe" Description=""/>
	<BadExe Name="" Exe="tclient.exe" Description=""/>
	<BadExe Name="Moscow Email trojan" Exe="tconf.exe" Description="Mail trojan / Autodialer / ICQ trojan / Steals passwords. It deletes the two system files Regedit.exe and Msconfig.exe."/>
	<BadExe Name="Moscow Email trojan" Exe="tconfig.exe" Description="Mail trojan / Autodialer / ICQ trojan / Steals passwords. It deletes the two system files Regedit.exe and Msconfig.exe."/>
	<BadExe Name="" Exe="tcp.exe" Description=""/>
	<BadExe Name="BLA trojan" Exe="tcpload.exe" Description="Remote Access / Steals passwords. The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software."/>
	<BadExe Name="BLA trojan" Exe="tcpproxy.exe" Description="Remote Access / Steals passwords. The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software."/>
	<BadExe Name="" Exe="tcv.exe" Description=""/>
	<BadExe Name="" Exe="teekids.exe" Description=""/>
	<BadExe Name="" Exe="teleclient.exe" Description=""/>
	<BadExe Name="" Exe="teleserv.exe" Description=""/>
	<BadExe Name="" Exe="telnet23.exe" Description=""/>
	<BadExe Name="" Exe="temp#01.exe" Description=""/>
	<BadExe Name="" Exe="temp$01.exe" Description=""/>
	<BadExe Name="" Exe="temp$1.exe" Description=""/>
	<BadExe Name="" Exe="temp.exe" Description=""/>
	<BadExe Name="" Exe="tempinetboost.exe" Description=""/>
	<BadExe Name="" Exe="tesk.exe" Description=""/>
	<BadExe Name="" Exe="th3tr41t0r.exe" Description=""/>
	<BadExe Name="W32.NewApt.Worm" Exe="theobbq.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="" Exe="thespy.exe" Description=""/>
	<BadExe Name="" Exe="thing.exe" Description=""/>
	<BadExe Name="" Exe="tiles.exe" Description=""/>
	<BadExe Name="" Exe="tinurak.exe" Description=""/>
	<BadExe Name="" Exe="tloader1.exe" Description=""/>
	<BadExe Name="" Exe="tloader2.exe" Description=""/>
	<BadExe Name="" Exe="tloader3.exe" Description=""/>
	<BadExe Name="" Exe="tmp.ini" Description=""/>
	<BadExe Name="" Exe="tnsrv.exe" Description=""/>
	<BadExe Name="" Exe="tour98.exe" Description=""/>
	<BadExe Name="" Exe="trance.exe" Description=""/>
	<BadExe Name="" Exe="transscout.exe" Description=""/>
	<BadExe Name="" Exe="trjp.exe" Description=""/>
	<BadExe Name="BLA trojan" Exe="trojan.exe" Description="Remote Access / Steals passwords. The client also drops a server! The hacker could choose to log passwords only or all text written. One of the functions is to kill antivirus software."/>
	<BadExe Name="" Exe="trojanhrs.exe" Description=""/>
	<BadExe Name="" Exe="trojspirit2001.exe" Description=""/>
	<BadExe Name="" Exe="tryit.exe" Description=""/>
	<BadExe Name="Stukach" Exe="ts5602.exe" Description="Keylogger / Remote Access"/>
	<BadExe Name="" Exe="tskmngr.exe" Description=""/>
	<BadExe Name="" Exe="tutgvcn.exe" Description=""/>
	<BadExe Name="" Exe="uagent.exe" Description=""/>
	<BadExe Name="" Exe="udt31.exe" Description=""/>
	<BadExe Name="" Exe="udt3b.exe" Description=""/>
	<BadExe Name="" Exe="udt4fuk.exe" Description=""/>
	<BadExe Name="" Exe="udtse.exe" Description=""/>
	<BadExe Name="" Exe="uhanfo.exe" Description=""/>
	<BadExe Name="" Exe="uhbg.exe" Description=""/>
	<BadExe Name="" Exe="umg32.exe" Description=""/>
	<BadExe Name="" Exe="umgr32.exe" Description=""/>
	<BadExe Name="" Exe="umgr32~1.exe" Description=""/>
	<BadExe Name="" Exe="umuerte.exe" Description=""/>
	<BadExe Name="" Exe="unicorn.exe" Description=""/>
	<BadExe Name="" Exe="unin0686.exe" Description=""/>
	<BadExe Name="" Exe="uninst32.exe" Description=""/>
	<BadExe Name="" Exe="uninstallms.exe" Description=""/>
	<BadExe Name="Rasmin" Exe="upgrade.exe" Description="Destructive trojan. Rasmin uses up all the memory and the infected computer crashes regularly.  "/>
	<BadExe Name="" Exe="user32.exe" Description=""/>
	<BadExe Name="" Exe="usrinit.exe" Description=""/>
	<BadExe Name="" Exe="uuetobin.exe" Description=""/>
	<BadExe Name="" Exe="valentinecard.exe" Description=""/>
	<BadExe Name="" Exe="vampire.exe" Description=""/>
	<BadExe Name="" Exe="vbrun60.exe" Description=""/>
	<BadExe Name="" Exe="vgb.exe" Description=""/>
	<BadExe Name="" Exe="viagra.exe" Description=""/>
	<BadExe Name="" Exe="vicevi_teza_odvala.txt.exe" Description=""/>
	<BadExe Name="W32.NewApt.Worm" Exe="video.exe" Description="W32.NewApt.Worm is a multithreaded worm that propagates by email. The subject of the email is &quot;Just for your eyes.&quot; The worm has its own SMTP (email) engine to email itself. The worm searches various files on the hard disk to find email address to which it sends itself."/>
	<BadExe Name="" Exe="videodrv.exe" Description=""/>
	<BadExe Name="" Exe="virusserver.exe" Description=""/>
	<BadExe Name="" Exe="visualkillerclient.exe" Description=""/>
	<BadExe Name="" Exe="visualkillerserver.exe" Description=""/>
	<BadExe Name="" Exe="voicespy.exe" Description=""/>
	<BadExe Name="" Exe="vpkiller.exe" Description=""/>
	<BadExe Name="Backdoor.Haxdoor.B" Exe="w32_ss.exe" Description="Backdoor.Haxdoor.B is a backdoor Trojan horse that opens a TCP port, allowing unauthorized access to an infected computer."/>
	<BadExe Name="" Exe="wave.exe" Description=""/>
	<BadExe Name="" Exe="wbecheck.exe" Description=""/>
	<BadExe Name="" Exe="wcheckup.exe" Description=""/>
	<BadExe Name="" Exe="wcupdater.exe" Description=""/>
	<BadExe Name="" Exe="wdrun32.exe" Description=""/>
	<BadExe Name="WebEx" Exe="web ex 1.4.exe" Description="Remote Access / FTP Server"/>
	<BadExe Name="WebEx" Exe="web ex[1.2].exe" Description="Remote Access / FTP Server"/>
	<BadExe Name="WebEx" Exe="web ex[1.3].exe" Description="Remote Access / FTP Server"/>
	<BadExe Name="" Exe="webdl.exe" Description=""/>
	<BadExe Name="" Exe="wgt.exe" Description=""/>
	<BadExe Name="" Exe="wgtstarter.exe" Description=""/>
	<BadExe Name="" Exe="whack.exe" Description=""/>
	<BadExe Name="" Exe="whackamole.exe" Description=""/>
	<BadExe Name="" Exe="whakamole170.exe" Description=""/>
	<BadExe Name="" Exe="whakmole.exe" Description=""/>
	<BadExe Name="" Exe="wilokyl.exe" Description=""/>
	<BadExe Name="" Exe="win.exe" Description=""/>
	<BadExe Name="" Exe="win32.exe" Description=""/>
	<BadExe Name="" Exe="win32app.exe" Description=""/>
	<BadExe Name="" Exe="win32cfg.exe" Description=""/>
	<BadExe Name="" Exe="win98nuke.exe" Description=""/>
	<BadExe Name="" Exe="wina2b3.pif" Description=""/>
	<BadExe Name="" Exe="winboot.exe" Description=""/>
	<BadExe Name="" Exe="win-bugsfix.exe" Description=""/>
	<BadExe Name="" Exe="wincfg.exe" Description=""/>
	<BadExe Name="" Exe="wincfg32.exe" Description=""/>
	<BadExe Name="" Exe="wincmp32.exe" Description=""/>
	<BadExe Name="" Exe="wincrash.exe" Description=""/>
	<BadExe Name="" Exe="wincrash-e.exe" Description=""/>
	<BadExe Name="" Exe="windll.dll" Description=""/>
	<BadExe Name="" Exe="windll.exe" Description=""/>
	<BadExe Name="" Exe="windll32.exe" Description=""/>
	<BadExe Name="" Exe="windns32.exe" Description=""/>
	<BadExe Name="" Exe="window.exe" Description=""/>
	<BadExe Name="" Exe="windown.exe" Description=""/>
	<BadExe Name="" Exe="windowscfg.exe" Description=""/>
	<BadExe Name="" Exe="windowz.exe" Description=""/>
	<BadExe Name="" Exe="windvd98.exe" Description=""/>
	<BadExe Name="" Exe="winexe.exe" Description=""/>
	<BadExe Name="" Exe="winexec32.exe" Description=""/>
	<BadExe Name="" Exe="winext.exe" Description=""/>
	<BadExe Name="" Exe="winfat32.exe" Description=""/>
	<BadExe Name="" Exe="winfont.exe" Description=""/>
	<BadExe Name="Dark Shadow" Exe="winfunctions.exe" Description="Remote Access. The trojan is encrypted."/>
	<BadExe Name="" Exe="winguard.exe" Description=""/>
	<BadExe Name="" Exe="winhe1p.exe" Description=""/>
	<BadExe Name="" Exe="winhelp.exe" Description=""/>
	<BadExe Name="" Exe="winhlpp32.exe" Description=""/>
	<BadExe Name="" Exe="wininfo.exe" Description=""/>
	<BadExe Name="" Exe="wininit.exe" Description=""/>
	<BadExe Name="Rasmin" Exe="winipx.exe" Description="Destructive trojan. Rasmin uses up all the memory and the infected computer crashes regularly.  "/>
	<BadExe Name="" Exe="winipxa.exe" Description=""/>
	<BadExe Name="" Exe="winkernel.exe" Description=""/>
	<BadExe Name="" Exe="winkernel32.exe" Description=""/>
	<BadExe Name="" Exe="winket.exe" Description=""/>
	<BadExe Name="" Exe="winkif.exe" Description=""/>
	<BadExe Name="" Exe="winkit.exe" Description=""/>
	<BadExe Name="" Exe="winkrnl386.exe" Description=""/>
	<BadExe Name="" Exe="winlink32.exe" Description=""/>
	<BadExe Name="" Exe="winload32.exe" Description=""/>
	<BadExe Name="" Exe="winloader.exe" Description=""/>
	<BadExe Name="" Exe="winlogon.scr" Description=""/>
	<BadExe Name="" Exe="winlogonn.exe" Description=""/>
	<BadExe Name="" Exe="winmain.exe" Description=""/>
	<BadExe Name="" Exe="winmap.exe" Description=""/>
	<BadExe Name="" Exe="winmgm32.exe" Description=""/>
	<BadExe Name="" Exe="winmine.exe" Description=""/>
	<BadExe Name="" Exe="winmsg32.exe" Description=""/>
	<BadExe Name="" Exe="winmsrv32.exe" Description=""/>
	<BadExe Name="Dialer.Winmuschi" Exe="winmuschi.exe" Description="When Dialer.Winmuschi runs, it displays a window inviting you to access &quot;my webcam&quot; using a premium rate telephone number."/>
	<BadExe Name="" Exe="winn321.exe" Description=""/>
	<BadExe Name="" Exe="winnuke.exe" Description=""/>
	<BadExe Name="" Exe="winoldap.exe" Description=""/>
	<BadExe Name="" Exe="winppr32.exe" Description=""/>
	<BadExe Name="" Exe="winprot.exe" Description=""/>
	<BadExe Name="" Exe="winprotecte.exe" Description=""/>
	<BadExe Name="" Exe="winpup32.exe" Description=""/>
	<BadExe Name="" Exe="winreg.exe" Description=""/>
	<BadExe Name="" Exe="winrpc.exe" Description=""/>
	<BadExe Name="" Exe="winrpcsrv.exe" Description=""/>
	<BadExe Name="" Exe="winrun.exe" Description=""/>
	<BadExe Name="" Exe="winsatan.exe" Description=""/>
	<BadExe Name="" Exe="winsaver.exe" Description=""/>
	<BadExe Name="" Exe="winserv.exe" Description=""/>
	<BadExe Name="" Exe="winservices.exe" Description=""/>
	<BadExe Name="" Exe="winservs.exe" Description=""/>
	<BadExe Name="" Exe="winspc13.exe" Description=""/>
	<BadExe Name="" Exe="winspy.exe" Description=""/>
	<BadExe Name="" Exe="winsrvc.exe" Description=""/>
	<BadExe Name="" Exe="winssk32.exe" Description=""/>
	<BadExe Name="" Exe="winstat.exe" Description=""/>
	<BadExe Name="" Exe="winstop32.exe" Description=""/>
	<BadExe Name="Rasmin" Exe="winsvrc.exe" Description="Destructive trojan. Rasmin uses up all the memory and the infected computer crashes regularly.  "/>
	<BadExe Name="" Exe="winsys.exe" Description=""/>
	<BadExe Name="" Exe="wintask.exe" Description=""/>
	<BadExe Name="" Exe="wintlb.exe" Description=""/>
	<BadExe Name="" Exe="wintour.exe" Description=""/>
	<BadExe Name="" Exe="winupd.exe" Description=""/>
	<BadExe Name="" Exe="winupdsdgm.exe" Description=""/>
	<BadExe Name="" Exe="winvmm32.exe" Description=""/>
	<BadExe Name="" Exe="winz32.exe" Description=""/>
	<BadExe Name="" Exe="winzipp.exe" Description=""/>
	<BadExe Name="" Exe="wkernel.exe" Description=""/>
	<BadExe Name="" Exe="wmiprvsw.exe" Description=""/>
	<BadExe Name="" Exe="wsasrv.exe" Description=""/>
	<BadExe Name="Attack FTP" Exe="wscan.exe" Description="FTP server. Alters Win.ini."/>
	<BadExe Name="Web Server CT" Exe="wsct.exe" Description="Remote Access / HTTP server. Basically the trojan converts the infected computer into a Web server, which in turn is controlled by the intruders browser."/>
	<BadExe Name="Web Server CT" Exe="wsct2.exe" Description="Remote Access / HTTP server. Basically the trojan converts the infected computer into a Web server, which in turn is controlled by the intruders browser."/>
	<BadExe Name="Rasmin" Exe="wspool.exe" Description="Destructive trojan. Rasmin uses up all the memory and the infected computer crashes regularly.  
"/>
	<BadExe Name="W32.HLLW.Gaobot.CA" Exe="wstart32.exe" Description="W32.HLLW.Gaobot.CA is a minor variant of W32.HLLW.Gaobot.AO. It attempts to spread to network shares that have weak passwords and allows hackers to access an infected computer through an IRC channel."/>
	<BadExe Name="Backdoor.IRC.Loonbot" Exe="wstat32.exe" Description="Backdoor.IRC.Loonbot is a Trojan horse that has backdoor capabilities. It can allow an attacker to remotely control your computer using Internet Relay Chat (IRC)."/>
	<BadExe Name="Adware.Huntbar" Exe="wtoolsa.exe" Description="Adware.Huntbar installs itself as a Browser Helper Object and redirects search requests. Adware.Huntbar also gathers information on Web-browsing habits."/>
	<BadExe Name="Backdoor.Sdbot.Z" Exe="wupdated.exe" Description="Backdoor.Sdbot.Z is a Trojan horse that can be controlled using IRC. The existence of the file wupdated.exe is an indication of a possible infection."/>
	<BadExe Name="DoS.Autocat" Exe="wupdmgr32.exe" Description="DoS.Autocat is a Denial of Service (DoS) hacktool. The DoS is accomplished by ICMP packet flooding."/>
	<BadExe Name="W32.Randex.Y" Exe="xbox64.exe" Description="W32.Randex.Y is a network-aware worm. The worm receives instructions from an IRC channel on a predetermined IRC server. One such command will trigger the aforementioned spreading."/>
	<BadExe Name="Xtcp" Exe="xtcp.exe" Description="Remote Access"/>
	<BadExe Name="Xtcp" Exe="xtcp2.1.exe" Description="Remote Access"/>
	<BadExe Name="W32.XTC.Worm" Exe="xtcspawn.exe" Description="W32.XTC.Worm is a worm with backdoor capabilities that allows people on IRC to control the worm&apos;s behavior, including updating the worm itself."/>
	<BadExe Name="Yet Another Trojan - YAT" Exe="yat.exe" Description="Remote Access"/>
	<BadExe Name="Yet Another Trojan - YAT" Exe="yat-config.exe" Description="Remote Access"/>
	<BadExe Name="W32.White.Worm" Exe="yourlife.exe" Description="W32.White.Worm is an email worm originally discovered in Korea. When executed, the worm harvests email addresses from your Microsoft Outlook Express inbox and sends messages to these addresses with itself as an attachment."/>
	<BadExe Name="Ambush" Exe="zcn32.exe" Description="Remote Access"/>
	<BadExe Name="W32.Video.25600.Worm" Exe="zip01.exe" Description="W32.Video.25600.Worm is a worm that is usually sent through email as a program attachment named VIDEO.EXE. The size of this attached program file is 25,600 bytes."/>
	<BadExe Name="Worm.ExploreZip" Exe="zipped_files.exe" Description="Worm.ExploreZip is a worm that contains a malicious payload. The worm utilizes Microsoft Outlook, Outlook Express, or Exchange to mail itself out by replying to unread messages in your Inbox. The email attachment is Zipped_files.exe."/>
	<BadExe Name="W32/Atak.A.worm" Exe="hint.exe" Description="Atak.A is a worm without damaging effects that spreads via e-mail in a message with variable characteristics."/>
</BadExes>
