Detected by Malwarebytes as Trojan.Injector.E. The file is located in %AppData%

Detected by Symantec as Trojan.Cryptolocker.AE and by Malwarebytes as Ransom.Agent

Detected by Malwarebytes as Ransom.Agent.E. Note - this entry loads from the Windows Startup folder and the file is located in %AppData%

Detected by Malwarebytes as Trojan.Neurevt.Generic. The file is located in %CommonAppData%\CNN News Ticker

Detected by Symantec as Trojan.Cryptolocker.N and by Malwarebytes as Trojan.FileCoder

Detected by Symantec as W32.Korgo.W and by Malwarebytes as Backdoor.Bot

Detected by Sophos as W32/Rbot-GSN

Detected by Malwarebytes as Ransom.FileCryptor.E. The file is located in %AppData%\Microsoft\SystemCertificates\My\Certificates

Detected by Malwarebytes as Trojan.Agent.CHK. The file is located in %CommonAppData%

Detected by Malwarebytes as Backdoor.Bot. The file is located in %CommonAppData%\Creative Audio

Detected by Malwarebytes as Backdoor.Agent. Note - this entry loads from the HKCU\Policies\Explorer\Run key and the file is typically located in %AppData% or a sub-folder

Detected by Trend Micro as TROJ_DROPPER.EAT. The file is located in %LocalAppData% - see the link for the list of potential filenames

Detected by Malwarebytes as Trojan.Agent.Gen. The file is located in %Root%\Temp or a sub-folder

Detected by Symantec as Adware.Livechat - known file names include mssetup.exe, w32tm.exe, sptsupd.exe, autolfn.exe, mshta.exe, osk.exe, msswchx.exe and netdde.exe. The file is located in %Windir%

CoolWebSearch Smartsearch parasite variant. Typical filenames include internet.exe, systeem.exe, explore.exe and directx.exe. Detected by Microsoft as Trojan:Win32/Goweh.E

Detected by McAfee as RDN/Generic.tfr!eh and by Malwarebytes as Trojan.Agent.CRS

Detected by Sophos as W32/Rbot-LB

Detected by Sophos as W32/Agobot-AE

CyberDefender Early Detection Center rogue security software - not recommended. On testing with a clean image, this reported registry entries pointing to the legitimate Java "jqs_plugin.dll" file (located in %ProgramFiles%\Java\jre6\lib\deploy\jqs\ie as the Anticlear rogue (see an example here). In addition, it claimed that the installer for an older version of HashTab contained W32.MalwareF.KJAE and quarantined a valid 7-zip file ("7zCon.sfx" in %ProgramFiles%\7-Zip) as W32/Malware. Also read this post where a Tech Support person uses other free tools such as MBAM to fix a problem