I apologize for the late response but i have been out of town for work. Here are the requested reports.
QuickScan 32-bit v0.9.9.105
---------------------------
Scan date: Fri Feb 10 18:40:08 2012
Machine ID: D89193F9
C:\WINDOWS\system32\winlogon.exe - could not be scanned
--> Process winlogon.exe (932)
C:\WINDOWS\explorer.exe - could not be scanned
C:\WINDOWS\system32\svchost.exe - could not be scanned
No infection found.
-------------------
Processes
---------
ArcSoft Connect 1516 C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
ATI External Event Utility for Windows 1548 C:\WINDOWS\system32\ati2evxx.exe
ATI External Event Utility for Windows 1140 C:\WINDOWS\system32\ati2evxx.exe
avast! Antivirus 1980 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
Dell Wireless WLAN Card Wireless Networ 1932 C:\WINDOWS\system32\BCMWLTRY.EXE
explorer.exe 1988 C:\WINDOWS\explorer.exe
MediaServer.exe 2116 C:\Program Files\TVersity\Media Server\MediaServer.exe
Microsoft® Windows® Operating System 24232 C:\WINDOWS\system32\drwtsn32.exe
Microsoft® Windows® Operating System 23552 C:\WINDOWS\system32\drwtsn32.exe
Microsoft® Windows® Operating System 1372 C:\WINDOWS\system32\spoolsv.exe
Microsoft® Windows® Operating System 2900 C:\WINDOWS\system32\wscntfy.exe
NicConfigSvc 1864 C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
novacomd Application 1884 C:\Program Files\Palm\SDK\bin\novacomd\x86\novacomd.exe
Pure Networks Platform 248 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
Pure Networks Platform 2212 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
svchost.exe 1680 C:\WINDOWS\system32\svchost.exe
svchost.exe 1528 C:\WINDOWS\system32\svchost.exe
svchost.exe 1292 C:\WINDOWS\system32\svchost.exe
svchost.exe 1252 C:\WINDOWS\system32\svchost.exe
svchost.exe 1156 C:\WINDOWS\system32\svchost.exe
tcprelay.exe 1912 C:\Program Files\Palm\PDK\tcprelay.exe
WLTRYSVC.EXE 1920 C:\WINDOWS\system32\WLTRYSVC.EXE
(verified) Bonjour 1652 C:\Program Files\Bonjour\mDNSResponder.exe
(verified) Java Platform SE 6 U17 1792 C:\Program Files\Java\jre6\bin\jqs.exe
(verified) Microsoft® Windows® Operating System 2156 C:\WINDOWS\network diagnostic\xpnetdiag.exe
(verified) Microsoft® Windows® Operating System 3428 C:\WINDOWS\system32\alg.exe
(verified) Microsoft® Windows® Operating System 904 C:\WINDOWS\system32\csrss.exe
(verified) Microsoft® Windows® Operating System 288 C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System 992 C:\WINDOWS\system32\lsass.exe
(verified) Microsoft® Windows® Operating System 980 C:\WINDOWS\system32\services.exe
(verified) Microsoft® Windows® Operating System 856 C:\WINDOWS\system32\smss.exe
(verified) Microsoft® Windows® Operating System 3460 C:\WINDOWS\system32\wbem\wmiprvse.exe
(verified) Microsoft® Windows® Operating System 101204 C:\WINDOWS\system32\wuauclt.exe
(verified) Windows® Internet Explorer 18600 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 39176 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 41420 C:\Program Files\Internet Explorer\iexplore.exe
(verified) Windows® Internet Explorer 96516 C:\Program Files\Internet Explorer\iexplore.exe
Network activity
----------------
Process AvastSvc.exe (1980) connected on port 80 (HTTP) --> 107.14.38.18
Process AvastSvc.exe (1980) connected on port 80 (HTTP) --> 72.14.204.101
Process AvastSvc.exe (1980) connected on port 80 (HTTP) --> 69.171.228.14
Process AvastSvc.exe (1980) connected on port 80 (HTTP) --> 72.14.204.101
Process svchost.exe (1252) listens on ports: 135 (RPC)
Process svchost.exe (1680) listens on ports: 2869 (SSDP event notification, UPNP)
Process tcprelay.exe (1912) listens on ports: 10022, 12345 (NetBus), 12346
Process MediaServer.exe (2116) listens on ports: 41952
Process nmsrvc.exe (2212) listens on ports: 1196
Autoruns and critical files
---------------------------
ATI External Event Utility for Windows C:\WINDOWS\system32\Ati2evxx.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\logon.scr
Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll
Network Magic C:\Program Files\Pure Networks\Network Magic\nmapp.exe
Pure Networks Platform C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
(verified) QuickTime C:\Program Files\QuickTime\qttask.exe
(verified) Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll
Browser plugins
---------------
avast! WebRep C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BitDefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll
Messenger C:\Program Files\Messenger\msmsgs.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\mswsock.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
Mozilla Default Plug-in C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
NPSWF32.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
(verified) AcroIEHelperShim Library C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
(verified) Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
(verified) Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
(verified) Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
(verified) Java Platform SE 6 U17 C:\Program Files\Java\jre6\bin\jp2ssv.dll
(verified) Java Platform SE 6 U17 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\network diagnostic\xpnetdiag.exe
(verified) npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
(verified) QuickTime Plug-in 7.6.6 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
(verified) QuickTime Plug-in 7.6.6 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
(verified) QuickTime Plug-in 7.6.6 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
(verified) QuickTime Plug-in 7.6.6 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
(verified) QuickTime Plug-in 7.6.6 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
(verified) QuickTime Plug-in 7.6.6 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
(verified) QuickTime Plug-in 7.6.6 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
(verified) QuickTime Plug-in 7.6.6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
(verified) QuickTime Plug-in 7.6.6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
(verified) QuickTime Plug-in 7.6.6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
(verified) QuickTime Plug-in 7.6.6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
(verified) QuickTime Plug-in 7.6.6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
(verified) QuickTime Plug-in 7.6.6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
(verified) QuickTime Plug-in 7.6.6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
Scan
----
MD5: ffaa62e671f4604f729063640befd039 C:\Program Files\Alwil Software\Avast5\1033\Base.dll
MD5: 9e9898d12608f8fbbd3ab3b9cde010c6 C:\Program Files\Alwil Software\Avast5\Aavm4h.dll
MD5: b0e0b1b2f651e3c3917d4bec88be57f4 C:\Program Files\Alwil Software\Avast5\AavmRpch.dll
MD5: 082901e36e49bdd5ebe1aceaccfcabae C:\Program Files\Alwil Software\Avast5\AhResBhv.dll
MD5: 7748d2c035541cc6119cbd0676065555 C:\Program Files\Alwil Software\Avast5\AhResJs.dll
MD5: e656b9bb3650fdc261110b5791e15ac9 C:\Program Files\Alwil Software\Avast5\AhResMai.dll
MD5: 9f91b0d0f39c087de9b0eadde33f49ec C:\Program Files\Alwil Software\Avast5\AhResMes.dll
MD5: c58756a546c564f0758fc13bae56fcbf C:\Program Files\Alwil Software\Avast5\AhResNS.dll
MD5: ea1cfd8098399e7ffebc5014c130729b C:\Program Files\Alwil Software\Avast5\AhResP2P.dll
MD5: 3a5e076cbff22e52e5bc29222437e6f2 C:\Program Files\Alwil Software\Avast5\AhResStd.dll
MD5: 852369f350aa2563938ab02f0eb8b431 C:\Program Files\Alwil Software\Avast5\AhResWS.dll
MD5: ca4ddb5cb61b905a4407c5fb76527437 C:\Program Files\Alwil Software\Avast5\ashBase.dll
MD5: 12ccfcb4bfb998647439adc8dd58a8c1 C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll
MD5: a958d494cbbce0dfa989d8bb3d1b1841 C:\Program Files\Alwil Software\Avast5\ashServ.dll
MD5: 7a4a6056b53f36db50bcb8a334bad2b6 C:\Program Files\Alwil Software\Avast5\ashShell.dll
MD5: b821ced9f11f12f5dff8e983fc32aea2 C:\Program Files\Alwil Software\Avast5\ashTask.dll
MD5: bef4f20a11c0fe612d2d521a502cca52 C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll
MD5: cd8e2ba308973659b224631349a2f039 C:\Program Files\Alwil Software\Avast5\ashWebSv.dll
MD5: db542d64f17ce2a804581ad6ae207db6 C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll
MD5: 1d352baff5a4b2e5e163bb6e652daf49 C:\Program Files\Alwil Software\Avast5\aswAux.dll
MD5: 5a996ce86bda5ff1b628b21b9871287a C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll
MD5: 85e7f7d95de30a2008c75726cfc3ad61 C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll
MD5: 928f0fc896d10b099588a1d5aa46b1bf C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll
MD5: 58bc0980941cb7ad218345adf24261d4 C:\Program Files\Alwil Software\Avast5\aswDld.dll
MD5: 09cb9ae8bbc2512d9818987e721abe32 C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll
MD5: c3f2f11d2db6436b638ffb3befe97009 C:\Program Files\Alwil Software\Avast5\aswIdle.dll
MD5: 4f91c0b574919537defdb406ffd94430 C:\Program Files\Alwil Software\Avast5\aswLog.dll
MD5: aee62a34b70cbea34ebe384d529312cb C:\Program Files\Alwil Software\Avast5\aswProperty.dll
MD5: 388d8dd599c04577edff52e79c451bd7 C:\Program Files\Alwil Software\Avast5\aswSqLt.dll
MD5: f9446590f30e954f9ada62dda89dc321 C:\Program Files\Alwil Software\Avast5\aswStrm.dll
MD5: 328bc79bc53ba7a284c818dde88945d7 C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
MD5: 996e6d052438e8d8dfd501f31560b2e0 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
MD5: 5fc77a3708bd421dfdf32b3f654d4ee6 C:\Program Files\Alwil Software\Avast5\defs\12021001\algo.dll
MD5: ad70d42b7b993b65c3880918d6d7a89e C:\Program Files\Alwil Software\Avast5\defs\12021001\arPot.dll
MD5: 74e2fb99d9310fb73f77905e39c3a60c C:\Program Files\Alwil Software\Avast5\defs\12021001\aswCmnBS.dll
MD5: 1c08931655dd2aaa4e566a9cd07d5447 C:\Program Files\Alwil Software\Avast5\defs\12021001\aswCmnIS.dll
MD5: d43118da873c97716c7d7f279d77f340 C:\Program Files\Alwil Software\Avast5\defs\12021001\aswCmnOS.dll
MD5: a216b10ec97af9016e9716157cb7bf3a C:\Program Files\Alwil Software\Avast5\defs\12021001\aswEngin.dll
MD5: 28501ee17a2e6e49f5d6b91d465b610e C:\Program Files\Alwil Software\Avast5\defs\12021001\aswFiDb.dll
MD5: e80d971b670018c4822f69449b037c0c C:\Program Files\Alwil Software\Avast5\defs\12021001\aswRep.dll
MD5: b813d81697069b221b1db11a8667745e C:\Program Files\Alwil Software\Avast5\defs\12021001\aswScan.dll
MD5: ea5abee342925aa2c959e07fe6a95d5c C:\Program Files\Alwil Software\Avast5\snxhk.dll
MD5: 35f57598f0589feb3c3abc1621bf329f C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
MD5: e9b8dff0c25c3933a1b4216afc3619b0 C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll
MD5: cf514ce8a21808abd84ce8f307b02bdd C:\Program Files\Common Files\Pure Networks Shared\Platform\11.2.09195.1.nmctxtPS.dll
MD5: b80933a7e3d63277a23f9882bf839db5 C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
MD5: 6bcbed73231f5d30b92dee591b6679e9 C:\Program Files\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll
MD5: 1444ee8815b6eb99de6937d2e7313df6 C:\Program Files\Common Files\Pure Networks Shared\Platform\Linksys.dll
MD5: 1f174a1bf0b7718ecb8d1821ad1d3166 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmagnt.dll
MD5: 54e18addc60a2054cf99b2e847a6d378 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmcore.dll
MD5: d960ab4131a0568ed12c6bceda95f618 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxt.dll
MD5: 73bfdc88c6ef9715cdf57134a438837a C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
MD5: 79e76dfb12de84a5dc3f677f6df172e5 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxthl.dll
MD5: de35eff35c9eb0b381709cf979537e2a C:\Program Files\Common Files\Pure Networks Shared\Platform\nmrasv.dll
MD5: cd569fa91ec6f59d045c19d0d3850f44 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
MD5: 75c1ca5b61414748ce9bcf3c7a52c39f C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvclb.dll
MD5: 130203d3313a0323dc333b941c3aa87a C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll
MD5: d0aa2987178aaf134d011c4cc7364b8b C:\Program Files\Common Files\Pure Networks Shared\Platform\upnpgw.dll
MD5: 9b38622df6506ac70d4c509acb0e7365 C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
MD5: 751ee920d6811584e5b1f0b153a5a4e2 C:\Program Files\ESET\ESET Online Scanner\OnlineScanner.ocx
MD5: 5c8a29e5a379b27456a506907cc7548f C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 5906643ebc9dac817800908b3ffd99ad C:\Program Files\internet explorer\xpshims.dll
MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe
MD5: 0bfe041b7f5230739fb642a08deaa66a C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
MD5: 2da1b57183e890f3225c87eec6e46be6 C:\Program Files\Palm\PDK\tcprelay.exe
MD5: 719bbce1d942991a528f3418ff7b8837 C:\Program Files\Palm\SDK\bin\novacomd\x86\novacomd.exe
MD5: 45d2e47073134976d2f1dd4bf8582b14 C:\Program Files\Pure Networks\Network Magic\nmapp.exe
MD5: 96d7fb081cc326d73d13af7b6c44701e C:\Program Files\TVersity\Media Server\avcodec-52.dll
MD5: a867f717151b529e97c58800900da17b C:\Program Files\TVersity\Media Server\avformat-52.dll
MD5: 6c6c12831b7b612901d2f58ff5936d7f C:\Program Files\TVersity\Media Server\avutil-50.dll
MD5: 62046ec37105a43fdde61f1a156f7ba8 C:\Program Files\TVersity\Media Server\CORE_RL_bzlib_.dll
MD5: 8df84916f757a74b5a1af84c89442001 C:\Program Files\TVersity\Media Server\CORE_RL_jpeg_.dll
MD5: 14cf279495793589c9902497d65e97d5 C:\Program Files\TVersity\Media Server\CORE_RL_lcms_.dll
MD5: a3f85a192676a0a471a75a3e727f2fa4 C:\Program Files\TVersity\Media Server\CORE_RL_magick_.dll
MD5: 09d805c1ede28f6829b94417242e702a C:\Program Files\TVersity\Media Server\CORE_RL_tiff_.dll
MD5: 06188767a3c2360a17c056709b2ee5d6 C:\Program Files\TVersity\Media Server\CORE_RL_ttf_.dll
MD5: f8d89ac9e13ad9ad4d0fbe4be1e8bc44 C:\Program Files\TVersity\Media Server\CORE_RL_zlib_.dll
MD5: 4996ea9048bad33c22044d7147743c51 C:\Program Files\TVersity\Media Server\ImageMagickCoders\IM_MOD_RL_GRAY_.dll
MD5: 6f80db6acefddf61ea37790cdfe90538 C:\Program Files\TVersity\Media Server\libapr.dll
MD5: 242483bc36bd81c92d9fde74f4957d84 C:\Program Files\TVersity\Media Server\libapriconv.dll
MD5: 4ad5ce74994b98bc390aafdf1e2a5a91 C:\Program Files\TVersity\Media Server\libaprutil.dll
MD5: 41946139859baac2b66d154a87319df7 C:\Program Files\TVersity\Media Server\libcurl.dll
MD5: c85189aecaed14a1f0a7625cd5977f6b C:\Program Files\TVersity\Media Server\libmp3lame-0.dll
MD5: 93f88a524ef445134392251a95f5664d C:\Program Files\TVersity\Media Server\log4cxx.dll
MD5: e0a9b5b92097211a57fd16d27f2b3750 C:\Program Files\TVersity\Media Server\MediaServer.exe
MD5: de3a5fb77bbb229814e46b0964d72051 C:\Program Files\TVersity\Media Server\MSVCR71.dll
MD5: ff6aab73b8441bcdfe42178e252cab6d C:\Program Files\TVersity\Media Server\pthreadVC2.dll
MD5: 159e5bd94f243ec06fc5cc1a3660f15e C:\Program Files\TVersity\Media Server\sqlite3.dll
MD5: fe4e5b6f28a13cab95505e2c72fecdca C:\Program Files\TVersity\Media Server\swscale-0.dll
MD5: 04feacb049858139c8439a886586d88f C:\Program Files\TVersity\Media Server\taglib.dll
MD5: c9c31d04825dbac72ea4b9912e2c7e9f C:\Program Files\TVersity\Media Server\X11.dll
MD5: 42ee0091bbc47161e50f8477d7426fc5 C:\Program Files\TVersity\Media Server\zlib1.dll
MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL
MD5: bb7fcdcd4de287340b5c1bb1949ad3c6 C:\WINDOWS\Downloaded Program Files\qsax.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67 C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: bd86e02064d60c6b324f3e1ed4183059 C:\WINDOWS\Network Diagnostic\custsat.dll
MD5: 8a2ca6e1663ca343adf0a9d1826529ed C:\WINDOWS\system32\Ati2edxx.dll
MD5: 60ea2cd252034e7857538a67fcd5ac1d C:\WINDOWS\system32\Ati2evxx.dll
MD5: 3de89d7a2bf4e1880df6a7e5ab8f97e1 C:\WINDOWS\system32\ati2evxx.exe
MD5: 6e000ec0096a2a1cf4a31b7393a29ae1 C:\WINDOWS\System32\bcm1xsup.dll
MD5: ee56f213182841bbf333d4ea3db481ef C:\WINDOWS\System32\BCMLogon.dll
MD5: 4df537a09034434ea9481b88ab1d3c25 C:\WINDOWS\System32\bcmwlpkt.dll
MD5: 3118a7345a5c28e8d5c6be7a90aea0a6 C:\WINDOWS\system32\BCMWLTRY.EXE
MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\COMCTL32.dll
MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll
MD5: 8fcf03e4d7be9b5587ccf11719959006 C:\WINDOWS\system32\corpol.dll
MD5: bdaaf79dd63f194434d31a74b9bb8b77 C:\WINDOWS\system32\CRYPT32.dll
MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll
MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\system32\cscdll.dll
MD5: 56adb11f7d4d0816c0be1e701c1b5e52 C:\WINDOWS\system32\D3DIM700.DLL
MD5: 06848c5a1674fe6c9b7e9ca9b5b4e6e5 C:\WINDOWS\system32\dbgeng.dll
MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll
MD5: 5d3fde8fb2801a2041d1b965372c4928 C:\WINDOWS\system32\DNSAPI.dll
MD5: fe3ea6e9afc1a78e6edca121e006afb7 C:\WINDOWS\system32\drivers\Afc.sys
MD5: efbb0956baed786e137351b5ca272aef C:\WINDOWS\system32\DRIVERS\AmdK8.sys
MD5: ec94e05b76d033b74394e7b2175103cf C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
MD5: 9e050c4e49a26ff181b70bec61ae048e C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
MD5: 1842b56b3d3f195c36f62708d266b95e C:\WINDOWS\system32\DRIVERS\atiide.sys
MD5: 6489310d11971f6ba6c7f49be0baf6e0 C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
MD5: 30d20fc98bcfd52e1da778cf19b223d4 C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
MD5: 555e54ac2f601a8821cef58961653991 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
MD5: d03d10f7ded688fecf50f8fbf1ea9b8a C:\WINDOWS\system32\DRIVERS\HPZid412.sys
MD5: 89f41658929393487b6b7d13c8528ce3 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
MD5: ba6b6fb242a6ba4068c8b763063beb63 C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
MD5: e8ec1767ea315a39a0dd8989952ca0e9 C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
MD5: 61478fa42ee04562e7f11f4dca87e9c8 C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
MD5: e246a32c445056996074a397da56e815 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
MD5: 36fcac4fa28b462ca867742dea59b0d0 C:\WINDOWS\system32\DRIVERS\pnarp.sys
MD5: d8ac00388262b1a4878a7ee12f31d376 C:\WINDOWS\system32\DRIVERS\purendis.sys
MD5: 24ed7af20651f9fa1f249482e7c1f165 C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
MD5: 0fa803c64df0914b41f807ea276bf2a6 C:\WINDOWS\system32\DRIVERS\sffdisk.sys
MD5: c17c331e435ed8737525c86a7557b3ac C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
MD5: 0f6aefad3641a657e18081f52d0c15af C:\WINDOWS\system32\DRIVERS\srv.sys
MD5: 8990440e4b2a7ca5a56a1833b03741fd C:\WINDOWS\system32\drivers\sthda.sys
MD5: fa2daa32bed908023272a0f77d625dae C:\WINDOWS\system32\DRIVERS\SynTP.sys
MD5: b6cc50279d6cd28e090a5d33244adc9a C:\WINDOWS\system32\DRIVERS\usb8023x.sys
MD5: fd600b032e741eb6aab509fc630f7c42 C:\WINDOWS\system32\DRIVERS\WinUSB.sys
MD5: 6ff66513d372d479ef1810223c8d20ce C:\WINDOWS\system32\DRIVERS\WudfPf.sys
MD5: 2e229c47678c8d275ccba88704659de6 C:\WINDOWS\system32\DRMClien.DLL
MD5: c9f5e1de6da983e89e714ed80c11f000 C:\WINDOWS\system32\drwtsn32.exe
MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll
MD5: d7ae907903a6f46384b0f1d618fce822 C:\WINDOWS\system32\exts.dll
MD5: 0bc012900f03605e4b1dc0f152a41624 C:\WINDOWS\system32\hpz3l5mu.dll
MD5: 2ef237a6b7232f45a7df000c54974bf1 C:\WINDOWS\system32\ieframe.dll
MD5: ddac701c984d46209abf35d69998dc4c C:\WINDOWS\system32\iepeers.dll
MD5: b8a72abaca96b56fbe83ac2801586e50 C:\WINDOWS\system32\iertutil.dll
MD5: 9fad7dff67555ff1e06bc4a3893024a7 C:\WINDOWS\system32\logon.scr
MD5: 652401636a8d82d81a99a637a6a49f09 C:\WINDOWS\system32\MFC42u.DLL
MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\WINDOWS\System32\MFC71.DLL
MD5: e377649feeb4ae85028d7b8a862b1831 C:\WINDOWS\system32\msfeeds.dll
MD5: d7cca87057901c87ed8cc40ddcc7fa1b C:\WINDOWS\system32\mshtml.dll
MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll
MD5: c7e39ea41233e9f5b86c8da3a9f1e4a8 C:\WINDOWS\system32\mspmsnsv.dll
MD5: 832e4dd8964ab7acc880b2837cb1ed20 C:\WINDOWS\system32\mswsock.dll
MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 c:\windows\system32\netshell.dll
MD5: 3225c2bcbcaf3f0d994dadc82112e233 C:\WINDOWS\system32\ntsdexts.dll
MD5: 7a6a7900b5e322763430ba6fd9a31224 C:\WINDOWS\system32\ole32.dll
MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll
MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll
MD5: 8bcd11d38fce43a519246a91cc40de6a C:\WINDOWS\system32\security.dll
MD5: 26cb10fa893f940ab09713ff46dcdade C:\WINDOWS\system32\SHDOCVW.dll
MD5: e5edbd51476db5001abf5c82ae5c3dd1 C:\WINDOWS\system32\shgina.dll
MD5: 1fd0e4dcf4f9084df6138bc5fde6610f C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp5mu.dll
MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe
MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll
MD5: 30ee694430b9bd030858cca88af1875f C:\WINDOWS\system32\urlmon.dll
MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe
MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll
MD5: 960f6d3cd9a1ba6435d7aadd102b297f C:\WINDOWS\system32\wbem\wmiprov.dll
MD5: bf67ac2c1f41be892b98e9b8e91c0cb8 C:\WINDOWS\system32\wiashext.dll
MD5: 306a2b05ea9846278113964dc6e2c940 C:\WINDOWS\system32\WININET.dll
MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll
MD5: 42b5427fac23bf6f1f31e466b7feb084 C:\WINDOWS\system32\winsrv.dll
MD5: d73fcf8da5ec0a15a0c00fe87ea8d32b C:\WINDOWS\system32\WINUSB.DLL
MD5: 9eefe69139fdbb4a3c327630f8eb993a C:\WINDOWS\system32\wlanapi.dll
MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll
MD5: 6c2981657e2d424518de66c786eee672 C:\WINDOWS\System32\wltrynt.dll
MD5: 8e12adcd26a2ac8006e52b74463e9dd1 C:\WINDOWS\system32\WLTRYSVC.EXE
MD5: 3406c40e64755cc43919218af12a616d C:\WINDOWS\system32\WMASF.DLL
MD5: 812466cecd47ec365fe51ba23c7cd43b C:\WINDOWS\system32\wmidx.dll
MD5: f92e1076c42fcd6db3d72d8cfe9816d5 C:\WINDOWS\system32\wscntfy.exe
MD5: bea4aee74fef171eb61de1bad8faf427 C:\WINDOWS\system32\xmllite.dll
MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll
MD5: 1b3b381e1aab46f7b321a46150d890cb C:\WINDOWS\system32\xpsp3res.dll
MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
No file uploaded.
Scan finished - communication took 2 sec
Total traffic - 0.01 MB sent, 0.76 KB recvd
Scanned 617 files and modules - 123 seconds
==============================================================================
C:\Qoobox\Quarantine\C\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ulvymcyg.default\extensions\{a60093af-7dba-414f-b18c-cb84870c6c08}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan
C:\Qoobox\Quarantine\C\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ulvymcyg.default\extensions\{a60093af-7dba-414f-b18c-cb84870c6c08}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan
C:\Qoobox\Quarantine\C\Documents and Settings\Ryan LaShomb\Application Data\Mozilla\Firefox\Profiles\o2cs5o6u.default\extensions\{a60093af-7dba-414f-b18c-cb84870c6c08}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan
C:\Qoobox\Quarantine\C\Documents and Settings\Ryan LaShomb\Application Data\Mozilla\Firefox\Profiles\o2cs5o6u.default\extensions\{a60093af-7dba-414f-b18c-cb84870c6c08}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan
C:\Qoobox\Quarantine\C\WINDOWS\explorer.exe.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD104.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD110.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD11F.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD128.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD134.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD140.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD14C.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD159.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD164.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD170.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD17C.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD18A.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD194.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD1A2.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD1AE.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD1B8.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD1C4.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD1D3.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD1DC.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD1EC.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD1F4.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD204.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD210.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD21A.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD226.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD22E.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD236.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD23C.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD38.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD44.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD50.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD56.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD5A.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD5E.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD60.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD63.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD68.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD74.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD80.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD8C.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLD9A.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLDA4.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLDB0.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLDBC.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLDCA.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLDD4.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLDE0.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLDEC.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\OLDF8.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD100.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD102.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD10C.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD10E.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD118.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD11A.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD124.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD126.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD130.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD132.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD13C.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD13E.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD148.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD14A.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD154.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD157.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD160.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD162.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD16C.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD16E.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD178.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD17A.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD184.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD188.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD190.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD192.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD19C.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD19F.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1A8.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1AA.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1B4.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1B6.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1C0.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1C2.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1CC.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1CE.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1D8.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1DA.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1E4.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1E6.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1F0.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1F2.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1FC.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD1FE.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD206.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD208.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD212.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD214.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD21C.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD228.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD230.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD239.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD3F.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD42.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD4C.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD4E.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD58.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD5A.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD64.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD66.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD70.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD72.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD7C.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD7E.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD88.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD8A.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD94.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLD97.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDA0.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDA2.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDAC.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDAE.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDB8.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDBA.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDC4.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDC8.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDD0.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDD2.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDDC.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDDE.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDE8.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDEA.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDF4.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\OLDF6.tmp.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\svchost.exe.vir Win32/Patched.NBG trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\winlogon.exe.vir Win32/Patched.NBG trojan
C:\System Volume Information\_restore{D93A5301-7318-4AF1-8CD2-23FFEB0BAB3E}\RP11\A0015760.exe Win32/Patched.NBG trojan
C:\System Volume Information\_restore{D93A5301-7318-4AF1-8CD2-23FFEB0BAB3E}\RP11\A0015761.exe Win32/Patched.NBG trojan
C:\System Volume Information\_restore{D93A5301-7318-4AF1-8CD2-23FFEB0BAB3E}\RP11\A0015762.exe Win32/Patched.NBG trojan
C:\System Volume Information\_restore{D93A5301-7318-4AF1-8CD2-23FFEB0BAB3E}\RP11\A0015783.exe Win32/Patched.NBG trojan
C:\System Volume Information\_restore{D93A5301-7318-4AF1-8CD2-23FFEB0BAB3E}\RP11\A0015784.exe Win32/Patched.NBG trojan
C:\System Volume Information\_restore{D93A5301-7318-4AF1-8CD2-23FFEB0BAB3E}\RP11\A0015785.exe Win32/Patched.NBG trojan
C:\System Volume Information\_restore{D93A5301-7318-4AF1-8CD2-23FFEB0BAB3E}\RP11\A0015789.exe Win32/Patched.NBG trojan
C:\System Volume Information\_restore{D93A5301-7318-4AF1-8CD2-23FFEB0BAB3E}\RP11\A0015790.exe Win32/Patched.NBG trojan
C:\System Volume Information\_restore{D93A5301-7318-4AF1-8CD2-23FFEB0BAB3E}\RP3\A0003129.exe a variant of Win32/InstallCore.D application
C:\System Volume Information\_restore{D93A5301-7318-4AF1-8CD2-23FFEB0BAB3E}\RP6\A0012389.exe Win32/Patched.NBG trojan
C:\System Volume Information\_restore{D93A5301-7318-4AF1-8CD2-23FFEB0BAB3E}\RP6\A0012396.exe Win32/Patched.NBG trojan
C:\System Volume Information\_restore{D93A5301-7318-4AF1-8CD2-23FFEB0BAB3E}\RP6\A0012398.exe Win32/Patched.NBG trojan
C:\System Volume Information\_restore{D93A5301-7318-4AF1-8CD2-23FFEB0BAB3E}\RP6\A0012413.exe Win32/Patched.NBG trojan
C:\WINDOWS\explorer.exe Win32/Patched.NBG trojan
C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\16\34e6a250-1ad64524 a variant of Java/TrojanDownloader.Agent.NDJ trojan
C:\WINDOWS\system32\config\systemprofile\Application Data\Sun\Java\Deployment\cache\6.0\6\53a79e06-383783de a variant of Java/TrojanDownloader.Agent.NDJ trojan
C:\WINDOWS\system32\dllcache\explorer.exe Win32/Patched.NBG trojan
Operating memory Win32/Patched.NBG trojan
SHA256: 31ae5e6d0f795741a1ca91e252bc44c35f004d6cab6ba98f3c4b58c3e92f86a6
SHA1: 049863915158f5e6b5befcc63915c16bd1c57d80
MD5: e60dd665167cfe2fa7511d1c8eb84a9a
File size: 1.0 MB ( 1058816 bytes )
File name: explorer.exe
File type: Win32 EXE
Detection ratio: 8 / 43
Analysis date: 2012-01-27 00:18:25 UTC ( 2 weeks, 4 days ago )
00Antivirus Result Update
VirusBuster - 20120126
ViRobot - 20120126
VIPRE - 20120127
VBA32 - 20120126
TrendMicro-HouseCall - 20120126
TrendMicro - 20120126
TheHacker - 20120126
Symantec - 20120126
SUPERAntiSpyware - 20120126
Sophos - 20120126
Rising Trojan.Win32.Generic.12ADF86E 20120118
Prevx - 20120127
PCTools - 20120127
Panda Suspicious file 20120126
nProtect - 20120126
Norman - 20120126
NOD32 - 20120126
Microsoft Virus:Win32/Bamital.Q 20120126
McAfee-GW-Edition - 20120126
McAfee - 20120126
Kaspersky - 20120127
K7AntiVirus Virus 20120126
Jiangmin - 20120125
Ikarus Trojan.Patched 20120126
GData - 20120126
Fortinet - 20120126
F-Secure - 20120126
F-Prot - 20120126
eTrust-Vet - 20120126
eSafe - 20120126
Emsisoft Trojan.Patched!IK 20120126
DrWeb - 20120127
Comodo - 20120126
Commtouch - 20120126
ClamAV - 20120126
CAT-QuickHeal - 20120125
ByteHero - 20120126
BitDefender - 20120126
AVG Win32/Patched 20120126
Avast - 20120126
Antiy-AVL - 20120126
AntiVir TR/Patched.Gen 20120126
AhnLab-V3 - 20120126
Comments
Additional information
No commentsMore comments Leave your comment...? Rich Text AreaToolbar Bold (Ctrl+B) Italic (Ctrl+I) Underline (Ctrl+U) Undo (Ctrl+Z) Redo (Ctrl+Y) StylesStyles ?
Remove Formatting
Post comment You have not signed in. Only registered users can leave comments, sign in and have a voice!
Sign in Join the community
An error occurred
ssdeep
12288:MHmcoCUyutwAvAs4wTCyrPTloHWYUrkf8w0Vnzac1/g/J/vmS:2mftyuwAvN7lrvbkf8w0VnH1/g/J/O
TrID
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
ExifTool
UninitializedDataSize....: 0
InitializedDataSize......: 752128
ImageVersion.............: 5.1
ProductName..............: Microsoft Windows Operating System
FileVersionNumber........: 6.0.2900.5512
LanguageCode.............: English (U.S.)
FileFlagsMask............: 0x003f
FileDescription..........: Windows Explorer
CharacterSet.............: Unicode
LinkerVersion............: 7.1
FileOS...................: Windows NT 32-bit
MIMEType.................: application/octet-stream
Subsystem................: Windows GUI
FileVersion..............: 6.00.2900.5512 (xpsp.080413-2105)
TimeStamp................: 2008:04:13 13:43:44+01:00
FileType.................: Win32 EXE
PEType...................: PE32
InternalName.............: explorer
ProductVersion...........: 6.00.2900.5512
SubsystemVersion.........: 4.1
OSVersion................: 5.1
OriginalFilename.........: EXPLORER.EXE
LegalCopyright...........: Microsoft Corporation. All rights reserved.
MachineType..............: Intel 386 or later, and compatibles
CompanyName..............: Microsoft Corporation
CodeSize.................: 282112
FileSubtype..............: 0
ProductVersionNumber.....: 6.0.2900.5512
EntryPoint...............: 0x1a55f
ObjectFileType...........: Executable application
Sigcheck
publisher................: Microsoft Corporation
product..................: Microsoft_ Windows_ Operating System
internal name............: explorer
copyright................: © Microsoft Corporation. All rights reserved.
original name............: EXPLORER.EXE
file version.............: 6.00.2900.5512 (xpsp.080413-2105)
description..............: Windows Explorer
Portable Executable structural information
PE Sections...................:
Name Virtual Address Virtual Size Raw Size Entropy MD5
.text 4096 281609 282112 6.38 f5a483a72f777fb2693cb4e9901abc27
.data 286720 7604 6144 1.30 983f35021232560eaaa99fcbc1b7d359
.rsrc 294912 754792 755200 6.50 7bb95e8ae1c01a6c863ee211dc8ae5a3
.reloc 1052672 14156 14336 6.78 8ab3b57351c95c8d78540008b9a707bc
PE Imports....................:
msvcrt.dll
_itow, free, memmove, realloc, _except_handler3, malloc, _ftol, _vsnwprintf
SHDOCVW.dll
-, -, -
GDI32.dll
GetStockObject, CreatePatternBrush, OffsetViewportOrgEx, GetLayout, CombineRgn, CreateDIBSection, GetTextExtentPoint32W, StretchBlt, CreateRectRgnIndirect, CreateRectRgn, GetClipRgn, IntersectClipRect, GetViewportOrgEx, SetViewportOrgEx, SelectClipRgn, PatBlt, GetBkColor, CreateCompatibleDC, CreateCompatibleBitmap, OffsetWindowOrgEx, DeleteDC, SetBkColor, BitBlt, ExtTextOutW, GetTextExtentPointW, GetClipBox, GetObjectW, SetTextColor, SetBkMode, CreateFontIndirectW, DeleteObject, GetTextMetricsW, SelectObject, GetDeviceCaps, TranslateCharsetInfo, SetStretchBltMode
ADVAPI32.dll
RegSetValueW, RegEnumKeyExW, GetUserNameW, RegNotifyChangeKeyValue, RegEnumValueW, RegQueryValueExA, RegOpenKeyExA, RegEnumKeyW, RegCloseKey, RegCreateKeyW, RegQueryInfoKeyW, RegOpenKeyExW, RegQueryValueExW, RegCreateKeyExW, RegSetValueExW, RegDeleteValueW, RegQueryValueW
KERNEL32.dll
GetSystemDirectoryW, CreateThread, CreateJobObjectW, ExitProcess, SetProcessShutdownParameters, ReleaseMutex, CreateMutexW, SetPriorityClass, GetCurrentProcess, GetStartupInfoW, GetCommandLineW, SetErrorMode, LeaveCriticalSection, EnterCriticalSection, ResetEvent, LoadLibraryExA, CompareFileTime, GetSystemTimeAsFileTime, SetThreadPriority, GetCurrentThreadId, GetThreadPriority, GetCurrentThread, GetUserDefaultLangID, Sleep, GetBinaryTypeW, GetModuleHandleExW, SystemTimeToFileTime, GetLocalTime, GetCurrentProcessId, GetEnvironmentVariableW, UnregisterWait, GlobalGetAtomNameW, GetFileAttributesW, MoveFileW, lstrcmpW, LoadLibraryExW, FindClose, FindNextFileW, FindFirstFileW, lstrcmpiA, SetEvent, AssignProcessToJobObject, GetDateFormatW, GetTimeFormatW, FlushInstructionCache, lstrcpynW, GetSystemWindowsDirectoryW, SetLastError, GetProcessHeap, HeapFree, HeapReAlloc, HeapSize, HeapAlloc, GetUserDefaultLCID, ReadProcessMemory, OpenProcess, InterlockedCompareExchange, LoadLibraryA, QueryPerformanceCounter, UnhandledExceptionFilter, SetUnhandledExceptionFilter, VirtualFree, VirtualAlloc, ResumeThread, TerminateProcess, TerminateThread, GetSystemDefaultLCID, GetLocaleInfoW, CreateEventW, GetLastError, OpenEventW, DelayLoadFailureHook, WaitForSingleObject, GetTickCount, ExpandEnvironmentStringsW, GetModuleFileNameW, GetPrivateProfileStringW, lstrcmpiW, CreateProcessW, FreeLibrary, GetWindowsDirectoryW, LocalAlloc, CreateFileW, DeviceIoControl, LocalFree, GetQueuedCompletionStatus, CreateIoCompletionPort, SetInformationJobObject, CloseHandle, LoadLibraryW, GetModuleHandleW, ActivateActCtx, DeactivateActCtx, GetFileAttributesExW, GetProcAddress, DeleteCriticalSection, CreateEventA, HeapDestroy, InitializeCriticalSection, MulDiv, InitializeCriticalSectionAndSpinCount, lstrlenW, InterlockedDecrement, InterlockedIncrement, GlobalAlloc, InterlockedExchange, GetModuleHandleA, GetVersionExA, GlobalFree, GetProcessTimes, lstrcpyW, GetLongPathNameW, RegisterWaitForSingleObject
UxTheme.dll
GetThemeBackgroundContentRect, GetThemeBool, GetThemePartSize, DrawThemeParentBackground, OpenThemeData, DrawThemeBackground, GetThemeTextExtent, DrawThemeText, CloseThemeData, SetWindowTheme, GetThemeBackgroundRegion, -, GetThemeMargins, GetThemeColor, GetThemeFont, GetThemeRect, IsAppThemed
BROWSEUI.dll
-, -, -, -
SHELL32.dll
-, -, SHGetFolderPathW, -, -, -, -, -, ExtractIconExW, -, -, -, -, -, -, -, -, -, -, -, -, -, -, SHGetSpecialFolderLocation, ShellExecuteExW, -, -, -, SHGetSpecialFolderPathW, -, -, -, SHBindToParent, -, -, -, SHParseDisplayName, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, SHChangeNotify, SHGetDesktopFolder, SHAddToRecentDocs, -, -, -, DuplicateIcon, -, -, -, -, -, -, -, -, SHUpdateRecycleBinIcon, SHGetFolderLocation, SHGetPathFromIDListA, -, -, -, -, -, -, -, SHGetPathFromIDListW, -, -, -
ntdll.dll
RtlNtStatusToDosError, NtQueryInformationProcess
ole32.dll
CoFreeUnusedLibraries, RegisterDragDrop, CreateBindCtx, RevokeDragDrop, CoInitializeEx, CoUninitialize, OleInitialize, CoRevokeClassObject, CoRegisterClassObject, CoMarshalInterThreadInterfaceInStream, CoCreateInstance, OleUninitialize, DoDragDrop
SHLWAPI.dll
StrCpyNW, -, -, -, -, StrRetToBufW, StrRetToStrW, -, -, -, -, SHQueryValueExW, PathIsNetworkPathW, -, AssocCreate, -, -, -, -, -, StrCatW, StrCpyW, -, -, -, -, -, -, SHGetValueW, -, StrCmpNIW, PathRemoveBlanksW, PathRemoveArgsW, PathFindFileNameW, StrStrIW, PathGetArgsW, -, StrToIntW, SHRegGetBoolUSValueW, SHRegWriteUSValueW, SHRegCloseUSKey, SHRegCreateUSKeyW, SHRegGetUSValueW, SHSetValueW, -, PathAppendW, PathUnquoteSpacesW, -, -, PathQuoteSpacesW, -, SHSetThreadRef, SHCreateThreadRef, -, -, -, PathCombineW, -, -, -, SHStrDupW, PathIsPrefixW, PathParseIconLocationW, AssocQueryKeyW, -, AssocQueryStringW, StrCmpW, -, -, -, -, -, -, -, -, SHRegQueryUSValueW, SHRegOpenUSKeyW, SHRegSetUSValueW, PathIsDirectoryW, PathFileExistsW, PathGetDriveNumberW, -, StrChrW, PathFindExtensionW, -, -, PathRemoveFileSpecW, PathStripToRootW, -, -, -, SHOpenRegStream2W, -, -, -, StrDupW, SHDeleteValueW, StrCatBuffW, SHDeleteKeyW, StrCmpIW, -, -, wnsprintfW, -, -, StrCmpNW, -, -
USER32.dll
TileWindows, GetDoubleClickTime, GetSystemMetrics, GetSysColorBrush, AllowSetForegroundWindow, LoadMenuW, GetSubMenu, RemoveMenu, SetParent, GetMessagePos, CheckDlgButton, EnableWindow, GetDlgItemInt, SetDlgItemInt, CopyIcon, AdjustWindowRectEx, DrawFocusRect, DrawEdge, ExitWindowsEx, WindowFromPoint, SetRect, AppendMenuW, LoadAcceleratorsW, LoadBitmapW, SendNotifyMessageW, SetWindowPlacement, CheckMenuItem, EndDialog, SendDlgItemMessageW, MessageBeep, GetActiveWindow, PostQuitMessage, MoveWindow, GetDlgItem, RemovePropW, GetClassNameW, GetDCEx, SetCursorPos, ChildWindowFromPoint, ChangeDisplaySettingsW, RegisterHotKey, UnregisterHotKey, SetCursor, SendMessageTimeoutW, GetWindowPlacement, LoadImageW, SetWindowRgn, IntersectRect, OffsetRect, EnumDisplayMonitors, RedrawWindow, SubtractRect, TranslateAcceleratorW, WaitMessage, InflateRect, CallWindowProcW, GetDlgCtrlID, SetCapture, LockSetForegroundWindow, SystemParametersInfoW, FindWindowW, CreatePopupMenu, GetMenuDefaultItem, DestroyMenu, GetShellWindow, EnumChildWindows, GetWindowLongW, SendMessageW, RegisterWindowMessageW, GetKeyState, CopyRect, MonitorFromRect, MonitorFromPoint, RegisterClassW, SetPropW, GetWindowLongA, SetWindowLongW, FillRect, GetCursorPos, MessageBoxW, LoadStringW, ReleaseDC, GetDC, EnumDisplaySettingsExW, EnumDisplayDevicesW, PostMessageW, DispatchMessageW, TranslateMessage, GetMessageW, PeekMessageW, PtInRect, BeginPaint, EndPaint, SetWindowTextW, GetAsyncKeyState, InvalidateRect, GetWindow, ShowWindowAsync, TrackPopupMenuEx, UpdateWindow, DestroyIcon, IsRectEmpty, SetActiveWindow, GetSysColor, DrawTextW, IsHungAppWindow, SetTimer, GetMenuItemID, TrackPopupMenu, EndTask, SendMessageCallbackW, GetClassLongW, LoadIconW, OpenInputDesktop, CloseDesktop, SetScrollPos, ShowWindow, BringWindowToTop, GetDesktopWindow, CascadeWindows, CharUpperBuffW, SwitchToThisWindow, InternalGetWindowText, GetScrollInfo, GetMenuItemCount, CreateWindowExW, DialogBoxParamW, MsgWaitForMultipleObjects, CharNextA, RegisterClipboardFormatW, EndDeferWindowPos, DeferWindowPos, BeginDeferWindowPos, PrintWindow, SetClassLongW, GetPropW, GetNextDlgGroupItem, GetNextDlgTabItem, ChildWindowFromPointEx, IsChild, NotifyWinEvent, TrackMouseEvent, GetCapture, GetAncestor, CharUpperW, SetWindowLongA, DrawCaption, ModifyMenuW, InsertMenuW, IsWindowEnabled, GetMenuState, LoadCursorW, GetParent, IsDlgButtonChecked, DestroyWindow, EnumWindows, IsWindowVisible, GetClientRect, UnionRect, EqualRect, GetWindowThreadProcessId, GetForegroundWindow, KillTimer, GetClassInfoExW, DefWindowProcW, RegisterClassExW, GetIconInfo, SetScrollInfo, GetLastActivePopup, SetForegroundWindow, IsWindow, GetSystemMenu, IsIconic, IsZoomed, EnableMenuItem, SetMenuDefaultItem, MonitorFromWindow, GetMonitorInfoW, GetWindowInfo, GetFocus, SetFocus, MapWindowPoints, ScreenToClient, ClientToScreen, GetWindowRect, SetWindowPos, DeleteMenu, GetMenuItemInfoW, SetMenuItemInfoW, CharNextW
OLEAUT32.dll
-, -
First seen by VirusTotal
2012-01-21 23:11:25 UTC ( 3 weeks, 2 days ago )
Last seen by VirusTotal
2012-01-27 00:18:25 UTC ( 2 weeks, 4 days ago )
File names (max. 25)
1.explorer.exe
2.C:\WINDOWS\explorer.exe
3.c:\windows\explorer.exe
4.file-3448407_exe