Detected by Malwarebytes as Backdoor.Bot.E. The file is located in %AppData%

Detected by Malwarebytes as Hijack.ShellA.Gen. Note - this entry adds an illegal HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" entry. The value data points to "explorer.exe" (which is a legitimate file located in %Windir% and shouldn't be deleted) and "%EX%.exe" (which is located in %LocalAppData%\Google)

Detected by McAfee as RDN/Ransom and by Malwarebytes as Trojan.Agent.XX

Detected by Kaspersky as Trojan.Win32.Buzus.aaup and by Malwarebytes as Backdoor.Bot.E. Note that the target is a Windows Alternate Data Stream (ADS)

Detected by Malwarebytes as Backdoor.Agent.DCGen. The file is located in %Temp%

Detected by Kaspersky as Trojan.Win32.Buzus.dpde and by Malwarebytes as Trojan.Agent. Note that the target is a Windows Alternate Data Stream (ADS)

Detected by McAfee as Generic.dx and by Malwarebytes as Backdoor.Sdbot. Note that the target is a Windows Alternate Data Stream (ADS)

Detected by Kaspersky as Trojan.Win32.Refroso.lcx. Note that the target is a Windows Alternate Data Stream (ADS)

Detected by Symantec as W32.Mydoom.AC@mm

Detected by Malwarebytes as Backdoor.Bot.E. Note - this is not the legitimate svchost.exe process which is always located in %System%. This one is also located in %System% but has a space at the beginning of the filename

Detected by Sophos as W32/SillyFDC-AB. Note the space at the beginning of the filename

Detected by Malwarebytes as Backdoor.Bot.E - where * represents a character. The file is located in %AppData%

Detected by Malwarebytes as Backdoor.Downloader.DK. The file is located in %AppData%

Detected by McAfee as RDN/Ransom and by Malwarebytes as Trojan.Agent.E

Seekmo Search Assistant adware. The file is typically located in %ProgramFiles%\SeekmoToolbar\Bin\[version]

Detected by Sophos as Troj/FireSpy-A. It will attempt to register the dropped component as a Firefox plugin and begin monitoring the user's browsing habits, stealing information including monitoring and logging information from Web forms

Detected by McAfee as RDN/Generic.dx and by Malwarebytes as Backdoor.Agent.SK

Detected by Dr.Web as Trojan.DownLoader10.38645

Detected by Dr.Web as Trojan.Inject1.3788 and by Malwarebytes as Backdoor.Agent.SVC