Files beginning with numbers

Latest Articles

Clear Thumbnail Cache
Change Mouse Pointer Speed
Disable Data Execution Prevention
Single Click Instead of Double Click
Automatic Vista Backups
Select Multiple Files with Checkboxes
Delete Temporary Files
Repair Corrupt Vista Files
Hide Hard Drive
Change Background Image

Sections

Home Page
Vista Tips
Vista Forums
File Database
Contact Us
Links
Archive
RSS Feed

The table below includes any files beginning with numbers, from which further information can be found by clicking on the process title. The icon beside the information can be used to quickly determine if this is a safe file in combination with the key below:


This file is normally safe to leave running.	In most cases, this file is not required to run on startup and can be run manually.	Warning, this file may be a virus, spyware, resource hog and running it is not recommended.	This file may or may not be necessary to load on startup, depending on your circumstances.	No information is available for this item.

[#] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

Files beginning with numbers:

File Type	File Name	Process Name and Information
	$sys$xp.exe	$sys$cmp Added by the RYKNOS.B TROJAN! Attempts to utilize the Sony Rootkit A.K.A. SecurityRisk.First4DRM security risk to hide itself on the compromised computer
	$sys$sonyTimer.exe	$sys$crash Added by the WELOMOCH TROJAN!
	$sys$sos$sys$.exe	$sys$crash Added by the WELOMOCH TROJAN!
	$sys$WeLoveMcCOL.exe	$sys$crash Added by the WELOMOCH TROJAN!
	$sys$drv.exe	$sys$drv Added by the RYKNOS TROJAN! Attempts to utilize the Sony Rootkit A.K.A. SecurityRisk.First4DRM security risk to hide itself on the compromised computer
	$sys$sonyTimer.exe	$sys$momomomochin Added by the WELOMOCH TROJAN!
	$sys$sos$sys$.exe	$sys$momomomochin Added by the WELOMOCH TROJAN!
	$sys$WeLoveMcCOL.exe	$sys$momomomochin Added by the WELOMOCH TROJAN!
	$sys$sonyTimer.exe	$sys$umaiyo Added by the WELOMOCH TROJAN!
	$sys$sos$sys$.exe	$sys$umaiyo Added by the WELOMOCH TROJAN!
	$sys$WeLoveMcCOL.exe	$sys$umaiyo Added by the WELOMOCH TROJAN!
	%cmpmixstr%	%cmpmixtitle% Possibly related to C-Media Mixer Control panel?
	[random filename].exe	(default) Added by the BLACKMAL WORM!
	5640.exe	(Default) Added by the DOWNLD-ABF TROJAN!
	[random filename]	*MS Setup Virtumondo adware, also known as the VUNDO TROJAN!
	[filename]	*Windows [filename] Checker Added by the KEDEBE-B WORM!
	[trojan path] ren time:[random number]	*WinLogon Added by the VUNDO TROJAN!
	000StTHK.exe	000StTHK Toshiba Hot key functionality for the function keys (Fn-Esc, Fn-F1 (lock), Fn-F2, Fn-F3, Fn-F4, Fn-F5 (switching between laptop and CRT display output), etc...)
	0050726-007-i32-1.exe	0050726-007-i32-1 Added by the BANCBAN-EC TROJAN!
	00THotKey.exe	00THotkey For Toshiba Satellite notebook series to use the front buttons, play, stop, next, prev.
	0mcamcap.exe	0mcamcap Added by the COSIAM-H TROJAN!
	****.exe [ = random char]	0utlook Express Added by the RBOT-CC WORM! Note the first letter is actually the digit "0" and not a capital "o"
	1.exe	1 Added by the ESTEEMS TROJAN!
	1111swapmgr.exe	1111swapmgr.exe Added by the IC TROJAN!
	12backup.exe	12Ghosts Backup 12Ghosts Backup - "Automatic Backups, HyperBackup for Multiple Versions, Registry Backup"
	12clip.exe	12Ghosts Clip 12Ghosts Clip - "Screen shots made easy"
	12window.exe	12Ghosts JustAWindow 12Ghosts JustAWindow - "Cover annoying ads, animated gifs, things you don't want to see"
	12popup.exe	12Ghosts Popup-Killer 12Ghosts Popup-Killer
	12autosl.exe	12Ghosts SaveLayout 12Ghosts SaveLayout - "Always (always!) keep the layout of your desktop icons"
	12color.exe	12Ghosts SetColor 12Ghosts SetColor - "Change your desktop icon text colors, also to transparent"
	12showtime.exe	12Ghosts ShowTime 12Ghosts Showtime - "Enhance the clock in your tray with font formatting, colors, date, time zones"
	12sync.exe	12Ghosts Synchronize 12Ghosts Synchronize - "Sync PC clock with an atomic clock over the Internet"
	12tower.exe	12Ghosts Tower 12Ghosts Tower - "Quickly access and manage all Ghosts (included in all packages)"
	12srvc.exe	12Ghosts TrayProtect 12Ghosts TrayProtect - "Hide tray icons, restore after a crash"
	12wash.exe	12Ghosts Wash 12Ghosts Wash - "Protect your privacy, clear browser history, delete and overwrite cache files"
	180adsolution.exe	180adsolution NCase adware
	180ax.exe	180ax NCase adware
	[path to trojan]	180ClientStubInstall 180Solutions adware related
	*****.tmp [ = random digit/char]	180ClientStubInstall 180Solutions adware related
	1916435341.exe	1916435341.exe Added by the DLOADR-AXU TROJAN!
	196_150_ni.exe	196_150_ni WinFixer web installer. Winfixer is "Foistware", pretending to be system optimization, protection and recovery software - stealth installed, see here
	197_150_ni_3.exe	197_150_ni_3 WinFixer web installer. Winfixer is "Foistware", pretending to be system optimization, protection and recovery software - stealth installed, see here
	1on1.exe	1on1 Adult content dialler
	1u7.exe	1u7 Added by the MURBAC-A TROJAN!
	[path to file]	2thousandbuck Added by the RANKY.L TROJAN!
	2portalmon.exe	2wSysTray 2Wire Homeportal user interface
	3cmlink.exe 3cpipe-3c1807pd	3c1807pd 3Com WinModem driver. See here for more WinModem information
	3capplnk.exe	3capplnk US Robotics Modem driver
	3CDMINIC.EXE	3cdminic 3Com DMI (DynamicAccess Desktop Management Interface) Agent associated with 3Com network cards
	3cmcnkw.exe	3CM Link Required for a US Robotics WinModem as it provides the link to Windows - won't work without it
	3CmlinkW.exe	3Cmlink For a US Robotics WinModem. Provides the link to Windows as the CPU does the processing on WinModems - won't work without it. See here for more WinModem information
	3CDMINIC.EXE	3ComDMIAgent 3Com DMI (DynamicAccess Desktop Management Interface) Agent associated with 3Com network cards
	3D Text.scr	3D Text Added by the JERMY.A WORM!
	3DeepCTL.EXE	3Deep Control Panel Now superseeded by ColorWizzard - 3Deep corrected lighting, shading and color for all your 2D and 3D games
	3dfxMan.exe	3dfx Task Manager System Tray application for 3dfx Voodoo 3/4/5 functions. Available via Start -> Programs
	3dfxCmn.dll	3dfx Tools Updates the registry with information that can't be held for Voodoo 3/4/5 series graphics cards. Important for owners of these cards
	3dfxv2ps.dll	3dfxv2ps.dll Updates the registry with info that can't be held for 3dfx Voodoo 2 video cards. Important for owners of these cards
	3DLman.exe	3Dlabs Taskbar Display Manager 3DLabs graphics driver related. System Tray access to display settings?
	3dldemon.exe	3DLabsHelperDemon Directly from the programs author "It is a tiny program that is installed by the Permedia2/3 and probably other Oxygen-series cards. Normally it sits in the background doing nothing at all (sleeping on a semaphore), so it should take zero CPU time and virtually zero memory, since it will all be paged out to the hard drive." In most cases it can be safely disabled
	3DMouse.EXE	3DMouse.EXE Dritek System Inc. 3D Mouse driver
	3d_sound.exe	3d_sound Added by the RIADOS-A TROJAN!
	3qdctl.exe	3qdctl.exe Provided with Terratec 128i PCI and similar sound cards. Loads a sound profile at bootup, restoring volume and other audio settings to a pre-determined default. Similar to Creative Lab's AudioHQ
	3dm.exe	3ware 3DM Monitors status of the disk array on 3ware IDE RAID controllers
	4da92ad5.exe	4da92ad5.exe Added by the DLOADR-WZ TROJAN!
	5-2-46-112.exe	5-2-46-112 Adult content pop-up dialler. Removal instructions here
	[path to trojan]	5p4m Added by the LITEBOT-C TROJAN!
	5whgue21.exe	5whgue21 ClearSearch adware
	9xadiras.exe	9xadiras Allied Telesyn AT series router/modem related - apparently required
	[filename]	;Rundll Added by the PWSLEGMIR.E TROJAN!
	?nksvc32.exe	?ekio Startups Added by the AGOBOT-OV WORM where ? is a random character
	@tour_ww[1].exe	@tour_ww Adult content dialler
	??	AAAKeyboard ??
	[path to worm]	ACCDEFRAGINFO Added by the DARBY-O WORM!
	[path to file]	Access WebControl Added by the PPDOOR-M TROJAN!
	[random filename]	Aceu PurityScan/Clickspring adware
	[Installation_Path]	AddClass Added by the STARTPAGE.F hijacker
	[path to trojan]	AddClass Added by the SECDL-A TROJAN!
	[random filename]	Adobe Acrobat Reader CFG Added by a variant of the RBOT WORM!
	[path to csrss.exe]	AdRotator.Application Added by the SMALL-AQ TROJAN! Note - this is not the legitimate csrss.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup!
	[path to trojan]	Advanced DHTML Enable Added by the AGENT.GLQ TROJAN!
	[path to trojan]	advap32 Detected by Trend Micro as the MUTANT.AT TROJAN! See here
	[random filename]	Agent Browser Added by the PPdoor.M-bdr backdoor TROJAN!
	[random filename]	Agent Explorer Unidentified adware
	[path to worm]	AHU Added by the ANACON-B WORM!
	[random filename]	AIM Instant Message Cookies Added by the RBOT-AFV WORM!
	??	AIMster Peer to Peer (P2P) file sharing client that runs over the AOL Instant Messenger network. Available via Start -> Programs
	[worm filename]	AlevirOld Added by the OPASERV WORM!
	ÎäÒíÑ.exe	alkasr Added by the BALKART TROJAN!
	[path to trojan]	Allopassw Added by the RANKY.CU TROJAN!
	[path to trojan]	Allopassw Added by the RANKY.CU TROJAN!
	[path to worm]	ansjava Added by the RANDON-AN WORM!
	[random filename].exe	Anti-Virus Added by the CAPROBAD-A TROJAN!
	[unprintable character][3 characters]log.exe	Anti-Virus Product Sync Added by the KEDEBE.D WORM!
	[path to trojan]	Anti-Virus Update Scheduler Added by the SPAMMIT-A TROJAN!
	[path to trojan]	Anti-Virus Update Scheduler V1.39.12R Added by the HEPLANE or STAPREW.B TROJANS! - different filenames have been spotted; examples: msvc.exe, kaspersky.exe, nrton.exe, wins.exe, gah32.exe, 1.tmp, syste.exe, alg.exe, socks.exe, winxpsp2.exe, tek9.exe, sks.exe, hihi.exe, s.exe, xps2.exe, dns2.exe, ikav32.exe and more...
	[path to trojan]	Antivirus Installer Added by the BADGENT-A TROJAN!
	[random filename]	AOL Messenger Added by an unidentified VIRUS, WORM or TROJAN!
	[path to worm].exe	App.EXEName Added by the BODIRU WORM!
	[path to file]	Aqujyjax Added by the RANCK-CQ TROJAN!
	[random filename]	ara-key Added by the ANTINNY WORM!
	100171be.exe	ASDPLUGIN AsdPlug premium rate adult content dialer variant
	100176br.exe	ASDPLUGIN AsdPlug premium rate adult content dialer variant
	[path to worm]	ATI Video Driver Controls Added by the SDBOT-DDS WORM!
	[path to trojan]	autorundemo Added by the AGENT-FPX TROJAN!
	[path to file]	autoupdatev2 Added by the DROPPER-BM TROJAN!
	[path to trojan]	AVP Added by the MUTBO-A TROJAN!
	[path to trojan]	avptask Added by the NOFERE-G TROJAN!
	[random filename]	Avril Lavigne - Muse Added by the AVRIL-A WORM!
	??	Avxnews ??
	[path to worm]	backup Added by the AGOBOT-H WORM!
	[path to file]	Band-Aid Added by the RANKY.O TROJAN!
	[path] NPBelv32.dll, RunDll32_BelNotify	BelNotify BelTech from Belarc enables licensees to offer automated, Web-based problem resolution to their end-users. BelTech allows the end-user to simply go to a web page and automatically resolve their problem or point them to the right solution. BelTech Manager allows non-programmers to rapidly and easily deploy and maintain this service
	[path to file]	BeSys BeSys adware
	[random filename]	BIOS XP Loader Added by the RBOT-IC WORM!
	[path to trojan]	Blue Service Added by the BANCOS-BCW TROJAN!
	[random filename]	Bnexe Added by the KITRO.D (or ARGEN.A) WORM!
	[path] repcale.exe [path] palsp.exe	Boarddata Added by a variant of the RANDON.AN WORM!
	??	Bonzi Buddy Bonzi Buddy adware - see here for removal instructions
	[path to file]	boot_reg Added by the BANCBAN-CA TROJAN!
	[worm filename]	BrasilOld Added by the OPASERV.P WORM!
	[path to file]	Bron-Spizaetus Added by the BRONTOK-F WORM!
	[random filename]	BrowserUpdateSched ZenoSearch adware
	[path to worm]	brwdiag Added by the STRATIO-BN WORM!
	[path to trojan]	BT Added by the LITEBOT-B TROJAN!
	[random].dll	bxproxy Spyware Soft Stop misleading security software - not recommended, see here and here
	[path to worm]	C7 Added by the MEDIAKILL.A WORM!
	[path to trojan]	CacheLoader Added by the DLOADER-NZ TROJAN!
	[filename].hta	cAgOu Added by the KAKWORM WORM!
	[path to file]	cartao Added by the DLOADER-QD TROJAN!
	[10 to 14 random char]THD.EXE	Cassandra Added by the KREPPER-AI TROJAN!
	[random filename]	ccApp Added by the OBSORB TROJAN! Note the random filename compared to the valid Norton AntiVirus
	.EXE	ccApp Added by the RBOT-LJ WORM!
	[path to worm]	Cekirge Added by the KERGEZ.A WORM!
	[random name]32.exe	center Added by the BOFRA.A WORM!
	[path to file]	Client Agent Added by the PPDOOR-J TROJAN!
	[path to trojan]	Client Server Control Process Added by the AGENT-HR TROJAN!
	[path to worm]	Client Server Runtime Added by the POEBOT-KR WORM!
	[path to trojan]	clkhost Added by the WIXUD-B TROJAN!
	[various filenames]	clock LiveChat Adware - known file names include: mssetup.exe, kstatus.exe, spoolsv.exe, sptsupd.exe, osk.exe, msswchx.exe, netdde.exe, msbkup.exe
	[path to file]	ClrSchLoader ClearSearch adware
	[path to trojan]	cmrss Added by the DLOADER-QQ TROJAN!
	[random filename]	cof.updit Added by a variant of the SDBOT WORM!
	??	Compaq Video CD Watcher For Compaq PC's. MPEG viewer
	[path to trojan]	con Added by the BRAVE-A TROJAN!
	[filename]	Configuration Added by the SDBOT-ML WORM!
	[path to trojan]	Connectivity Tool Added by the LITEBOT-E TROJAN!
	[random filename].exe	Content connector Added by the DIALER-Y TROJAN! Note - uses a random filename and random folders. Usually the folder containing the file is a Temp folder
	**********.exe [ = random char]	Control handler CoolWebSearch parasite variant
	[10 to 14 random char]THD.EXE	Control handler Added by the KREPPER-AI TROJAN!
	[path to trojan]	Controladores Added by the TELEFO-A TROJAN!
	[path] cmd32.exe internat.dll, LoadKeyboardProfile	ControlPanel Added by the DLOADER-HF TROJAN!
	[path] private.exe internat.dll, LoadMouseCarpetProfile	ControlPanel Reported by Norman Virus Control as W32/Downloader. Creates the files sdfff, fdsf and zxczxc. In the C:WINDOWSSYSTEM32 directory creates the files d.exe, s.exe and r.exe
	??	Coupon Offers ??
	??	CQSCP2P SERVER Compaq printer utility which is required in the startup menu in order to make the printer work correctly. Personally I doubt whether it is actually needed
	??	CQSCP2PS Compaq printer utility which is required in the startup menu in order to make the printer work correctly. Personally I doubt whether it is actually needed
	[random filename]	crmssrlt Added by a variant of the SLAPER TROJAN!
	*****.exe [ = random char]	Cryptographic Service Added by the KORGO.W or KORGO.X or KORGO.AB WORMS!
	[trojan filename]	CSRSWIN Added by the WINSHELL.50 TROJAN!
	[trojan filename]	CSRSX Added by the WINSHELL.50.B TROJAN!
	[random filename].exe	ctfmon32 Added by the RBOT-GSN WORM!
	[path to trojan]	CTime Added by the HTTPDOS TROJAN!
	[path to file]	Ctykd SMALL.SN spyware
	***.dat [ = random char]	cyberfree.exe Unidentified adware
	[random filename]	Danton* Added by the DANTON TROJAN! where * = random number
	[path] repcale.exe [path] beird.exe	DATABASE MySql Added by a variant of the RANDON.AN WORM!
	[random filename]	ddivmwa Added by a variant of the SLAPER TROJAN!
	_default.pif	Default Added by the RUBBLE-C WORM!
	*.exe	Description of Shortcuts * seems to be a sequence of alphanumerics that can be different, i.e., 1960F8A9, 4EBD23F5, etc. Each of these files would appear to be a shortcut, i.e., 4EBD23F5 is actually Works Calender Reminder (found via a registry search)
	[path to trojan]	Devicewin Added by the BANKER-AEV TROJAN!
	??	Devlog ??
	[path to trojan]	dfgfdgrergd Added by the RANKY.CK TROJAN!
	[path to trojan]	dfgfdgrergd Added by the RANKY.CK TROJAN!
	[path to trojan]	DirectX shell driver Added by the MARKTMAN-B TROJAN!
	[path to trojan]	Disk Keeper Added by the SMALL-VE TROJAN!
	[trojan name]	Disk Master Added by the DISTER TROJAN! - a spam relayer
	[various filenames]	Dll Boot Loader on Startup (do not remove this) Added by an unidentified TROJAN!
	[path to worm]	DLL Service Manager Added by the RPCBOT.F TROJAN!
	[random filename].exe	dll services Added by a variant of the SDBOT WORM!
	[random filename]	dllcvss Added by a variant of the SLAPER TROJAN!
	[path to file]	DllExecutable Added by the VB-SP WORM!
	[path to file]	dm_service Added by the MITGLIEDER.P TROJAN!
	[worm filename]	DNS Added by the CQG WORM! Note - this is not the legitimate services.exe process which is always located in the System (9x/Me) or System32 (NT/2K/XP) folder and should not normally figure in Msconfig/Startup! This file is found in the Common Files folder
	??	Dosbat ??
	[trojan filename]	down Added by the Small-QJ TROJAN!
	[random filename]	DRam prmaessor Added by the RBOT.CSG WORM!
	[random filename]	DRam prosesor Added by the SPYBOT.EE WORM!
	[random filename]	DRam prosessor Added by the RBOT.CSG WORM!
	[path to file]	DSAcass Added by the RANKY.M TROJAN!
	[path to trojan]	DSKEY Added by the STARTER-G TROJAN!
	[path to trojan]	DSS Added by the DSSDOOR-C TROJAN!
	??	EDRestore Set Point from Easy Desk Software - "small utility that automatically sets System Restore points for WinME/XP"
	[random filename]	educational writer Added by the RBOT-LZ WORM!
	[random 5 characters].exe	Efata Added by the FLUKAN-D WORM!
	[path] efjm.dll,run	EFI Job Monitor Ricoh Imagio Printer/Scanner driver status monitor
	[path] repcale.exe [path] palsp.exe	element furth Added by a variant of the RANDON.AN WORM!
	[path to worm]	eMCryT Sh3ars Panagers Added by the RBOT-AWI WORM!
	[name of file]	enBrowser WINBO adware
	[random filename].exe	example Added by the NUCLEAR TROJAN! Note - this trojan file is found in the WindowsNR or WinntNR folder
	[random filename]	expcrt Added by a variant of the SLAPER TROJAN!
	[path to worm]	Explorer Added by the AUTEX WORM!
	[path to trojan]	explorer Added by the AGENT-EU TROJAN!
	[random filename]	ExploreUpdSched ZenoSearch adware
	[path to trojan]	f94mggfhfghodftdf Added by the SMALL.JHZ TROJAN!
	[path to trojan]	FindHack Added by the KELVIR-BA TROJAN!
	[random filename]	Fire Wall services Added by the IRCBOT-QY WORM!
	[path to trojan]	Flash Driver Detected by PCTools as the AGENT.CWVT TROJAN! See here
	%%%%%.exe	Flash Media Added by a variant of the IRCBOT TROJAN! See here
	%%%.exe	Flash Media Added by a variant of the IRCBOT TROJAN! See here
	[path to trojan]	Flash Media Detected by Trend Micro as the IRCBOT.AUR TROJAN! See here
	^ ^^^ %% % ^% ^%%^ %^ .exe	Flash Media Added by a variant of the IRCBOT TROJAN! See here
	^^% ^ %%% %^%%%^%%^%^% % ^^%% % %^^^^ ^%%^%% .exe	Flash Media Added by a variant of the IRCBOT TROJAN! See here
	^^^^^.exe	Flash Media Added by a variant of the IRCBOT TROJAN! See here
	^^^^^^.exe	Flash Media Added by a variant of the IRCBOT TROJAN! See here
	[path to worm]	Flash Player2 Detected by Trend Micro as the IRCBOT.PD WORM! See here
	#NAME?	FLASH32 ??
	[path to trojan]	Floppy Master Added by the ZONIT-F TROJAN!
	[path to worm]	FolderRaper Added by the VB.GOZ WORM!
	??	FoolProofSweep Part of FoolProof Security PC security software from SmartStuff
	[worm filename]	G00123 Added by the BUGBROS WORM!
	[path to trojan]	Games Acceleration Added by the SMUTSRCH-A TROJAN!
	[path to backdoor]	GDAX Added by the RANKY.K TROJAN!
	[path to trojan]	gimmygames Added by the DLOADR-LN TROJAN!
	[random filename]	GlobalSCAPE Added by the RBOT-AYM WORM!
	[random filename]	Google Earth Added by the RBOT-AXK TROJAN!
	[random name].dll	GPLv3 Vundo adware
	2Stop.exe	gramdate ??
	_default.pif	Graphics Added by the AUTOSKY WORM!
	[path] GsiInst.exe INSTALL [path] V205Res 13	GSISETUP BT Voyager ADSL modem related - what does it do and is it required?
	[filename].exe	GustavVED Added by the OPASERV.H WORM!
	[path to trojan]	HATAPE Added by the BANKER-QF TROJAN!
	[random filename].exe	HDAudio Driver 1.0 Added by the TEADOOR-D TROJAN!
	[random filename].exe	HDAudio Driver 2.0 Added by the TEADOOR-E TROJAN!
	[8 random letters].exe	hdlpscom Added by the RBOT-FUL WORM!
	1hellbot.exe	HELLBOT TEST Added by the MYDOOM.BO WORM!
	[path] rundll32.exe [path] helper.dll	helper.dll CnsMin (Chinese Keywords) hijacker related
	[filename].exe	hen Added by the TARNO.G TROJAN!
	[path to worm]	himem.exe Added by the STRATION-FW WORM!
	[path to worm]	HotKeysCmds Added by the PAHATIA-A WORM!
	??	HP Info Express On HP PCs, allows the computer to automatically receive notifications from HP over the Internet. Associated with BackWeb
	??	HP RecordNow From HP "Software for the CD writer. Do not prevent from starting unless the CD writer is never going to be used."
	??	HP Updates On HP PCs, allows the computer to automatically receive notifications from HP over the Internet. Associated with BackWeb
	[random filename]	hpsysconf1 Added by a variant of the VIVIA.A TROJAN!
	[path to trojan]	hxadsec Added by the ADCLICK-AP TROJAN!
	[path to trojan]	ibin Added by the PERDA-C TROJAN!
	[path to worm]	ICQ Center Added by the RANDIN WORM!
	[random filename]	ICQ Lite Messenger Added by an unidentified VIRUS, WORM or TROJAN! Unlike the legitimate ICQ Lite executable, which will be located in the ICQLITE folder in Program Files, this particular impostor is located in the Windows or WinntSystem32 directory
	[random filename]	idmlssp Added by a variant of the SLAPER TROJAN!
	[path to trojan]	IEXPLORE.EXE Added by the BANCOS-CJ TROJAN!
	[random filename]	ifperx Added by a variant of the SLAPER TROJAN!
	??	Imesh Imesh is a file sharing system
	??	Imesh Auto Update Update check for the Imesh file sharing system. Turn the update off under "options"
	[path to file]	imgit Added by the BANKER-EM TROJAN!
	[path to trojan]	imonitor Added by the IMONI-A TROJAN!
	8x8_init.exe	Initialize8x8 Tool that initializes a Pinnacle PCTV card - maybe in capture or in showing overlay
	[path] repcale.exe [path] palsp.exe	Installs SP2 Added by a variant of the RANDON.AN WORM!
	[path to worm]	Instance 001 Added by the Alasrou-A WORM!
	[path to worm]	Intec Service Drivers Added by the RBOT-GLU WORM!
	[path to worm]	InterceptedSystem Added by the ANACON-B WORM!
	[trojan filename]	Internal Added by the SMOTHER and TRANSLAT TROJANS!
	[trojan filename]	Internat Added by the CMJSPY-Y TROJAN!
	[trojan filename].exe	internet Added by the MIFENG-D TROJAN!
	[path to trojan]	Internet Connection Wizard Added by the SMUTSRCH-A TROJAN!
	[path to trojan]	Internet Mail and News Added by the SMUTSRCH-A TROJAN!
	??	Introduction-Registration For Compaq PC's. Should only run first time, PC Introduction & Compaq registration
	[path to trojan]	IntSys1 Added by the BANLOA-ASE TROJAN!
	[9 random letters].exe	Ipod Help Added by a variant of the RBOT WORM!
	[path to trojan]	Irwftp Added by the BANCOS-AP TROJAN!
	[random filename]	ist service uninstall ISTBar parasite related
	[path to trojan]	ixproxy Added by the XORPIX-A TROJAN!
	[filename]	JavaUpdate0.07 Added by the JUPDATE TROJAN!
	[random filename]	jcidls Added by a variant of the SLAPER TROJAN!
	[path to trojan]	jon315 Added by the MAILBOT-BI TROJAN!
	[path to worm]	jpgdiag Added by the STRATION-AN WORM!
	[path to trojan]	jusched Added by the BANKER-BWR TROJAN!
	[random filename]	JVM0.12 Added by the TEADOOR-A TROJAN!
	[random filename]	JVM0.14 Added by the TEADOOR-B TROJAN!
	[random filename]	jysyqm ZenoSearch adware
	[random filename].exe	Kadoc Added by the STAPREW TROJAN!
	[random 6 char filename]	kavsvc Qoologic downloader trojan variant using random file names (examples: nzkklz.exe, rzazzi.exe, ivpaan.exe) - do not confuse with the Kaspersky antivirus startup item, as described here
	*****.exe reg_run [ = random char]	KavSvc Added by the QOOLOGIC TROJAN!
	[random 6 char filename]	kavsvc Added by the QOOLOGIC TROJAN! Uses random file names (examples: nzkklz.exe, rzazzi.exe, ivpaan.exe)
	[worm filename]	KAVutil Added by the WINTOO.B WORM!
	9	KAZAACuf Added by the KITRO.D (or ARGEN.A) WORM!
	[random filename]	kern64dll Added by the TARNO.J TROJAN!
	[path to worm]	KernelRuntime Added by the MYTOB-JO WORM!
	[path to worm]	KernelRuntime Added by the MYTOB-JO WORM!
	[path to trojan]	keyboard Added by the DLOADR-AOZ TROJAN!
	[path to file]	klop Added by the AGENT-WQ TROJAN!
	[random].tmp	klop Found with Trojan.Win32.StartPage.aw. Possibly a variant of the AGENT-WQ TROJAN!
	[path to trojan]	LanGuard Added by the DLOADER-VO TROJAN!
	[path] setup.exe	LanzarL2007 ??
	[trojan filename]	lar Added by the ROXY.C TROJAN!
	[path to worm]	Letum Added by the LETUM.A WORM!