- Backdoor.Win32.Agent.djnm -> c:usersplan-bolshakovaappdataroamingmicrosoft corporationwhetapi.p
- HEUR:Trojan.Win32.Generic -> c:documents and settingsdubovitscayaapplication datadaobpmodbe.gnt
- HEUR:Trojan.Win32.Generic -> c:program filesrarlabwinrarwinzip.exe ( DrWEB: Trojan.PWS.UFR.3724, BitDefender: Gen:Variant.Zusy.43545, AVAST4: Win32:Malware-gen )
- not-a-virus:Downloader.Win32.Montiera.b -> c:users1appdatalocalpay-by-adsyahoo! search1.3.12.4dsrsetup.exe ( BitDefender: Gen:Variant.Strictor.64185 )
- not-a-virus:Downloader.Win32.Montiera.b -> c:users1appdatalocalpay-by-adsyahoo! search1.3.12.4dsrlte.exe ( BitDefender: Gen:Variant.Strictor.64185 )
- not-a-virus:RiskTool.Win32.BitCoinMiner.lrc -> c:usersmariyaappdataroamingwindowsx86explorer.exe ( BitDefender: Application.BitCoinMiner.BK )
- not-a-virus:RiskTool.Win64.BitCoinMiner.a -> c:usersmariyaappdataroamingwindowsx64explorer.exe ( DrWEB: Tool.BtcMine.130, BitDefender: Application.BitCoinMiner.BM )
- Trojan-PSW.Win32.Ruftar.babr -> c:program files (x86)ооо россинформ технологииинформационный архивupdate.exe ( BitDefender: Gen:Variant.Zusy.43545 )
- Trojan-Ransom.Win32.Agent.idl -> c:tmpnull.cmd
- Trojan-Ransom.Win32.Agent.idl -> tmpnull.cmd
- Trojan-Ransom.Win32.Agent.idl -> tmpstart.cmd
- Trojan-Ransom.Win32.Agent.idl -> c:tmpstart.cmd
- Trojan-Ransom.Win32.Cryakl.bb -> c:program files (x86)winrarwinrarwinrar.exe ( DrWEB: Trojan.Encoder.567, BitDefender: Gen:Variant.Zusy.108099 )
- Trojan-Ransom.Win32.Cryakl.bi -> c:program files (x86)ооо россинформ технологииинформационный архивsvchost.exe ( BitDefender: Gen:Variant.Zusy.108099 )
- Trojan-Ransom.Win32.Rector.mf -> c:program filesrarlabwinrarwinrar.exe ( DrWEB: Trojan.Encoder.567, BitDefender: Trojan.GenericKD.1877674, AVAST4: Win32:Malware-gen )