Detected by Trend Micro as TROJ_DROPPER.EAT and by Malwarebytes as Backdoor.Bot.E. The file is located in %LocalAppData% - see the link for the list of potential filenames

Detected by Symantec as W32.Opaserv.AD.Worm

Detected by Sophos as W32/Lerpa-A. Note - the file name will be one of the following common.exe, common.pif, common.scr, Sexo.exe, Sexo.jpg.pif, ini_file__.pif, load_me__.tmp, msfile.pif, system_load_.pif or zipped.rar.pif

CoolWebSearch Smartsearch parasite variant. Also detected as the GOWEH.A WORM! Typical filenames include internet.exe, systeem.exe, explore.exe and directx.exe

SpySheriff rogue spyware remover - not recommended, removal instructions here. File names spotted include VXH8JKDQ2.EXE, NS6281400.so, CVXH8JKDQ2.EXE, down3.exe, sefe.exe, winstall.exe and tool2.exe

Detected by Malwarebytes as Trojan.Agent. The file is located in %WinTemp% - see examples here and here

Detected by Sophos as W32/SillyFDC-BL

Detected by Symantec as VBS.Lido

Detected by Symantec as W32.HLLW.Symten@mm

Detected by Sophos as Troj/Oficla-X and by Malwarebytes as Trojan.Downloader

Detected by Malwarebytes as Trojan.Agent. The file is located in %LocalAppData%

Added by a variant of W32.IRCBot. The file is located in %System%