Adware.Agent
*file
C:\Program Files\ZPA7NKFZ6Y\uninstaller.exe
C:\Program Files\ZPA7NKFZ6Y\ZPA7NKFZ6.exe
C:\Program Files\1CW6G366CO\E13LO2C7B.exe
C:\Program Files\1CW6G366CO\uninstaller.exe
*reg_key
HKLM\SOFTWARE\Microsoft\Tracing\E13LO2C7B_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\E13LO2C7B_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\advise_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\advise_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\asasa_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\asasa_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\cas_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\cas_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\caster_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\caster_RASMANCS
HKLM\SOFTWARE\Microsoft\Tracing\ZPA7NKFZ6_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\ZPA7NKFZ6_RASMANCS
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run:0XIUGJCI1U
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run:XCTMRHRSR7
Adware.FileSubmit
*file
C:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileSubmit\Uninstall STARBASE 24 Star Trek LCARS Theme.lnk
C:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileSubmit\Install STARBASE 24 Star Trek LCARS Theme.lnk
C:\Program Files\FileSubmit\STARBASE 24 Star Trek LCARS Theme\NNEZTX638.exe
C:\Program Files\FileSubmit\STARBASE 24 Star Trek LCARS Theme\NNEZSTB3.exe
*reg_key
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\STARBASE 24 Star Trek LCARS Theme
Adware.BlueMoon
*file
C:\Users\{USERNAME}\AppData\Roaming\bluemoon\tongji.dll
C:\Program Files\BlueMoon\uninst.exe
C:\Program Files\BlueMoon\BlueMoonLegend.exe