- Backdoor.Win32.RMS.pm -> c:\programdata\windows\rfusclient.exe ( BitDefender: Trojan.Generic.15942633 )
- Backdoor.Win32.ShadowBrokers.f -> c:\programdata\rundll\doublepulsar-1.3.1.exe ( AVAST4: Sf:WNCryLdr-A [Trj] )
- Exploit.Win32.ShadowBrokers.aa -> c:\programdata\rundll\etchcore-0.x86.dll ( AVAST4: Other:Malware-gen [Trj] )
- Exploit.Win32.ShadowBrokers.ab -> c:\programdata\rundll\eteb-2.dll ( AVAST4: Sf:WNCryLdr-A [Trj] )
- Exploit.Win32.ShadowBrokers.ad -> c:\programdata\rundll\etebcore-2.x86.dll ( AVAST4: Other:Malware-gen [Trj] )
- Exploit.Win32.ShadowBrokers.ae -> c:\programdata\rundll\eternalblue-2.2.0.exe ( AVAST4: Sf:WNCryLdr-A [Trj] )
- Exploit.Win32.ShadowBrokers.z -> c:\programdata\rundll\etch-0.dll ( AVAST4: Other:Malware-gen [Trj] )
- Exploit.Win64.ShadowBrokers.c -> c:\programdata\rundll\etchcore-0.x64.dll ( AVAST4: Other:Malware-gen [Trj] )
- Exploit.Win64.ShadowBrokers.d -> c:\programdata\rundll\etebcore-2.x64.dll ( AVAST4: Other:Malware-gen [Trj] )
- HackTool.Win32.ShadowBrokers.k -> c:\programdata\rundll\libxml2.dll
- HackTool.Win32.ShadowBrokers.l -> c:\programdata\rundll\libiconv-2.dll ( AVAST4: Win32:Malware-gen )
- HackTool.Win32.ShadowBrokers.n -> c:\programdata\rundll\libeay32.dll ( AVAST4: Win32:Rootkit-gen [Rtk] )
- HEUR:Trojan-Spy.Win32.Convagent.gen -> c:\programdata\windowstask\audiodg.exe ( BitDefender: Gen:Trojan.Heur.AutoIT.2, AVAST4: Win32:Malware-gen )
- HEUR:Trojan.Win32.Blouiroet.gen -> c:\programdata\rundll\2x64.dll ( AVAST4: Win64:Malware-gen )
- HEUR:Trojan.Win32.Blouiroet.gen -> c:\programdata\rundll\x86.dll ( BitDefender: Gen:Trojan.Heur.LP.fu4@aKVfA7ei, AVAST4: Win32:Trojan-gen )
- HEUR:Trojan.Win32.Blouiroet.gen -> c:\programdata\rundll\x64.dll ( AVAST4: Win64:Malware-gen )
- HEUR:Trojan.Win32.Blouiroet.gen -> c:\programdata\rundll\2x86.dll ( BitDefender: Gen:Trojan.Heur.LP.fu4@aKVfA7ei, AVAST4: Win32:Trojan-gen )
- HEUR:Trojan.Win32.Generic -> c:\program files\microsoft office\services\software maintenance service\svchоst.exe ( AVAST4: Win32:Malware-gen )
- HEUR:Trojan.Win32.Miner.gen -> c:\programdata\windowstask\appmodule.exe ( AVAST4: Win64:Malware-gen )
- not-a-virus:RemoteAdmin.Win32.RDPWrap.h -> c:\program files\rdp wrapper\rdpwrap.dll
- Trojan-PSW.Win32.Delf.aidq -> c:\programdata\install\sys.exe ( AVAST4: Win32:PWSX-gen [Trj] )
- Trojan.VBS.Starter.mi -> c:\programdata\rundll\start.exe
- Trojan.Win32.Autoit.acbae -> c:\programdata\windowstask\winlogon.exe ( AVAST4: Win32:Malware-gen )
- Trojan.Win32.EquationDrug.ace -> c:\programdata\rundll\dmgd-4.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.EquationDrug.acf -> c:\programdata\rundll\coli-0.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.EquationDrug.acg -> c:\programdata\rundll\trfo-2.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.EquationDrug.ach -> c:\programdata\rundll\crli-0.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.EquationDrug.acj -> c:\programdata\rundll\cnli-0.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.EquationDrug.dp -> c:\programdata\rundll\zlib1.dll ( AVAST4: Win32:Malware-gen )
- Trojan.Win32.EquationDrug.jf -> c:\programdata\rundll\libcurl.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.aa -> c:\programdata\rundll\posh.dll ( AVAST4: Win32:Malware-gen )
- Trojan.Win32.ShadowBrokers.ab -> c:\programdata\rundll\posh-0.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.ac -> c:\programdata\rundll\tibe.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.ad -> c:\programdata\rundll\tibe-2.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.ae -> c:\programdata\rundll\trch.dll ( AVAST4: Win32:Malware-gen )
- Trojan.Win32.ShadowBrokers.af -> c:\programdata\rundll\trch-0.dll
- Trojan.Win32.ShadowBrokers.ag -> c:\programdata\rundll\trch-1.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.ah -> c:\programdata\rundll\tucl.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.ai -> c:\programdata\rundll\tucl-1.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.ak -> c:\programdata\rundll\xdvl-0.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.al -> c:\programdata\rundll\zibe.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.an -> c:\programdata\rundll\trfo.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.ao -> c:\programdata\rundll\cnli-1.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.aq -> c:\programdata\rundll\trfo-0.dll
- Trojan.Win32.ShadowBrokers.ar -> c:\programdata\rundll\riar.dll ( AVAST4: Win32:Stuxnet-C [Wrm] )
- Trojan.Win32.ShadowBrokers.as -> c:\programdata\rundll\riar-2.dll ( AVAST4: Win32:Stuxnet-C [Wrm] )
- Trojan.Win32.ShadowBrokers.au -> c:\programdata\rundll\pcreposix-0.dll
- Trojan.Win32.ShadowBrokers.av -> c:\programdata\rundll\pcrecpp-0.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.aw -> c:\programdata\rundll\dmgd-1.dll
- Trojan.Win32.ShadowBrokers.ax -> c:\programdata\rundll\pcre-0.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.bb -> c:\programdata\rundll\tibe-1.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.Shadowbrokers.co -> c:\programdata\rundll\ucl.dll
- Trojan.Win32.ShadowBrokers.ct -> c:\programdata\rundll\iconv.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.cz -> c:\programdata\rundll\ssleay32.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.p -> c:\programdata\rundll\adfw.dll ( AVAST4: Win32:Malware-gen )
- Trojan.Win32.ShadowBrokers.t -> c:\programdata\rundll\adfw-2.dll ( AVAST4: Other:Malware-gen [Trj] )
- Trojan.Win32.ShadowBrokers.v -> c:\programdata\rundll\esco-0.dll
- Trojan.Win32.ShadowBrokers.w -> c:\programdata\rundll\exma.dll ( AVAST4: Win32:Malware-gen )
- Trojan.Win32.ShadowBrokers.x -> c:\programdata\rundll\exma-1.dll
- Trojan.Win32.ShadowBrokers.y -> c:\programdata\rundll\pcla-0.dll ( AVAST4: Other:Malware-gen [Trj] )
- UDS:DangerousObject.Multi.Generic -> c:\programdata\rundll\rundll.exe